Intel CPU 存在安全漏洞的安全警告 - 2017

Intel CPU 的安全性漏洞發布,不過... 目前還沒看到 Linux 該怎麼 patch (某些大廠於 Windows 有出 Patch)

Patch 過 BIOS、firmware (韌體)... 還沒 Patch 過 CPU,也不知道 CPU 的漏洞該怎麼玩,先紀錄如何查看是否有漏洞的方式就好。

Intel CPU 存在安全漏洞的安全警告 - 2017

Intel CPU 的漏洞,沒補過,不知道該怎麼補,總是一個新的嘗試,先看看新聞:

Intel CPU 偵測是否有漏洞的工具 與 韌體更新

Intel SA-00086 的偵測工具與韌體

  1. 下載 Intel-SA-00086 偵測工具
    • sudo ./intel_sa00086.py # 沒問題
      INTEL-SA-00086 Detection Tool
      Copyright(C) 2017, Intel Corporation, All rights reservedApplication Version: 1.0.0.128
      Scan date: 2017-11-22 14:43:29 GMT*** Host Computer Information ***
      Name: www
      Manufacturer: System manufacturer
      Model: System Product Name
      Processor Name: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
      OS Version: debian 9.2 (4.9.0-3-amd64)*** Intel(R) ME Information ***
      Engine: Intel(R) Management Engine
      Version: 8.1.2.1318
      SVN: 0*** Risk Assessment ***
      Based on the analysis performed by this tool: This system is not vulnerable.
    • sudo ./intelsa00086.py # 有問題
      INTEL-SA-00086 Detection Tool
      Copyright(C) 2017, Intel Corporation, All rights reservedApplication Version: 1.0.0.128
      Scan date: 2017-11-22 14:43:40 GMT*** Host Computer Information ***
      Name: asus
      Manufacturer: System manufacturer
      Model: System Product Name
      Processor Name: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz OS Version: debian 9.2 (4.9.0-4-amd64)*** Risk Assessment ***
      Detection Error: This system may be vulnerable, please install the Intel(R) MEI/TXEI driver (available from your system manufacturer).For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link:
      https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr
  2. 有問題的話,再來Intel® 管理引擎重要的韌體更新 (Intel SA-00086)下載韌體更新 (需要於此,再連到各個廠商去下載)

作者: Tsung

對新奇的事物都很有興趣, 喜歡簡單的東西, 過簡單的生活.

發表迴響

這個網站採用 Akismet 服務減少垃圾留言。進一步了解 Akismet 如何處理網站訪客的留言資料