Update your INTEL-SA-00086 Detection Tool

[German]If you are using the INTEL-SA-00086 Detection Tool to analyze the computer for vulnerabilities, you should update the tool. Older versions do not recognize certain vulnerabilities.


I’ve introduced the INTEL-SA-00086 detection tool within my German blog post Neuer Bug in Intels Management Engine (Intel SA-00086) a while ago. It scans computers with Intel CPU and shows whether it has found vulnerabilities.

Intel ME-Detection Tool

A German blog reader mentioned within a comment that old versions of this tool doesn’t recognise serveral vulnerabilities. The Intel download page mentions that:

 Note: Versions of the INTEL-SA-00086 Detection Tool earlier than did not check for CVE-2017-5711 and CVE-2017-5712. These CVE’s only affect systems with Intel® Active Management Technology (Intel® AMT) version 8.x-10.x. Users of systems with Intel AMT 8.x-10.x are encouraged to install version, or later, to help verify the status of their system in regards to the INTEL-SA-00086 Security Advisory.

CVE-2017-5711 and CVE-2017-5712 are addressing vulnerabilities in Intel’s Active Management Technology (AMT). So it’s a good pratice, to download the most recent version of this tool from this Intel download site before starting a diagnosis.

But I also should mentions, that this Intel tool doesn’t satisfy security experts. I received a harsh comment to my German blog post, that recommends to dump this tool. The reason: It’s vulnerable to DLL hijacking as described here for some other stuff.

This entry was posted in Security, Update and tagged , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *