Siemens releases BIOS update for Intel chip vulnerability

Buzz

Siemens has just released a BIOS update for Intel chip vulnerability, covering Meltdown, Spectre, and the vulnerabilities affecting the company's Management Engine technology.

Following the disclosure of Meltdown and Spectre vulnerabilities, industrial control system (ICS) manufacturers immediately began analyzing the impact of the vulnerabilities on their devices. Affected companies announced include Siemens, Rockwell Automation, Schneider Electric, ABB, and Pepperl + Fuchs.

Siemens issues BIOS update for Intel chip vulnerability

Siemens acknowledges security vulnerabilities exposing multiple product lines to attacks, including RUGGEDCOM, SIMATIC, SIMOTION, SINEMA, and SINUMERIK.

Recently, Siemens released BIOS updates for Intel chip vulnerabilities on several affected devices for their customers, including SIMATIC industrial computers, PG SIMATIC connected laptops, SIMATIC industrial tablet (ITP), and SINUMERIK control units (PCU). In addition to firmware patches, users are also required to install operating system updates to mitigate the impacts of Meltdown and a variant of Spectre.

Siemens' BIOS updates for SIMATIC and SINUMERIK devices mentioned above also patch some vulnerabilities discovered by Intel's Management Engine (ME), Server Platform Services (SPS), and Trusted Execution Engine (TXE) technology researchers late last year. Accessing the BIOS allows you to adjust settings for installing Windows or fixing Windows errors, with different laptop models having different BIOS access methods.

Intel product vulnerabilities can be exploited, primarily affecting internal devices, though at least one flaw can be remotely exploited - enabling arbitrary code execution, privilege escalation, and denial-of-service attacks.

Additionally, Siemens firmware updates resolve vulnerabilities affecting Trusted Platform Module (TPM) modules in semiconductor chips from German manufacturer Infineon.

The CVE-2017-15361 vulnerability related to the RSA library in TPM could allow remote attacks if the attacker knows the public key to obtain the private RSA key. This security flaw impacts products from several major technology companies, including Microsoft, Google, HP, Lenovo, and Fujitsu.

Siemens has also notified users of available patches for Meltdown/Spectre, Intel ME, and Infineon TPM vulnerabilities.

If you're using a Windows computer, you can check for Spectre and Meltdown vulnerabilities to see if your Windows computer is affected and continuously update the operating system, BIOS to receive these vulnerability patches.

Among the leading browsers today are Chrome, Firefox, Opera,... Since the release of Firefox Quantum, Mozilla developers have continuously updated features and enhanced stability for their beloved browser. In the Firefox 59 update, new security features are promised to allow users to customize privacy settings for a higher level of web browsing security and safety.

Frequently Asked Questions

What security vulnerabilities are addressed by Siemens' BIOS update for Intel chips?

Siemens' BIOS update addresses critical security vulnerabilities including Meltdown, Spectre, and issues with the Management Engine technology. This update applies to multiple product lines, ensuring enhanced protection against potential attacks.

How can users mitigate the impacts of Meltdown and Spectre vulnerabilities?

To mitigate the impacts of Meltdown and Spectre vulnerabilities, users must install Siemens' BIOS updates along with the latest operating system updates. This dual approach ensures comprehensive security against these significant threats.

Which Siemens devices are affected by the recent Intel chip vulnerabilities?

The recent Intel chip vulnerabilities affect various Siemens devices, including SIMATIC industrial computers, PG SIMATIC laptops, SIMATIC industrial tablets, and SINUMERIK control units. Users of these devices should update their BIOS to secure against these vulnerabilities.

Can Intel product vulnerabilities be exploited remotely, and what are the implications?

Yes, some Intel product vulnerabilities can be exploited remotely. This exploitation can lead to severe consequences, such as arbitrary code execution, privilege escalation, and denial-of-service attacks, emphasizing the importance of timely updates.

What should users do to check for Spectre and Meltdown vulnerabilities on Windows computers?

Users should check for Spectre and Meltdown vulnerabilities on their Windows computers by accessing security settings and ensuring their operating system and BIOS are up to date. Continuous updates are vital for maintaining system security.

Mytour's content is for customer care and travel encouragement only, and we are not responsible.

For errors or inappropriate content, please contact us at: [email protected]