Did Newer Intel based FW's just get a direct hit in the EngineRoom ?

bingo600

https://forum.pfsense.org/index.php?topic=132528.msg766455#msg766455

/Bingo

Guest

Yes, but the ME (and many of the totally feature creeped BSP SMM code blobs) have always been a total failure form a security perspective. I hope we can get more coreboot or other alternatives to run Intel setups, would surely help a lot with the black box danger firmwares we all have running now.

Guest

@bingo600:

Maybe we're NOT Affected  ???

/Bingo

Affected Intel Products

Below is the list of the processor chipsets which include the vulnerable firmware:

• 6th, 7th and 8th Generation Intel Core processors (1)
• Xeon E3-1200 v5 and v6
• Xeon Scalable processors
• Xeon W processors
• Atom C3000 processors (2)
• Apollo Lake Atom E3900 series (1)
• Apollo Lake Pentiums (1)
• Celeron N and J series processors (1)

(1) How many of this CPUs are running in system where pfSense will be installed on?
(2) How many peoples will be using this brand new hardware for FreeNAS and/or pfSense?

I think the impact is not able to count.

bingo600

And the older CPU's might be affected by the Intel AMT bug from may-2017
That might be "disabalabe" in the bios (atleast on my Lenovo)

But i dont think i saw disable in the Qotom Bios.

/Bingo