[nSLUG] BIOS updating

George N. White III gnwiii at gmail.com
Wed Jun 14 11:00:59 ADT 2017


On 14 June 2017 at 08:16, Joel Maxuel <j.maxuel at gmail.com> wrote:

> Thanks Dave.  I missed the memo on the active IME exploit.
>
> May not be much help to me anyway, based on the summary of changes for my
> latest MoBo update:
> http://support.lenovo.com/ca/en/downloads/ds029265
>
> I can check to see how bad it is, and what steps I can take tonight:
> https://github.com/intel/INTEL-SA-00075-Linux-
> Detection-And-Mitigation-Tools
>
> Thank you again.
>

Some US Government employees were told to get rid of their Lenovo laptops
last fall.  Then in
May Lenovo released Intel Management Engine Firmware 9.5 for my SSC issued
laptop -- makes me wonder if US Gov't knew about IME exploits before they
were made public,
and if there are active exploits that still aren't public.

Some articles suggest IME isn't an issue for linux users unless you use a
high-end server
farm that uses Intel's management tools, (possibly Google apps). That
doesn't mean high-end
malware won't leverage IME, but probably only after gaining full control of
the system.   For
home linux systems there may not be much to be gained from IME based
exploits, but it
sounds like something TLA agencies would use, so will probably escape to
malware
sooner or later.

-- 
George N. White III <aa056 at chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nslug.ns.ca/pipermail/nslug/attachments/20170614/cdfad848/attachment.html>


More information about the nSLUG mailing list