cancel
Showing results for 
Search instead for 
Did you mean: 

GX501 vulnerable to INTEL-SA-00086

waltercool
Level 7
I just tried the new application of Intel ME risk analysis https://downloadcenter.intel.com/download/27150 , and seems like the laptop is vulnerable to INTEL-SA-00086

Just to be aware in case you are generating the new BIOS.

*** Intel(R) ME Information ***
Engine: Intel(R) Management Engine
Version: 11.6.10.1196
SVN: 1

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Management Engine firmware is considered vulnerable for INTEL-SA-00086.
Contact your system manufacturer for support and remediation of this system.

For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr


Just in case, as personal petition. If you are making a new BIOS, would it be possible to add an hybrid mode? It would be great to have more than 1.5hrs unplugged.
21,047 Views
11 REPLIES 11

kenshinco
Level 7
any update on this yet?

kenshinco wrote:
any update on this yet?
From whom? Surely you don't expect a response from Asus? They've long since abandoned the GX501 and likely won't address this vulnerability on any existing products.

mario64 wrote:
From whom? Surely you don't expect a response from Asus? They've long since abandoned the GX501 and likely won't address this vulnerability on any existing products.


GX501 released this year and Asus already abandoned? wow!!! I guess Asus got too much on their hand.

Loaded_Glove
Level 7
Seems Asus isn't concerned about this for many of their consumer products.

It just need to patch up to 11.7. Get it from Intel.

DJRiful wrote:
It just need to patch up to 11.7. Get it from Intel.
So no need for an Asus patch?

Loaded_Glove
Level 7
Isn't 11.7 affected as well, in fact I thought up to 11.8 are susceptible to the exploit?

JustinThyme
Level 13
Gotta love the reason the word CONJECTURE was ever created in the first place.
This is a new thing, its not just as simple as installing new software, firmware has to be addressed to and Intel wont publish anything that updates firmware on 3rd party hardware.
Some pieces of hardware have already been addressed ASUS is working on it and has already stated to wait a few weeks. Its not like they can drop their entire (not so big) R&D dept into MEI.

GX501 has not been abandoned. On the support page there are drivers just released 2 weeks ago.

There are already other threads on this, please use the search feature.



“Two things are infinite: the universe and human stupidity, I'm not sure about the former” ~ Albert Einstein

haihane
Level 13
interesting info: Gigabyte Aero 15 patched the SA86 vulnerability using their Live Update (GIGABYTE smart update) program which actually works and gets updated... pretty frequently imo.

i ran the same vulnerability check on ASUS Broadwell-U's laptop (Zenbook), and it never gave anything (the system wasn't vulnerable to begin with - or so it says from the check). if there's a driver update, i would have to chance upon it from motherboard support site, install it manually. the zenbook is over 1 year since the date of purchase. i got rid of the live update because it never seemed to do anything other than take up space.

i'm not the go-to guy for brand worship. i believe, if one truly likes a brand, one should at times give it tough love (ASUS, shape up! your competitor is beating you to critical update).
no siggy, saw stuff that made me sad.