Vulnérabilité du micrologiciel Intel® AMT

À propos de la vulnérabilité critique du micrologiciel d'administration d'Intel

Dernière mise à jour : 26 mai 2017

Présentation

Le 1er mai, Intel a publié un avis de sécurité concernant une vulnérabilité du micrologiciel (firmware) présent au sein de certains systèmes utilisant Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM) ou Intel® Small Business Technolgy (SBT). Cette vulnérabilité pourrait permettre un accès malveillant à des PC et équipements professionnels utilisant ces technologies. Les PC pour particuliers utilisant un micrologiciel grand public et les serveurs pour datacenters utilisant Intel® Server Platform Services ne sont pas impactés par cette vulnérabilité.

En attendant la disponibilité des mises à jour du micrologiciel, nous demandons instamment aux personnes et aux entreprises qui utilisent des PC et équipements professionnels intégrant AMT, ISM ou SBT d’accomplir les étapes recommandées pour maintenir la sécurité de leurs systèmes et de leurs informations.

Nous comprenons votre inquiétude et avons créé cette page pour vous aider à comprendre le problème, à évaluer la possibilité que votre système soit touché et à prendre les mesures appropriées.

Intel vous informe

26 mai 17 : Informations de sécurité importantes concernant le micrologiciel Intel Manageability ›

Ressources

Ressources fournies par Intel

Page officielle d'Intel sur la sécurité : Informations techniques concernant cette vulnérabilité, produits vulnérables, recommandations concernant les mesures à prendre, liens vers des ressources techniques permettant de détecter cette vulnérabilité et d'en atténuer les risques. Ce document est régulièrement mis à jour.
Conseils d'Intel pour certaines produits Intel® NUC, Intel® Compute Stick et cartes mères Intel® pour PC de bureau.
Guide de détection : Outils et informations pour vous guider dans le processus d'évaluation permettant de déterminer si votre système est vulnérable.
Guide d'atténuation des risques : Outils et informations pour protéger les systèmes concernés par cette vulnérabilité avant d'appliquer une mise à jour du micrologiciel.
Procédure de déploiement du micrologiciel : Informations et étapes de la procédure de déploiement du micrologiciel système mis à jour.

Service client Intel

Assistance en ligne : http://www.intel.com/supporttickets
Téléphone aux États-Unis Canada ou Amérique latine : (916) 377-7000
Numéros de téléphone pour la région Europe, Moyen-Orient, Afrique
Numéros de téléphone pour la région Asie-Pacifique

Ressources fournies par les fabricants d'ordinateurs

Les fabricants d'ordinateurs publient des informations spécifiques à leurs produits, notamment sur la disponibilité des mises à jour du micrologiciel. Vous trouverez les conseils de certains fabricants sur les sites Web suivants :

Acer - https://us.answers.acer.com/app/answers/detail/a_id/47605
ASUS - https://www.asus.com/News/uztEkib4zFMHCn5
Dell Client - http://en.community.dell.com/techcenter/extras/m/white_papers/20443914
Dell EMC - http://en.community.dell.com/techcenter/extras/m/white_papers/20443937
Fujitsu - http://www.fmworld.net/globalpc/intel_firmware
Getac - http://intl.getac.com/aboutgetac/activities/activities_2017051648.html
Gigabyte — https://www.gigabyte.com/Press/News/1562
HP Enterprise - http://h22208.www2.hpe.com/eginfolib/securityalerts/CVE-2017-5689-Intel/CVE-2017-5689.html
HP Inc. - http://www8.hp.com/us/en/intelmanageabilityissue.html
Intel - NUC, Compute Stick et cartes mères pour PC de bureau
Lenovo - https://support.lenovo.com/us/en/product_security/LEN-14963
Panasonic - http://pc-dl.panasonic.co.jp/itn/info/osinfo20170512.html
Samsung - http://www.samsung.com/uk/support/intel_update/
Toshiba - http://go.toshiba.com/intelsecuritynotice

FAQ

Forum aux questions

1. What is the problem?

On May 1, Intel published a security advisory regarding a firmware vulnerability in certain systems that utilize Intel® Active Management Technology (Intel® AMT), Intel® Standard Manageability (Intel® ISM), or Intel® Small Business Technology (Intel® SBT). The vulnerability is potentially very serious, and could enable a network attacker to remotely gain access to businesses PCs and workstations that use these technologies. We urge people and companies using business PCs and devices that incorporate Intel® AMT, Intel® ISM or Intel® SBT to apply a firmware update from your equipment manufacturer when available, or to follow the steps detailed in the mitigation guide.

2. What are Intel® Active Management Technology (Intel® AMT), Intel® Standard Manageability (Intel® ISM), or Intel® Small Business Technology (Intel® SBT)?

Intel® AMT and Intel® ISM are remote management tools typically used by system administrators at large organizations to manage large numbers of computers. Intel® SBT is a similar technology typically used by small and medium sized businesses with fewer devices to manage. All of these systems incorporate Intel manageability firmware.

3. Are servers impacted by this vulnerability?

Data center servers using Intel® Server Platform Services are not affected by this vulnerability. If you are uncertain, you should evaluate your systems to make sure they are secured against this vulnerability. Please see our detection guide for tools and instructions (currently available only for Microsoft Windows* operating systems). If your system is vulnerable, we strongly recommend applying the steps detailed in the mitigation guide, and applying a firmware update from your equipment manufacturer when available.

4. Are consumer PCs impacted by this vulnerability?

Consumer PCs with consumer firmware are not impacted by this vulnerability. If you are uncertain as to whether your system is vulnerable, or just want to be sure, please see our detection guide for tools and instructions, or contact Intel Customer Service.

5. Is a fix available?

We have implemented and validated a firmware update to address the problem, and we are cooperating with equipment manufacturers to make it available to end-users as soon as possible. Please check with your computer manufacturer for availability of firmware updates for your specific systems and other details. Computer manufacturers are publishing information specific to their products, including availability of firmware updates. Advisories for some manufacturers can be found at the following websites:

Acer — https://us.answers.acer.com/app/answers/detail/a_id/47605
ASUS — https://www.asus.com/News/uztEkib4zFMHCn5
Dell Client — http://en.community.dell.com/techcenter/extras/m/white_papers/20443914
Dell EMC — http://en.community.dell.com/techcenter/extras/m/white_papers/20443937
Fujitsu — http://www.fmworld.net/globalpc/intel_firmware
Getac — http://intl.getac.com/aboutgetac/activities/activities_2017051648.html
Gigabyte — https://www.gigabyte.com/Press/News/1562
HP Enterprise — http://h22208.www2.hpe.com/eginfolib/securityalerts/CVE-2017-5689-Intel/CVE-2017-5689.html
HP Inc. — http://www8.hp.com/us/en/intelmanageabilityissue.html
Intel — NUC, Compute Stick, and Desktop Boards
Lenovo — https://support.lenovo.com/us/en/product_security/LEN-14963
Panasonic — http://pc-dl.panasonic.co.jp/itn/info/osinfo20170512.html
Samsung — http://www.samsung.com/uk/support/intel_update/
Toshiba — http://go.toshiba.com/intelsecuritynotice

6. What if I have a vulnerable system for which no fix is available?

Until firmware updates are available, systems administrators can take the mitigation steps detailed in the mitigation guide published under our security advisory. Consumers or others who need support securing vulnerable systems can contact Intel Customer Support.

7. I have applied all of the recommended mitigations and have no need to provision Intel® AMT, Intel® ISM or Intel® SBT. Do I still need to patch my systems?

Yes, you should still apply firmware updates if they are available for your systems. The mitigations help to protect systems that have the vulnerability, but they do not address the underlying vulnerability. To resolve this vulnerability issue, we urge people and companies using business PCs and devices that incorporate Intel® AMT, Intel® ISM or Intel® SBT to apply any available firmware updates from your equipment manufacturer as soon as possible. Please check with your computer manufacturer for availability of firmware updates for your specific systems and other details.

8. I have applied all of the recommended mitigations. Why does the discovery tool still report that my system is vulnerable?

The mitigations help to protect systems that have the vulnerability, but they do not address the underlying vulnerability. The discovery tool will report a system as vulnerable until the system is updated to include an AMT firmware version that removes the vulnerability. To resolve this vulnerability issue, we urge people and companies using business PCs and devices that incorporate Intel® AMT, Intel® ISM or Intel® SBT to apply any available firmware updates from your equipment manufacturer as soon as possible. Please check with your computer manufacturer for availability of firmware updates for your specific systems and other details.

9. Where can I go for help?

Computer manufacturers are publishing information specific to their products, including availability of firmware updates. Advisories for some manufacturers can be found at the following websites:

Acer —https://us.answers.acer.com/app/answers/detail/a_id/47605
ASUS — https://www.asus.com/News/uztEkib4zFMHCn5
Dell Client — http://en.community.dell.com/techcenter/extras/m/white_papers/20443914
Dell EMC — http://en.community.dell.com/techcenter/extras/m/white_papers/20443937
Fujitsu — http://www.fmworld.net/globalpc/intel_firmware
Getac — http://intl.getac.com/aboutgetac/activities/activities_2017051648.html
Gigabyte — https://www.gigabyte.com/Press/News/1562
HP Enterprise — http://h22208.www2.hpe.com/eginfolib/securityalerts/CVE-2017-5689-Intel/CVE-2017-5689.html
HP Inc. — http://www8.hp.com/us/en/intelmanageabilityissue.html
Intel — NUC, Compute Stick, and Desktop Boards
Lenovo — https://support.lenovo.com/us/en/product_security/LEN-14963
Panasonic — http://pc-dl.panasonic.co.jp/itn/info/osinfo20170512.html
Samsung — http://www.samsung.com/uk/support/intel_update/
Toshiba — http://go.toshiba.com/intelsecuritynotice

Consumers or others who need support securing vulnerable systems can contact Intel Customer Support. Online support is available at http://www.intel.com/supporttickets. To contact Intel Customer Support by phone in the US, Canada, or Latin America call (916) 377-7000. Europe, Middle East and Africa support phone numbers can be found here. Asia Pacific support phone numbers can be found here.

10. I am a consumer but I use a business PC or workstation. What should I do?

You should evaluate your systems to make sure they are secured against this vulnerability. Please see our detection guide for tools and instructions. If your system is vulnerable, we strongly recommend applying the steps detailed in the mitigation guide, and applying a firmware update from your equipment manufacturer when available. Contact Intel Customer Service if you need support.

11. I run a small business with business PCs. What should I do?

12. I have a business PC or workstation issued by my employer. What should I do?

In most cases, companies that issue PCs to employees will have systems administrators or IT professionals who manage updates and security for employees’ computers. You should speak to your company's IT department before taking any action with your PC with regard to this situation.

13. I use a consumer PC but I see manageability elements on it. What should I do?

If you are a consumer and you believe you may have purchased a PC with these capabilities, then you should evaluate your system to make sure it is secured against this vulnerability. Please see our detection guide for tools and instructions. If your system is vulnerable, we strongly recommend applying the steps detailed in the mitigation guide, and applying a firmware update from your equipment manufacturer when available. Contact Intel Customer Service if you need support.

14. Is this a bug in the processor? If so, how can you fix it?

This is a vulnerability in the Intel® chipset firmware, not in the physical design of a processor. It can be addressed by applying a firmware update from your equipment manufacturer when available, or by applying the steps detailed in the mitigation guide.

15. What do you do to ensure the security of your products?

Intel has a set of policies, procedures, and practices called the Security Development Lifecycle (SDL) to help ensure our products meet specifications and security requirements. While no system is foolproof, there are mechanisms in place for Intel to work with computer manufacturers to address vulnerabilities should the need arise. When we receive reports of potential vulnerabilities in Intel® products, we work hard to assess them and respond appropriately so we can continue providing the security for our customers.

Voir plus Voir moins

Présentation
actualité
ressources