Intel® Vulnerability of CSME (Converged Security and Management Engine)
- Document ID: 4016422
- Posted Date: 2019-03-21
- Last Updated: 2019-03-21
- Distribution: View Public Website
Intel® CSME, Server Platform Services, Trusted Execution Engine and Intel® Active Management Technology vulnerability
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Source: Intel® Article ID: INTEL-SA-00185
Potential Security Impact: Toshiba is aware of multiple potential security vulnerabilities in Intel® CSME, Server Platform Services, Trusted Execution Engine and Intel® Active Management Technology. The security and privacy of our customers' information are priorities for Toshiba. Toshiba is working closely with Intel to provide firmware and/or software updates as soon as possible to resolve this security vulnerability. Update details for these platforms will be added to this document as they become available.
In the meantime, Toshiba recommends that customers update their systems to the latest Toshiba firmware and software, apply all of Microsoft System Updates as they become available and follow security best practices for malware protection to help prevent possible exploitation of these vulnerabilities. These practices include, but are not limited to, promptly deploying software updates, avoiding unknown hyperlinks and websites, never downloading files or applications from unknown sources, and employing up-to-date anti-virus and advanced threat protection solutions.
- Intel Security Advisory (INTEL-SA-00185)
Check Table below to see if your system has been impacted and the vulnerability update is available.
- If your system is affected, download and install the latest system firmware update.
If your system is not listed below, please refer to the Intel site listed above for CPU’s affected by this security notice.
- Update your Intel AMT Software from the table below NOTE: Select the appropriate software for the Windows OS you are running (Windows 7 or Windows 10)
- Update the firmware of Intel Management Engine to Version 220.127.116.11: Download MEFW-TCH0513900B
The information in this document is subject to change without notice.
"Intel" is a trademark of Intel Corporation in the U.S. and other countries.
Other names and brands may be claimed as the property of others.
- Export Control and EULA
- Use of any software made available for download from this system constitutes your acceptance of the Export Control Terms and the terms in the Toshiba end-user license agreement both of which you can view before downloading any such software.