Intel® security update

Number: AV17-173
Date: 21 November 2017

Purpose

The purpose of this advisory is to bring attention to a recently published security update by Intel®.

Assessment

Intel® has released a security update to address multiple vulnerabilities in Intel® Management Engine (ME), Intel® Server Platform Services (SPS), and Intel® Trusted Execution Engine (TXE) products.

Products Affected:

  • 6th, 7th & 8th Generation Intel® Core™ Processor Family
  • Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
  • Intel® Xeon® Processor Scalable Family
  • Intel® Xeon® Processor W Family
  • Intel® Atom® C3000 Processor Family
  • Apollo Lake Intel® Atom Processor E3900 series
  • Apollo Lake Intel® Pentium™
  • Celeron™ N and J series Processors

CVE References: CVE-2017-5705, CVE-2017-5706, CVE-2017-5707, CVE-2017-5708, CVE-2017-5709, CVE-2017-5710, CVE-2017-5711, CVE-2017-5712

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

Intel Q3’17 ME 11.x, SPS 4.0, and TXE 3.0 Security Review Cumulative Update
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

Date modified: