[coreboot] Remote security exploit in all 2008+ Intel platforms

persmule persmule at gmail.com
Mon May 1 18:16:52 CEST 2017


We could just remove or cleanse <https://github.com/corna/me_cleaner>
the ME to seal this loophole.

在 2017年05月02日 00:13, Sam Kuper 写道:
> On 01/05/2017, Shawn <citypw at gmail.com> wrote:
>> https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/
> The piece states, "on April 25, Intel released a firmware fix for this
> unnamed issue. It affects every Intel machine from Nehalem in 2008 to
> Kaby Lake in 2017."
>
> Has anyone here got a link describing or including the fix, either
> directly from Intel, or from an OEM? At the moment, there are no
> advisories listed at https://security-center.intel.com/advisories.aspx
> newer than April 3, so presumably either the piece is false, or else
> the firmware fix was released to OEMs but not publicly.
>
> Discussion elsewhere:
>
> https://news.ycombinator.com/item?id=14237266
>
> https://www.reddit.com/r/linux/comments/68ma1a/every_intel_platform_with_amt_ism_and_sbt_from/
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot/attachments/20170502/0d1931c9/attachment.html>


More information about the coreboot mailing list