Intel has released a detection tool to determine whether the host system’s CPU is vulnerable to the security exploit defined in Intel’s Management Engine. The company launched a Management Engine “critical firmware update” (SA-00086, available here, alongside the tool) with a utility that checks 6th, 7th, and 8th Generation Core series CPUs – everything dating back to Skylake, basically – for vulnerabilities exposed through the integrated MINIX operating system. Intel’s version of the Minix OS, originally built for educational purposes by Andrew Tanenbaum, operates on Ring level -3 (negative, as in: you have no access) on the CPU, with the vulnerability present on all Skylake, Kaby Lake, and Coffee Lake PCHs.
Intel’s firmware update addresses the following CPU families, and should be installed immediately:
Cloudflare has disclosed a bug within their code that has resulted in a massive memory leak, dumping user data into the wild. For those unaware, Cloudflare is an internet proxy and web performance service aimed at protecting websites and associated user data from malicious activity—making a security disaster like this acutely ironic.
AMD's Gaming Evolved software application – a partnership with Raptr – has been compromised in a security exploit and is encouraging users to change passwords. The utility is used for game video capture (similar to ShadowPlay, but web-enabled), but also enables easier drive management and game-hardware integration (settings optimization for video cards, similar to GeForce Experience).
We moderate comments on a ~24~48 hour cycle. There will be some delay after submitting a comment.