[SOLVED]Thinkpad Carbon X1 users, how are you getting your patches for last year's Intel ME security advisories? I just flashed the latest bios and Intel's detection tool still says I'm vulnerable. I've only been able to find patches built for Windows on their support site so far. I've got a first generation x1 (3444)
2 plus ones
Shared publicly•View activity
- that's todays meltdown/spectre bugs the OP is on about the intel IME hacks from November.
dual boot windows or run it from USB stick and patch. With the prices of SSDs i always buy a new drive and put the windows one safely away for instances like this where i can swap drives.50w
- didn't read. just assumed.
meltdown is all i've seen posted everywhere every minute of the last 2 days50w
- In the future the answer will likely be fwupd. ( https://fwupd.org/vendorlist ) For now you likely need Windows. :(50w
- The deed is done. I temporarily installed an msata drive using an msata to 20+6 pin adapter. The keyboard could not be fully reseated with the adapter taking up extra space. I installed Windows without allowing it on my network, but the patch failed at first with an error:
"Intel(R) Management Engine Interface is not installed in the system"
I knew that was false even though I have Intel AMT permanently disabled in the bios, because the python scan tool provided by Intel reported an exact firmware version for IME. I had to allow Windows onto my network and let it install updates, including the IME software. I had tried installing the INF chipset driver first, but that wasn't enough. Finally, after letting Windows Updates finish its business, I was able to run Lenovo's firmware update. Swapping back my Linux ssd, the Intel scan tool is now reporting "system is not vulnerable" with IME version 126.96.36.1990247w
Add a comment...