Intel Management Engine vulnerability INTEL-SA-00086 and how to detect vulnerable systems in Configuration Manager

Intel published a new vulnerability on 11/20/17 around Intel® Management Engine (ME): INTEL-SA-00086 causing Elevation of Privilege (EoP), Remote Code Execution (RCE) or Denial of Service (DoS).
Intel published also a detection tool to run on clients. The detection tool is creating registry values about the vulnerability state of a client.
To check the status of the clients in an enterprise:

Download the tool
Create a package and run program “Intel-SA-00086-console.exe -c” on all clients
Create a Configuration Item
Deploy the CI in a Configuration Baseline
Get the collection of all vulnerable clients

blog_ME_CI

blog_ME_CI_compliance

blog_ME_CI_result

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

End-User Computing

Managed Enterprise Workspace

Intel Management Engine vulnerability INTEL-SA-00086 and how to detect vulnerable systems in Configuration Manager

Leave a Reply Cancel reply

Share this:

Like this:

Related

Leave a Reply Cancel reply