Acer is aware of the Intel ME/TXE Elevation of privileges vulnerability, and we are diligently working to provide updates for all impacted models. Intel has recently conducted a comprehensive security review that has identified a vulnerability that could allow an attacker to gain unauthorized access to platform features that are protected by Intel Management Engine (ME), Intel Server Platform Services (SPS), or Intel Trusted Execution Engine (TXE). Due to potential platform key exposure and third party services dependency on those keys, existing platform keys will be revoked. As a result, some third parties may require that those platform keys be re-issued to avoid interruptions in their service.
The security and privacy of customers' information are priorities for Acer. Acer is working closely with Intel to address the situation and are working to release firmware updates to fix the security vulnerability. Please see below for further details.
Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted. These firmware versions may be found on certain 6th, 7th, & 8th Generation Intel® Core™ Processor Family, Intel® Xeon® Processor E3-1200 v5 & v6 Product Family,
Intel® Xeon® Processor Scalable Family, Intel® Xeon® Processor W Family, Intel® Atom® C3000 Processor Family, Apollo Lake Intel® Atom Processor E3900 series,
Apollo Lake Intel® Pentium™ and Celeron™ N and J series Processors.
