Intel發布韌體更新來修補CPU漏洞,近三年CPU可能受影響,自我檢測方式詳內文
Intel在昨天發布了Intel® Management Engine Critical Firmware Update (Intel SA-00086)更新,修補了存在於下列CPU firmware的漏洞。
- Intel® Management Engine (Intel® ME)
- Intel® Trusted Execution Engine (Intel® TXE)
- Intel® Server Platform Services (SPS)
IThome新聞連結:https://www.ithome.com.tw/news/118487
Intel官方說明文件:https://www.intel.com/content/www/us/en/support/articles/000025619/software.html
Intel已經將更新程式release至使用Intel CPU的各大PC、Server、IoT 製造商,並且提供一套檢測軟體供使用者自我檢測。
修補漏洞主要是減少駭客入侵的管道與機會,來降低電腦或資料被駭的風險,因此強烈建議各位一有更新的時候盡快做更新。
但是由於目前Intel也才剛提供更新給製造商,具體更新可能要等各製造商釋出才有辦法更新,例如我剛才看了一下Dell, Acer基本上release date那個欄位都還是TBD,細節可點下方各製造商頁面查詢。
(目前看起來各大品牌廠都還沒辦法提供更新,可能再等幾天就會陸續是release update)
- 系統使用Intel ME Firmware versions 11.0.0 至 11.7.0, SPS Firmware version 4.0, and TXE version 3.0 受到影響,如下CPU就是使用這些firmware版本:
- 6th, 7th, and 8th generation Intel® Core™ Processor Family
- Intel® Xeon® Processor E3-1200 v5 and v6 Product Family
- Intel® Xeon® Processor Scalable Family
- Intel® Xeon® Processor W Family
- Intel Atom® C3000 Processor Family
- Apollo Lake Intel Atom® Processor E3900 series
- Apollo Lake Intel® Pentium® Processors
- Intel® Celeron® N and J series Processors
- Intel-SA-00086 Detection Tool 檢測軟體下載 (Windows & Linux):https://downloadcenter.intel.com/download/27150
- 關於本次更新,連結至您的製造商查看進一步更新方式:
| 注意 | 若您的廠商未列於下表,請自行聯繫您的廠商確認是否有更新。 |
- Acer: Support Information
- Compulab: Support Information
- Dell Client: Support Information
- Dell Server: Support Information
- Fujitsu: Support Information
- Getac: Support Information
- HPE Servers: Support Information
- Intel® NUC, Intel® Compute Stick, and Intel® Compute Card: Support Information
- Lenovo: Support Information
- Panasonic: Support Information
- Quanta/QCT: Support Information
- Toshiba: Support Information
