[German]If you are using the INTEL-SA-00086 Detection Tool to analyze the computer for vulnerabilities, you should update the tool. Older versions do not recognize certain vulnerabilities.
Advertising
I've introduced the INTEL-SA-00086 detection tool within my German blog post Neuer Bug in Intels Management Engine (Intel SA-00086) a while ago. It scans computers with Intel CPU and shows whether it has found vulnerabilities.
A German blog reader mentioned within a comment that old versions of this tool doesn't recognise serveral vulnerabilities. The Intel download page mentions that:
Note: Versions of the INTEL-SA-00086 Detection Tool earlier than 1.0.0.146 did not check for CVE-2017-5711 and CVE-2017-5712. These CVE's only affect systems with Intel® Active Management Technology (Intel® AMT) version 8.x-10.x. Users of systems with Intel AMT 8.x-10.x are encouraged to install version 1.0.0.146, or later, to help verify the status of their system in regards to the INTEL-SA-00086 Security Advisory.
CVE-2017-5711 and CVE-2017-5712 are addressing vulnerabilities in Intel's Active Management Technology (AMT). So it's a good pratice, to download the most recent version of this tool from this Intel download site before starting a diagnosis.
But I also should mentions, that this Intel tool doesn't satisfy security experts. I received a harsh comment to my German blog post, that recommends to dump this tool. The reason: It's vulnerable to DLL hijacking as described here for some other stuff.
Advertising
