Results 1 to 2 of 2
  1. #1
    ROG Guru: Yellow Belt Array raju2529 PC Specs
    raju2529 PC Specs
    Laptop (Model)R542UQ-DM153 ( X542UQ.305 )
    MotherboardAsus motherboard
    ProcessorIntel core i5 7200u @2.5Ghz
    Memory (part number)Adata 2400 Mhz 16GB
    Graphics Card #1intel Hd 620 graphics 1GB DDR3
    Graphics Card #2Nvidia GeForce 940MX 2GB GDDR5
    Graphics Card #3nil
    Graphics Card #4nil
    Sound CardRealtek HD Audio controller with codec 294
    MonitorLcd monitor
    Storage #1Samsung 850 Evo 250GB SSD M.2. 2280
    Storage #2Seagate 2TB 2.5inch. Toshiba 1TB 2.5 inch
    CPU CoolerBuilt-in
    Casefrom factory
    Power Supply65W
    Keyboard Built in keyboard
    Mouse Built in mouse
    Headset Philips HeadSet
    Mouse Pad nil
    Headset/Speakers Realtek with ice sound
    OS Windows 10 Insider Preview 64bit 1903build no 18950.1001
    Network RouterBsnl Wi-Fi modem with router
    Accessory #1 Dell Mouse
    Accessory #2 Laptop Cooling table with fan
    Accessory #3 Secureye Usb finger print scanner

    Join Date
    Feb 2018
    Reputation
    10
    Posts
    133

    IntelŪ CSME, IntelŪ SPS, IntelŪ TXE, IntelŪ DAL, and IntelŪ AMT 2019.1 QSR Advisory

    Multiple potential security vulnerabilities in IntelŪ Converged Security & Management Engine (IntelŪ CSME), IntelŪ Server Platform Services (IntelŪ SPS), IntelŪ Trusted Execution Engine Interface (IntelŪ TXE), IntelŪ Dynamic Application Loader (IntelŪ DAL), and IntelŪ Active Management Technology (IntelŪ AMT) may allow escalation of privilege, information disclosure, and/or denial of service. Intel is releasing IntelŪ CSME, IntelŪ SPS, IntelŪ TXE, and IntelŪ AMT updates to mitigate these potential vulnerabilities.

    Vulnerability Details:
    CVEID: CVE-2019-0089
    Description: Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access.


    CVEID: CVE-2019-0090
    Description: Insufficient access control vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access.


    CVEID: CVE-2019-0086
    Description: Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.







    CVEID: CVE-2019-0091
    Description: Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.


    CVEID: CVE-2019-0092
    Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.


    CVEID: CVE-2019-0093
    Description: Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access.


    CVEID: CVE-2019-0094
    Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.

    CVEID: CVE-2019-0096
    Description: Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access.

    CVEID: CVE-2019-0097
    Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.


    CVEID: CVE-2019-0098
    Description: Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.


    CVEID: CVE-2019-0099
    Description: Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.


    CVEID: CVE-2019-0153
    Description: Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.


    CVEID: CVE-2019-0170
    Description: Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.


    IntelŪ CSME, IntelŪ Active Management Technology, and IntelŪ DAL
    Please update intel management firmware version with respective intel core processors
    Updated IntelŪ CSME Firmware Version
    11.8.65.xxxx
    11.11.65.xxxx
    11.22.65.xxxx
    12.0.35.xxxx

    IntelŪ Server Platform Services before versions
    Please update IntelŪ Server Platform Services Firmware Version
    SPS_E3_05.00.04.027.0.


    IntelŪ Trusted Execution Engine
    Please update IntelŪ Trusted Execution Engine
    Updated IntelŪ Trusted Execution Engine Firmware Version

    3.1.65.xxxx
    4.0.15.xxxx

    for more information visit intel security website
    https://www.intel.com/content/www/us...-sa-00213.html


    download intel management firmware from win-riad official website
    https://www.win-raid.com/t596f39-Int...tem-Tools.html

  2. #2
    ROG Guru: Yellow Belt Array raju2529 PC Specs
    raju2529 PC Specs
    Laptop (Model)R542UQ-DM153 ( X542UQ.305 )
    MotherboardAsus motherboard
    ProcessorIntel core i5 7200u @2.5Ghz
    Memory (part number)Adata 2400 Mhz 16GB
    Graphics Card #1intel Hd 620 graphics 1GB DDR3
    Graphics Card #2Nvidia GeForce 940MX 2GB GDDR5
    Graphics Card #3nil
    Graphics Card #4nil
    Sound CardRealtek HD Audio controller with codec 294
    MonitorLcd monitor
    Storage #1Samsung 850 Evo 250GB SSD M.2. 2280
    Storage #2Seagate 2TB 2.5inch. Toshiba 1TB 2.5 inch
    CPU CoolerBuilt-in
    Casefrom factory
    Power Supply65W
    Keyboard Built in keyboard
    Mouse Built in mouse
    Headset Philips HeadSet
    Mouse Pad nil
    Headset/Speakers Realtek with ice sound
    OS Windows 10 Insider Preview 64bit 1903build no 18950.1001
    Network RouterBsnl Wi-Fi modem with router
    Accessory #1 Dell Mouse
    Accessory #2 Laptop Cooling table with fan
    Accessory #3 Secureye Usb finger print scanner

    Join Date
    Feb 2018
    Reputation
    10
    Posts
    133

    On 10-06-2019 , i installed latest Bios frmware X542UQ.309 to laptop which contains latest intel cpu microcode B4 . and almosyt many security flaws are fixed

    .Click image for larger version. 

Name:	bios...JPG 
Views:	0 
Size:	150.7 KB 
ID:	80682
    Last edited by raju2529; 06-15-2019 at 01:07 AM.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •