IBM BigFix released content to help identifying machines affected by the Intel Firmware Vulnerability INTEL-SA-00086

Both the fixlet and the analysis have been upgraded to work with the latest Intel tool. They’re available inside the version 1378 of BES Support.

2 Likes

Intel just updated the Detection Tools. The main change is the level of Python required on Linux: previously it was 2.7, while the new tool requires 2.6.6. We are updating and testing the BES Support’s Task and we plan to release it very soon.

Hello, any ETA of when the new fixlet will be released?

We just released the updated fixlet as part of BES Support version 1381.

2 Likes

It seems that a new version that detects a new CVE was just released.

@jgstew where are you seeing this, I can’t find any reference to an update apart from 22Dec but suspect that’s not for the latest vulnerability .

Maybe not:

Not sure if this relates to - https://hothardware.com/news/intel-cpu-bug-kernel-memory-isolation-linux-windows-macos

1 Like

Now a hot topic in my environment. We’re running the task and finding it is only working on physical machines and not on VM’s as indicated in Bernardo’s post (#3 in this thread) and seeing the following error in the Analysis:

“Detection Error: The detection tool cannot detect vulnerabilities from inside of a VM.”

Checking my BES Support Site, we’re at v1381…and using task 3172 which I am gathering is the latest and greatest? Curious if VM’s really need to be scanned? I am assuming yes.

Thanks

Doug

it should only be the host that needs scanned, not the VMs themselves.

Thanks for the reply. That is what I thought, just wanted to confirm.

Also…the 12/19 tool…will that be deployed to BES support any time soon? (Not sure if it would make a difference in the results).

I’m sorry for the delay. The fixlet that is currently in BES Support uses the latest version of the Intel tool.

1 Like