Security Advisories for Intel Products dated July 10, 2018

From Thomas-Krenn-Wiki
Jump to navigation Jump to search

On July 10, 2018, Intel released twelve security advisories for various Intel products. Eight of these safety instructions require Firmware Updates. In this article you will find information about these security advisories and where you will find updates for Thomas-Krenn products.

Security Advisories

Intel Security Advisory Title CVE Affected systems
INTEL-SA-00112 Intel Q1’18 Intel Active Management Technology 9.x/10.x/11.x Security Review Cumulative Update

CVE-2018-3628 8.1 (High)
CVE-2018-3629 7.5 (High)
CVE-2018-3632 6.4 (Medium)

AMT 3.x-11.x
INTEL-SA-00118 Intel Converged Security Management Engine (Intel CSME) 11.x issue CVE-2018-3627 7.5 (High) CSME 11.x
INTEL-SA-00127 DCI Policy Update CVE-2018-3652 Direct Connect Interface (DCI) (Intel Xeon E3 v5 and v6, Xeon Scalable)
INTEL-SA-00130 BMC Firmware Vulnerability Intel Server Boards, Compute Modules and Systems CVE-2018-3651 8.2 (High) BMC Firmware Intel Server Boards
INTEL-SA-00152 Firmware Authentication Bypass No CVE, 6.8 (Medium) up to 7.6 (High) Intel Core Processors 4th - 7th generation
INTEL-SA-00158 Platform firmware included insecure handling of certain UEFI variables No CVE, 6.1 (Medium) Intel Xeon Scalable, Xeon E5 v3 and v4
INTEL-SA-00159 EDK II Untested memory not covered by SMM page protection No CVE, 8.2 (High) Tianocore-based firmware
INTEL-SA-00160 Insecure Handling of BIOS and AMT Passwords CVE-2017-5704, 7.2 (High) Intel Core Processors 4th - 7th generation

Updates for products from Thomas-Krenn

Information about updates will be published in the following Wiki article as soon as updates are available:

Further information


Foto Werner Fischer.jpg

Author: Werner Fischer

Werner Fischer, working in the Knowledge Transfer team at Thomas-Krenn, completed his studies of Computer and Media Security at FH Hagenberg in Austria. He is a regular speaker at many conferences like LinuxTag, OSMC, OSDC, LinuxCon, and author for various IT magazines. In his spare time he enjoys playing the piano and training for a good result at the annual Linz marathon relay.


Foto Thomas Niedermeier.jpg

Author: Thomas Niedermeier

Thomas Niedermeier working in the product management team at Thomas-Krenn, completed his bachelor's degree in business informatics at the Deggendorf University of Applied Sciences. Since 2013 Thomas is employed at Thomas-Krenn and takes care of OPNsense firewalls, the Thomas-Krenn-Wiki and firmware security updates.


Related articles

INTEL-SA-00087 Safety Instructions for Intel SPI Flash
Safety instructions for Meltdown and Spectre
Security Advisories for Intel Products 2022-08-09 2022.2 IPU