Intel published a new vulnerability on 11/20/17 around Intel® Management Engine (ME): INTEL-SA-00086 causing Elevation of Privilege (EoP), Remote Code Execution (RCE) or Denial of Service (DoS).
Intel published also a detection tool to run on clients. The detection tool is creating registry values about the vulnerability state of a client.
To check the status of the clients in an enterprise:
- Download the tool
- Create a package and run program “Intel-SA-00086-console.exe -c” on all clients
- Create a Configuration Item
- Deploy the CI in a Configuration Baseline
- Get the collection of all vulnerable clients