Of course is my Lenovo T460 affected by INTEL-SA-00086. Just to be sure, I ran Intel’s Detection Tool. Lalalala…
$ sudo ./intel_sa00086.py [....] *** Host Computer Information *** Name: XME200412.sec-lab4.local Manufacturer: LENOVO Model: 20FNCTO1WW Processor Name: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz OS Version: Fedora 27 Twenty Seven (4.13.12-300.fc27.x86_64) *** Intel(R) ME Information *** Engine: Intel(R) Management Engine Version: 11.0.12.1008 SVN: 1 *** Risk Assessment *** Based on the analysis performed by this tool: This system is vulnerable.
And of course, there is no firmware update available yet. I’m pretty sure when it is then is only easy to use with Windows.
Edit: I was half wrong. There seems to be an update available under “Chipset” for Windows-only.
