Jump to content
Amaroq_Starwind

Intel Processor Detection and Mitigation Results

Recommended Posts

So, I was using the Intel Detection and Mitigation Tool on my Latitude E6510 (running Windows 10 Pro, 1809 32-Bit), and I got the following results:

 

Spoiler

 

Risk Assessment

Based on the analysis performed by this tool, this system is vulnerable.

Explanation:
The detected version of the Management Engine firmware is considered vulnerable for INTEL-SA-00075.

If Vulnerable, contact your OEM for support and remediation of this system.
For more information, refer to CVE-2017-5689 in the following link: CVE-2017-5689
or the Intel security advisory Intel-SA-00075 in the following link: INTEL-SA-00075

INTEL-SA-00075 Detection Tool

Application Version: 1.0.3.215
Scan date: 2018-12-12 07:47:15

Host Computer Information

Name: CONSTITUTION
Manufacturer: Dell Inc.
Model: Latitude E6510
Processor Name: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz
Windows Version: Microsoft Windows 10 Pro

ME Information

Version: 6.1.0.1042
SKU: Intel(R) Full AMT Manageability
Provisioning Mode: Not Provisioned
Control Mode: None
Is CCM Disabled: True
Driver installation found: True
EHBC Enabled: False
LMS service state: Running
microLMS service state: NotPresent
Is SPS: False

 

Any suggestions for dealing with this? Alternatively, anyone got their own results to share?

The tool can be downloaded here:

https://downloadcenter.intel.com/download/26755

 

 

Share this post


Link to post
Share on other sites

Run;  DXDIAG

It will show the information as the below example from my Dell Latitude E5430 shows.

DXdiag.jpg.f87f02061cf482c402510fa623c6dbcf.jpg

Share this post


Link to post
Share on other sites

It's a notebook.  Swapping hard disks is easy.  Each hard disk represents a different OS.

 

Share this post


Link to post
Share on other sites

If it's one of the many IME vulnerabilities in the firmware, you'll have to contact your machine's manufacturer for an up to date BIOS, assuming they've released one which includes the patch for it as it can't be mitigated within Windows (it requires Intel's microcode which includes the patch, which can only be installed through a BIOS/firmware update, which can only come from the system/motherboard manufacturer as Intel doesn't provide them to end users (I've dealt with similar issues with my own Kaby Lake system/CPU).

Share this post


Link to post
Share on other sites
2 hours ago, David H. Lipman said:

It's a notebook.  Swapping hard disks is easy.  Each hard disk represents a different OS.

Ah! that explains it... thanks

Share this post


Link to post
Share on other sites

Yes and No.

On 12/12/2018 at 10:10 AM, David H. Lipman said:

What E6510 BIOS version do you have ?

What is it ?

Share this post


Link to post
Share on other sites

Still need to check, hold on. I suppose you should probably just close this thread for the time being, as I keep getting sidetracked with other time-critical stuff, I know what to do now, the system will still have glaring vulnerabilities in it after patching, etc.

Sorry for wasting your time. When I have the BIOS information I need, I’ll send a private message to a moderator.

Share this post


Link to post
Share on other sites

It doesn't work that way.  You don't start a request for information and not go through with what's requested of you.

Instead of posting all the Malwarebytes' product suggestions you have made, here's my suggestion...

Finish what you start.

 

 

Share this post


Link to post
Share on other sites

Okay, jeeze, sorry! Like I said, I got extremely busy with time-critical stuff. Anyways, here's the data.

"Default System BIOS" doesn't tell me a whole lot, but this is a pretty freaking old computer...
 

Spoiler

LATITUDE.PNG.dd81adaebc413cee2256e49dfbe7e207.PNG

 

DxDiag.txt

Share this post


Link to post
Share on other sites

Thank you. 

I don't know why the BIOS version isn't shown.  I chose DXDIAG because DXDIAG is native.

Download HWINFO - https://www.hwinfo.com/

It will show the BIOS version as shown below...

Image.jpg.f3251f709d85003f583b66a5dbe26bb4.jpg

BTW:  A Latitude "D" or "C" series would be considered "pretty freaking old".  Not the "E" series.

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar

Share this post


Link to post
Share on other sites

Thank you.  The system is at BIOS A04

That's why the PC is vulnerable as stated in Post #1

It also shows that this is an early released platform that probably was never updated.

Dell Latitude E6510 BIOS A17 was specifically created for Intel ME Firmware to address security advisory CVE-2017-5689 / INTEL-SA-00075

The objective is to first try to go straight to BIOS version A17
https://downloads.dell.com/FOLDER04330177M/1/Latitude_E6510_A17.exe

If that is not possible because prerequisite BIOS' need to be installed first, then install P02 and then A10 and then finally A17

EDIT:

On second thought, if you are at version A04 and a prerequisite BIOS is needed prior to going to A17, then P02 may be contraindicated.

 

 

 

 

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar

Share this post


Link to post
Share on other sites

Thanks. A09 installed successfully, but A10 and A17 keep throwing up errors about not being able to deliver the payload, or something like that. And then the screen went completely black after an Apple software update attempted to install, and I was forced to perform a hard reboot. Still waiting for the computer to come back to life...

Share this post


Link to post
Share on other sites

If you can't get the latest installed and can't find the prerequisite you'll likely have to contact Dell support to assist.  Hopefully they can either provide the missing BIOS update or at least a workaround of some kind to get the latest installed.

Share this post


Link to post
Share on other sites

Finally got the final one installed... A17. Can't wait to play around with the new BIOS settings. I'll also attach my new detection results screenshot in a bit. Thank you!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.