- Community Home
- >
- Servers and Operating Systems
- >
- ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- ML10 Gen9 - latest Intel ME - Vulnerable - as of 2...
-
-
Forums
- Products
- Servers and Operating Systems
- Storage
- Software
- Services
- HPE GreenLake
- Company
- Events
- Webinars
- Partner Solutions and Certifications
- Local Language
- China - 简体中文
- Japan - 日本語
- Korea - 한국어
- Taiwan - 繁體中文
-
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
- HPE Blog, Austria, Germany & Switzerland
- Blog HPE, France
- HPE Blog, Italy
- HPE Blog, Japan
- HPE Blog, Middle East
- HPE Blog, Latin America
- HPE Blog, Russia
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
- HPE Blog, Poland
-
Blogs
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Blog, Latin America
- HPE Blog, Middle East
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
-
Information
- Community
- Welcome
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Tips and Tricks
- Resources
- Announcements
- Email us
- Feedback
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Aruba Airheads Community
- Enterprise.nxt
- HPE Dev Community
- Cloud28+ Community
- Marketplace
-
Forums
-
Forums
-
Blogs
-
Information
-
English
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
03-21-2018 05:51 AM
03-21-2018 05:51 AM
ML10 Gen9 - latest Intel ME - Vulnerable - as of 21 March 2018
Hello
Intel's test (link below) reports that Intel ME 11.6.27.3264 is vulnerable.
https://www.intel.com/content/www/us/en/support/articles/000025619/software.html
However it appears to be the latest available for download from HPE's support.
Is there an update in the pipeline?
Does disabling this in BIOS actually mitigate curent vulnerabilities? (It is disabled but still reports as vulnerable)
Thank you
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
03-21-2018 07:32 AM
03-21-2018 07:32 AM
Re: ML10 Gen9 - latest Intel ME - Vulnerable - as of 21 March 2018
Hi PaulP-Cambs
Officially of HPE, have this information about vulnerabilyt
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us
All Bouletins - https://support.hpe.com/portal/site/hpsc/public/kb/secBullArchive
If necessary more informatio do you can report to more information - https://www.hpe.com/h41268/live/index_e.aspx?qid=11503
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
03-22-2018 01:04 AM - edited 03-22-2018 03:19 AM
03-22-2018 01:04 AM - edited 03-22-2018 03:19 AM
Re: ML10 Gen9 - latest Intel ME - Vulnerable - as of 21 March 2018
Hi
That vulnerability appears to relate to the BIOS - I've already patched the BIOS to 1.11.
As far as I can tell the latest Intel ME available is 11.6.27.3264(23 May 2017) here:
Intel's test for Intel ME vulnerabilities returns a result of vulnerable which suggests there should be a patch in HPE's pipeline - Ideally 11.8.50.3425 or higher as per advisory:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr
Intel® Xeon® Processor E3-1200 v5 Product Family
Recommended: Intel® ME 11.8.50.3425 or higher
Minimum: Intel® ME 11.8.50.3399
Intel® SPS 4.1.4.054
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
03-23-2018 03:04 AM
03-23-2018 03:04 AM
Re: ML10 Gen9 - latest Intel ME - Vulnerable - as of 21 March 2018
Any idea when it might be made available please?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
03-26-2018 03:08 AM
03-26-2018 03:08 AM
Re: ML10 Gen9 - latest Intel ME - Vulnerable - as of 21 March 2018
As this is still currently being sold - is it being sold with a known vulnerability for which there is an Intel patch that it doesn't have, or is Intel's patch just not being made available existing owners?
Or is there some other mitigation for the vulnerability Intel report?
Makes Lenovo's TS150 look more attractive for my next purchase - while the Lenvo costs more from my reseller, Lenovo have made the patches available, and worth noting also for their legacy TS140 E-1226v3 which I do have and is patched!
Hewlett Packard Enterprise International
- Communities
- HPE Blogs and Forum
© Copyright 2022 Hewlett Packard Enterprise Development LP