Intel SMM EoP mitigations due Sep-19
More on this:
https://firmwaresecurity.com/2016/08/08/multiple-intel-systems-have-smm-runtime-eop/
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00056&languageid=en-fr
Intel has a security advisory about SMM Elevation of Privilege vulnerability on multiple Intel product. It appears they have an estimated release for this: “Estimated Sept. 19th”
Severity rating: Important
Intel is releasing mitigations for a privilege escalation issue. This issue affects the UEFI BIOS of select Intel Products. The issue identified is a method that enables malicious code to gain access to System Management Mode (SMM). A malicious attacker with local administrative access can leverage the vulnerable function to gain access to System Management Mode (SMM) and take full control of the platform. Intel products that are listed below should apply the update. Other vendors’ products which use the common BIOS function SmmRuntime may be impacted. To find out whether a product you have may be vulnerable to this issue, please contact your system supplier. Intel highly recommends applying the mitigations. For Intel branded products where a mitigation is still pending, we recommend following good security practices including running with least privilege and keeping security software and operating systems up to date.
The advisory also shows how to use dmidcode on Linux to get the vendor ID:
dmidecode -t 0 | grep Version | awk -F : ‘{ print $2 }’ | sed s/\ //g
dmidecode -t 2 | grep Product | awk -F : ‘{ print $2 }’ | sed s/\ //g
More info:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00056&languageid=en-fr
Firmware Security 