2017-11-26

Intel announces vulnerability in firmware

   INTEL SA-00086 Detection Tool Results
A late development in the hardware security arena revolves around the security alert issued by Intel regarding management firmware on a number of recent workstation, server, and Internet-of-Things processor platforms being vulnerable to remote attack.

Luckily, remote management of processors isn't really something I value on a workstation so while at work this is more of an ominous announcement I ran a few tests on networked standalones at the crib which all test as not vulnerable.

I'll be checking my server boxes along and along but I really don't envision those being problematic either as they likewise do not contain the remote management features.

I'm more of a manual hands on type of guy and simply didn't feel the need for any integrated lights out management or integrated management modules behind the firewall.

There are another of these embedded systems on the Oracle boxes at work and I feel a good testing rolling on out next week.

Sometimes the simpler place in time renders more inherent security because you have to "go there" to do something.