Results 1 to 2 of 2
  1. #1
    ROG Guru: White Belt Array raju2529 PC Specs
    raju2529 PC Specs
    Laptop (Model)R542UQ-DM153 ( X542UQ.305 )
    MotherboardAsus motherboard
    ProcessorIntel core i5 7200u @2.5Ghz
    Memory (part number)Adata 2400 Mhz 16GB
    Graphics Card #1intel Hd 620 graphics 1GB DDR3
    Graphics Card #2Nvidia GeForce 940MX 2GB GDDR5
    Graphics Card #3nil
    Graphics Card #4nil
    Sound CardRealtek HD Audio controller with codec 294
    MonitorLcd monitor
    Storage #1Samsung 850 Evo 250GB SSD M.2. 2280
    Storage #2Seagate 2TB 2.5inch. Toshiba 1TB 2.5 inch
    CPU CoolerBuilt-in
    Casefrom factory
    Power Supply65W
    Keyboard Built in keyboard
    Mouse Built in mouse
    Headset Philips HeadSet
    Mouse Pad nil
    Headset/Speakers Realtek with ice sound
    OS Windows 10 64bit 1809 build no 17763.503
    Network RouterBsnl Wi-Fi modem with router

    Join Date
    Feb 2018
    Reputation
    10
    Posts
    118

    Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT 2019.1 QSR Advisory

    Multiple potential security vulnerabilities in Intel® Converged Security & Management Engine (Intel® CSME), Intel® Server Platform Services (Intel® SPS), Intel® Trusted Execution Engine Interface (Intel® TXE), Intel® Dynamic Application Loader (Intel® DAL), and Intel® Active Management Technology (Intel® AMT) may allow escalation of privilege, information disclosure, and/or denial of service. Intel is releasing Intel® CSME, Intel® SPS, Intel® TXE, and Intel® AMT updates to mitigate these potential vulnerabilities.

    Vulnerability Details:
    CVEID: CVE-2019-0089
    Description: Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access.


    CVEID: CVE-2019-0090
    Description: Insufficient access control vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access.


    CVEID: CVE-2019-0086
    Description: Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.







    CVEID: CVE-2019-0091
    Description: Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.


    CVEID: CVE-2019-0092
    Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.


    CVEID: CVE-2019-0093
    Description: Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access.


    CVEID: CVE-2019-0094
    Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.

    CVEID: CVE-2019-0096
    Description: Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access.

    CVEID: CVE-2019-0097
    Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.


    CVEID: CVE-2019-0098
    Description: Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.


    CVEID: CVE-2019-0099
    Description: Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.


    CVEID: CVE-2019-0153
    Description: Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.


    CVEID: CVE-2019-0170
    Description: Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.


    Intel® CSME, Intel® Active Management Technology, and Intel® DAL
    Please update intel management firmware version with respective intel core processors
    Updated Intel® CSME Firmware Version
    11.8.65.xxxx
    11.11.65.xxxx
    11.22.65.xxxx
    12.0.35.xxxx

    Intel® Server Platform Services before versions
    Please update Intel® Server Platform Services Firmware Version
    SPS_E3_05.00.04.027.0.


    Intel® Trusted Execution Engine
    Please update Intel® Trusted Execution Engine
    Updated Intel® Trusted Execution Engine Firmware Version

    3.1.65.xxxx
    4.0.15.xxxx

    for more information visit intel security website
    https://www.intel.com/content/www/us...-sa-00213.html


    download intel management firmware from win-riad official website
    https://www.win-raid.com/t596f39-Int...tem-Tools.html

  2. #2
    ROG Guru: White Belt Array raju2529 PC Specs
    raju2529 PC Specs
    Laptop (Model)R542UQ-DM153 ( X542UQ.305 )
    MotherboardAsus motherboard
    ProcessorIntel core i5 7200u @2.5Ghz
    Memory (part number)Adata 2400 Mhz 16GB
    Graphics Card #1intel Hd 620 graphics 1GB DDR3
    Graphics Card #2Nvidia GeForce 940MX 2GB GDDR5
    Graphics Card #3nil
    Graphics Card #4nil
    Sound CardRealtek HD Audio controller with codec 294
    MonitorLcd monitor
    Storage #1Samsung 850 Evo 250GB SSD M.2. 2280
    Storage #2Seagate 2TB 2.5inch. Toshiba 1TB 2.5 inch
    CPU CoolerBuilt-in
    Casefrom factory
    Power Supply65W
    Keyboard Built in keyboard
    Mouse Built in mouse
    Headset Philips HeadSet
    Mouse Pad nil
    Headset/Speakers Realtek with ice sound
    OS Windows 10 64bit 1809 build no 17763.503
    Network RouterBsnl Wi-Fi modem with router

    Join Date
    Feb 2018
    Reputation
    10
    Posts
    118

    On 10-06-2019 , i installed latest Bios frmware X542UQ.309 to laptop which contains latest intel cpu microcode B4 . and almosyt many security flaws are fixed

    .Click image for larger version. 

Name:	bios...JPG 
Views:	0 
Size:	150.7 KB 
ID:	80682
    Last edited by raju2529; 06-15-2019 at 01:07 AM.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •