3 Replies Latest reply on May 25, 2017 9:47 AM by phoffmann

    BIOS (Dell) update

    mbaney Apprentice

      With the recent disclosure of the security flaws around Intel AMT [0] we have a need to update the BIOS on all our client workstations. These are mostly Dell Optiplex and Precision systems. Dell has recently published patches for many of these systems. Will LANDesk be publishing a patch definition for this?

       

      [0] Intel® Product Security Center

        • 1. Re: BIOS (Dell) update
          phoffmann SupportEmployee

          "Possibly" I would suspect.

           

          So you could request a content definition to be created by raising a ticket to support. That's the easiest route to put in content requests.

           

          BUT ...

           

          ... not sure how complicated this thing is. For one, remember that we need to be able to detect this from a running OS - as long as we can poke the relevant firmware (or it's as relatively simple as checking for a BIOS version) ... then it's doable. On-board hardware can be a bit more complicated though.

           

          Associating the right fix to a relevant piece of hardware is going to be the real problem I suspect, because I strongly suspect that EVERY motherboard/desktop will need its own fix ... and that's going to be the real problem to sort out.

           

          At the very least, doing the detection piece should be reasonably simple.

           

          The patch(-es) may be more complicated - and we may not be able to provide them at all, if Dell (and others) chose to hide them behind legal agreements and such -- in which case we can provide detection content (and hopefully remediation) but you'd need to grab the patches yourselves.

           

          But yeah - your first stop would be a content request to support . The rest will follow from there.

          • 2. Re: BIOS (Dell) update
            mbaney Apprentice

            Thanks for your reply.

             

            Detection should be fairly straight forward.

             

            PS C:\Users\chef.PC> Get-WmiObject -Class Win32_ComputerSystem

            Domain              : blah.com

            Manufacturer        : Dell Inc.

            Model               : Latitude 6430U

            Name                : <hostname>

            PrimaryOwnerName    : User

            TotalPhysicalMemory : 17080934400

             

            Now we have the model.  Lets get the BIOS version:

            PS C:\Users\chef.PC> Get-WmiObject -Class Win32_BIOS

            SMBIOSBIOSVersion : A09

            Manufacturer      : Dell Inc.

            Name              : BIOS Date: 09/24/14 15:02:19 Ver: A09.00

            SerialNumber      : <serial>

            Version           : DELL   - 1072009

             

            How do I request content support?

            • 3. Re: BIOS (Dell) update
              phoffmann SupportEmployee

              You open a ticket with support.

               

              Simple as that .