Intel Management Engine vulnerability SA-00086

All back up and running again after re-flashing my BIOS (latest for my board v7.20 over v7.20) from DOS. lex23, I suggest you do the same as you and I had the same issue with PC not powering off on shutdown after this ME patch.

One of the stages of flashing my BIOS was ME firmware installation so that put mine back to 11.6.0.1126 which is vulnerable ("This system is vulnerable" according to INTEL-SA-00086 Detection Tool) but is, more importantly, functional.

I'll wait for ASRock to post something official for my board, Fatal1ty Z170 Gaming K6+ w/i7-6700K.

rico wrote: I DID successfully install the ME firmware patch - It's the rest of the system now is the problem because of [now] missing ME drivers.

partofthething wrote: I'm happy ASRock posted the links to the fixes on their page. However, I'm a bit distraught that the files are hosted over HTTP instead of HTTPS. Downloads like this really should use TLS to prevent people between the server and the customers from injecting malicious firmware into people's machines. Meanwhile, those of you who downloaded the files, what SHA1/SHA256 hash did they have? With sha1sum and sha256sum commands, I get: c5cd9811598492541ff5da850027e698f01afa67  ME-consumer_11.8.50.3425.zip 366ddc9ee99e1641bee6a19554cac3c5ad4f15df8c7bdee63558f22aebe0e19c  ME-consumer_11.8.50.3425.zip Can anyone confirm? Thanks.

I can't update the Intel ME. I have an ASRock X299 Taichi Motherboard and according to the special ME Update Page from ASRock I have to use the ME1 Package. But when I'm running the BAT File for Windows64 I get the following error:

lex23 wrote: Can someone help me please? I use a ASRock Z170 Extreme4 and installed the ME-consumer_11.8.50.3425 update. Now my PC doesn't completely shut down anymore. Monitor turns off, but the computer/fans keep going.

Crap, add me to this list but with Fatal1ty Z170 Gaming K6+ w/i7-6700K. I checked the BIOS and the new 11.8.50.3425 is listed under Advanced\Chipset Configuration page but under Win10 there's doesn't appear to be any drivers for the ME hardware. Maybe that's what's causing the problem?

The Intel-SA-00086 Detection Tool now just reports "Detection Error: This system may be vulnerable, please install the Intel(R) MEI/TXEI driver (available from your system manufacturer).

Intel(R) ME Information

Engine: Intel(R) Management Engine
Version: Unknown
SVN: 0"

Something is keeping my PC awake when shutting down and it started exactly after installing this new ME firmware.

Windows Event Viewer extract of Descriptions:

1. 11:40:02 The process C:\Windows\System32\RuntimeBroker.exe has initiated the power off of computer
 Reason Code: 0x0
 Shut-down Type: power off

2. 11:40:06 The system is entering sleep.

3. 11:40:06 The browser has forced an election on network \Device\NetBT_Tcpip_{99779397-8814-49CE-952C-50ADDE3A2389} because a master browser was stopped.

4. 11:40:07 The system has resumed from sleep.

At this point the monitor goes off and the PC's fans remain powered up. Hitting keys does not wake the system up. Upon manually pulling the power and booting back up again I see this in Event Viewer (System)

11:42:49 The firmware reported boot metrics.

11:42:49 There are 0x1 boot options on this system.

11:42:49 The bootmgr spent 0 ms waiting for user input.

11:42:49 The boot menu policy was 0x1.

11:42:49 The boot type was 0x1.

11:42:51 The system has returned from a low power state.

Sleep Time: ??017????1????5T11:40:06.071483900Z
Wake Time: ??017????1????5T11:42:49.209396700Z

Wake Source: Unknown