Need help on updating Intel CSME on Predator Helios 300

FishNChips
FishNChips Member Posts: 4 New User

Hey all,

Currently Im running fresh install of Fedora 37 KDE Plasma on a Predator PH315-52-710B, and I noticed something that bothered me. On the firmware security tab of KDE, it mentions that i am using an non-valid version of Intel CSME(as mentioned here). This worried me so I ran the official Intel CSME Version Detection Tool(here) and sure enough it mention that my system is vulnerable giving me this message.

*** Risk Assessment ***

Based on the analysis performed by this tool: This system is vulnerable.

Explanation:

 The detected version of the Intel(R) Converged Security and Management Engine firmware

 has a vulnerability listed in one or more of the public Security Advisories.

 Contact your system manufacturer for support and remediation of this system.

How do I update the CSME so that my Predator Helios 300 is no longer vulnerable?

My BIOS Version is 1.12 and I have Fedora installed as a single boot.

Thanks for reading all of this.

Best Answer

  • StevenGen
    StevenGen ACE Posts: 12,528 Trailblazer
    edited February 2023 Answer ✓

    Yes, this is a problem as and also my Nitro 5 AN515-56 11th Gen with the latest Win-11 22H2/22621.1194 is also vulnerable when I do the Intel® Converged Security and Management Engine Version Detection Tool (Intel® CSMEVDT) which I don't think that Acer has any updates for, Intel recommends the two updates below and to run their Intel® Driver & Support Assistant which I have and this scan has scanned my systems many times but its never ever notified me of the CSME Version being out of date or vulnerable, this must be an Acer update that Acer needs to tackle and distribute to users, so get in contact with Acer or install the updates that I've included below (which are all for Win-11) as Win-10 has different versions.

    Btw: I've done the two updates below, and the Intel Converge Security and Management Engine version 15.0.10.1618 was not updated so you will have to contact Acer about this vulnerability problem as I’ve done both of those updates and run Intel CSME Version Detection Tool and its still analyses that “This system is vulnerable” and I've also run the Intel® Driver & Support Assistant and this scan has not informed me of any updates to the CSME version needing an update.

    Intel solution:

    Q: My system is reported as may be Vulnerable by the Intel CSME Version Detection Tool. What do I do?

    A: A status of may be Vulnerable is usually seen when either of the following drivers aren't installed:

    or

    Contact your system or motherboard manufacturer to obtain the correct drivers for your system.

Answers

  • StevenGen
    StevenGen ACE Posts: 12,528 Trailblazer
    edited February 2023 Answer ✓

    Yes, this is a problem as and also my Nitro 5 AN515-56 11th Gen with the latest Win-11 22H2/22621.1194 is also vulnerable when I do the Intel® Converged Security and Management Engine Version Detection Tool (Intel® CSMEVDT) which I don't think that Acer has any updates for, Intel recommends the two updates below and to run their Intel® Driver & Support Assistant which I have and this scan has scanned my systems many times but its never ever notified me of the CSME Version being out of date or vulnerable, this must be an Acer update that Acer needs to tackle and distribute to users, so get in contact with Acer or install the updates that I've included below (which are all for Win-11) as Win-10 has different versions.

    Btw: I've done the two updates below, and the Intel Converge Security and Management Engine version 15.0.10.1618 was not updated so you will have to contact Acer about this vulnerability problem as I’ve done both of those updates and run Intel CSME Version Detection Tool and its still analyses that “This system is vulnerable” and I've also run the Intel® Driver & Support Assistant and this scan has not informed me of any updates to the CSME version needing an update.

    Intel solution:

    Q: My system is reported as may be Vulnerable by the Intel CSME Version Detection Tool. What do I do?

    A: A status of may be Vulnerable is usually seen when either of the following drivers aren't installed:

    or

    Contact your system or motherboard manufacturer to obtain the correct drivers for your system.

  • FishNChips
    FishNChips Member Posts: 4 New User
    edited February 2023

    Thank you! Ill try getting in contact with Acer for Fedora 37 compatible versions of these updates.

  • FishNChips
    FishNChips Member Posts: 4 New User

    Oh and btw can I enter personal data into the OS or should I wait until Acer responds back and get the updates for the CSME?

  • StevenGen
    StevenGen ACE Posts: 12,528 Trailblazer
    edited February 2023

    Its up to you, and what your personal data is, I’m not concerned as no one has hacked into my system because of this issue, if your personal data is at potential risk and have had precious hacks, and if you think that your system is vulnerable to hackers then wait until you get advice from Acer, as Acer should have an update for this security problem, as allot of other manufacturers have a mobo update for this security volubility. Also, read this Acer article "Intel Security Vulnerabilities Regarding Intel® Management Engine (ME)” as its got so updates there, if your model Helios 300 is included. 

  • FishNChips
    FishNChips Member Posts: 4 New User

    I guess its okay to use my pc then. So while I wait for acer to respond, ill keep running things as normal, since as long as I keep good opsec, I should be ok. Ill check out the article, and other articles related to CSME vulnerabilities, while my stuff is downloading. Thanks again for responding and have a good night.