So CVE-2019-0090 / INTEL-SA-00213 looks rather ugly, especially given that there is no software fix available. So, I need to to see if any of my nodes are affected. To that end I’m putting together a quick and dirty PowerShell script to make scanning easier. As of now it can automatically download the Intel detection utility from the web from a custom HTTP(S) location or from SMB and then run it and report results.
In the next day or two I’m going to add the ability to log to a remote location and build out a SCCM package and hardware report.
For you you can pass the -DownloadFromWeb or -DownloadFromSMB arguments to tell the script how you’d like to obtain the file. You can also specity -WebURL and -SmbPath to tell the script to download from custom locations. By default the script will download the Intel utility directly from Intel. Stay tuned for updates.
If anyone is interested, here’s a link to the GitHub repository. I’m always looking for ideas and feedback!