Threat Update: Intel Firmware Vulnerability (Updated)
May 8, 2017
Intel has released recommendations to address a recent vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect Intel-based consumer PCs. An attacker could exploit this vulnerability to take control of an affected system.
Users and administrators are encouraged to review Intel Security Advisory INTEL-SA-00075 and updated mitigations and tools:
- Mitigation Guide v1.2 (May 5, 2017)
- Discovery Tool v220.127.116.11 (May 5, 2017)
- Unprovisioning Tool v1.0 (May 6, 2017)
Herjavec Group aligns with the US-CERT recommend that users and administrators review Vulnerability Note VU#491375 for additional information and refer to their original equipment manufacturer (OEM) for updated firmware.
For more information, please contact a Herjavec Group security specialist today.
Herjavec Group circulates US – CERT advisories as this notification warrants attention and may have significance to your Enterprise network environment. If the following advisory is applicable to your environment, Herjavec Group recommends your IT team review the technical details included and monitor your environment for any susceptible systems. Herjavec Group’s analysts are working with applicable vendor partners to apply detection and mitigation strategies where appropriate. For Managed Services customers, our Managed Services team will engage with the appropriate technical contacts in your respective organizations directly to provide alerts, escalations, actions and or reports based our service agreement with you. If you have questions or concerns, please engage your Herjavec Group account representative directly or contact Herjavec Group.