Intel issues firmware security patches for several products

PARCA eNews – Nov. 22, 2017 – In response to outside researchers, Intel conducted a security review of several of its most popular business platforms. The result is a update for the Intel Management Engine, Intel Server Platform Services and Intel Trusted Execution Engine.

The security review identified ways an attacker could gain unauthorized access to the platforms that would allow the attacker to impersonate the ME/SPS/TXE, which could compromise local security feature attestation validity. They also identified the potential for loading and executing arbitrary code undetected by the user and operating system, or cause system crashes or instability.
The affected products included:

• 6th, 7th & 8th Generation Intel® Core™ Processor Family 
• Intel® Xeon® Processor E3-1200 v5 & v6 Product Family 
• Intel® Xeon® Processor Scalable Family 
• Intel® Xeon® Processor W Family 
• Intel® Atom® C3000 Processor Family 
• Apollo Lake Intel® Atom Processor E3900 series 
• Apollo Lake Intel® Pentium™ 
• Celeron™ N and J series Processors 

The full list and summary of the security vulnerability was added to the Intel Security Center webpage.

For more information contact Intel support.