BULLETIN DE SÉCURITÉ

HPSBHF03557 - Version 5 - Vulnérabilité de classe « Elévation de Privilèges » sur les technologies Intel AMT (Intel Active Management Technology), SBT (Intel Small Business Technology) et ISM (Intel Standard Manageability)

REMARQUE : les recommandations de ce bulletin contenues dans sécurité doivent être suivies dès que possible.


  • Date de publication : 5/4/2017
  • Dernière mise à jour : 5/19/2017

Impact potentiel sur la sécurité : Elévation de privilèges à distance sur les systèmes provisionnés, ou localement sur les systèmes non provisionnés


Source: Intel

0

RESUMÉ DES VULNÉRABILITÉS

Une faille de sécurité susceptible d'affecter tous les fournisseurs de matériels fonctionnant sous Intel (OEM) a été détectée dans le micrologiciel Intel Manageability. Cette faille de sécurité représente une vulnérabilité qui a pris naissance dans le développement et le déploiement du micrologiciel Intel Manageability. Cette faille affecte certains ordinateurs professionnels de marque HP, certaines stations de travail et clients légers HP, ainsi que certains terminaux point de vente (RPOS). Les ordinateurs HP destinés aux particuliers ne sont pas concernés. HP a pour priorité absolue d’aider ses clients à assurer la sécurité de leurs systèmes.


Intel a publié l’avis de sécurité (https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr) qui indique::


Une vulnérabilité de classe « élévation de privilèges » a été détectée dans les micrologiciels des outils Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM) et Intel® Small Business Technology (SBT) de versions suivantes : 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, et 11.6. Cette faille peut permettre à un attaquant sans privilèges de prendre le contrôle des fonctions de gestion de ces produits.


Cette vulnérabilité peut être utilisée de deux manières distinctes, Intel® Small Business Technology ne pouvant faire l’objet de la première.


  • Un attaquant sans privilèges pourrait, du réseau, gagner des privilèges système sur les systèmes provisionnés équipés des composants Intel Manageability suivants : AMT (Intel Active Management Technology) et ISM (Intel Standard Manageability).

  • Un attaquant sans privilèges pourrait localement provisionner des fonctionnalités de management, afin de gagner des privilèges réseau ou locaux, sur les composants Intel Manageability: AMT (Intel Active Management Technology), ISM (Intel Standard Manageability) et SBT (Intel Small Business Technology).

Références :: CVE-2017-5689, INTEL-SA-00075 (Intel), PSR-2017-0065 (HP)


VERSIONS DU LOGICIEL PRISES EN CHARGE* : Les plateformes matérielles impactées et non impactées sont détaillées ci-après.

Pour accéder à la liste des produits impactés et non impactés, reportez-vous à la section ATTÉNUATION DES RISQUES, présentée ci-après.


1

ORIGINE

Pour obtenir une version signée PGP de ce bulletin de sécurité, merci d’écrire à l'adresse : hp-security-alert@hp.com
CVSS 3.0 Evaluation de la vulnérabilité selon la norme


Référence Vecteur de base Score de base
CVE-2017-5689 (1) Systèmes provisionnés : (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) (1) 9.8
(2) Systèmes non provisionnés : (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) (2) 8.4

Pour de plus amples informations sur le système d'évaluation CVSS merci de vous référer à la note d’information client HP: HPSN¬2008¬002.: HPSN­2008­002.

2

ATTÉNUATION DES RISQUES

HP travaille en étroite collaboration avec Intel pour valider leur correctif et s’assurer de son bon fonctionnement sur la gamme de produits professionnels HP. Entre-temps, Intel a proposé les mesures d'atténuation des risques suivantes, qu’il est conseillé de mettre en œuvre avant le déploiement du nouveau micrologiciel :


  • Étape 1 : Identifiez si le système que vous utilisez est équipé d’Intel® AMT, Intel® SBA, ou Intel® ISM : https://communities.intel.com/docs/DOC-5693. Si votre système n’est pas équipé d’Intel® AMT, Intel® SBA, ou Intel® ISM, aucune action n’est requise.
  • Étape 2 : Utilisez le Guide de Détection pour déterminer si votre système utilise un micrologiciel impacté : https://downloadcenter.intel.com/download/26755. Si votre version est rntel.com/download/26755wnloadMicrologiciel corrigé », aucune action n’est requise pour protéger votre système de cette vulnérabilité.
  • Étape 3 : Intel vous recommande de vous rapprocher de votre fournisseur de matériel (OEM) pour lui demander une version mise mander de micrologiciel. Les versions des micrologicielles qui corrigent ce problème ont un numéro de version à 4 chiffres commençant par un « 3 » (X.X.XX.3XXX), par exemple : 8.1.71.3608.
  • É 8.1.71.3608., par exemple micrologicielle requise n’est pas disponible auprès de votre fournisseur de matériel (OEM), suivez la procédure décrite dans le Guide d'atténuation des risques d’Intel : https://downloadcenter.intel.com/download/26754
  • Si vous avez besoin d'aide pour procéder à la mise en œuvre de ces différentes étapes, contactez l’ Assistance clientanc ; d’Intel; Dans la section « Technologies », shnologiesion n /www.intel.com/contentTechnology (Intel® AMT).
3

PRODUITS CONCERNÉS


Commercial Desktops

Ordinateurs de bureau professionnels, clients l clie et terminaux points de vente (RPOS)


Produit Impact ME FW (Management Engine Firmware) minimum requis pour le correctif Date cible disponible N° du softpaq / Lien de téléchargement Dernière mise à jour
HP 260 G1 Desktop Mini PC Not affected 05/03/2017
HP 260 G2 Desktop Mini PC Not affected 05/03/2017
HP Compaq 4000 Pro Small Form Factor PC Not affected 05/03/2017
HP Compaq 6000 Pro All-in-One PC Not affected 05/03/2017
HP Compaq 6000 Pro Series Not affected 05/03/2017
HP Compaq 6005 Pro Ultra-Slim Desktop PC Not affected 05/03/2017
HP Compaq 6200 Pro Microtower PC Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP Compaq 6200 Pro Small Form Factor PC Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP Compaq 8000 Elite Series Not affected 05/03/2017
HP Compaq 8000f Elite Ultra-slim PC Not affected 05/03/2017
HP Compaq 8100 Elite Convertible Minitower PC Affected 6.2.61.3535 Now Available sp80104

Release Notes
05/12/2017
HP Compaq 8100 Elite Small Form Factor PC Affected 6.2.61.3535 Now Available sp80104

Release Notes
05/12/2017
HP Compaq 8200 Elite All-in-One PC Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP Compaq 8200 Elite Convertible Minitower PC Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP Compaq 8200 Elite Microtower PC Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP Compaq 8200 Elite Small Form Factor PC Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP Compaq 8200 Elite Ultra-slim PC Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP Compaq Elite 8300 All-in-One PC Affected 8.1.71.3608 Now Available sp80102

Release Notes
05/12/2017
HP Compaq Elite 8300 Convertible Minitower PC Affected 8.1.71.3608 Now Available sp80102

Release Notes
05/12/2017
HP Compaq Elite 8300 Microtower PC Affected 8.1.71.3608 Now Available sp80102

Release Notes
05/12/2017
HP Compaq Elite 8300 Small Form Factor PC Affected 8.1.71.3608 Now Available sp80102

Release Notes
05/12/2017
HP Compaq Elite 8300 Touch All-in-One PC Affected 8.1.71.3608 Now Available sp80102

Release Notes
05/12/2017
HP Compaq Elite 8300 Ultra-slim PC Affected 8.1.71.3608 Now Available sp80102

Release Notes
05/12/2017
HP Compaq Pro 6300 All-in-One PC Affected 8.1.71.3608 Now Available sp80102

Release Notes
05/12/2017
HP Compaq Pro 6300 Microtower PC Affected 8.1.71.3608 Now Available sp80102

Release Notes
05/12/2017
HP Compaq Pro 6300 Small Form Factor PC Affected 8.1.71.3608 Now Available sp80102

Release Notes
05/12/2017
HP Compaq Pro 6305 Microtower PC Not affected 05/03/2017
HP Compaq Pro 6305 Small Form Factor PC Not affected 05/03/2017
HP Elite Slice Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP EliteDesk 700 G1 Microtower PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP EliteDesk 700 G1 Small Form Factor PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP EliteDesk 705 G1 Desktop Mini PC Not affected 05/03/2017
HP EliteDesk 705 G1 Microtower PC Not affected 05/03/2017
HP EliteDesk 705 G1 Small Form Factor PC Not affected 05/03/2017
HP EliteDesk 705 G2 Desktop Mini PC Not affected 05/03/2017
HP EliteDesk 705 G2 Small Form Factor PC Not affected 05/03/2017
HP EliteDesk 705 G3 Desktop Mini PC Not affected 05/03/2017
HP EliteDesk 705 G3 Microtower PC Not affected 05/03/2017
HP EliteDesk 705 G3 Small Form Factor PC Not affected 05/03/2017
HP EliteDesk 800 35W G2 Desktop Mini PC Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP EliteDesk 800 35W G3 Desktop Mini PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP EliteDesk 800 65W G2 Desktop Mini PC Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP EliteDesk 800 65W G3 Desktop Mini PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP EliteDesk 800 G1 Desktop Mini PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP EliteDesk 800 G1 Small Form Factor PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP EliteDesk 800 G1 Tower PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP EliteDesk 800 G1 Ultra-slim PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP EliteDesk 800 G2 Small Form Factor PC Affected 11.0.22.3001 Now Available sp80347

Release Notes
05/19/2017
HP EliteDesk 800 G2 Tower PC Affected 11.0.22.3001 Now Available sp80347

Release Notes
05/19/2017
HP EliteDesk 800 G3 Tower PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP EliteDesk 800 G3 Small Form Factor PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP EliteDesk 880 G1 Tower PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP EliteDesk 880 G2 Tower PC Affected 11.0.22.3001 Now Available sp80347

Release Notes
05/19/2017
HP EliteDesk 880 G3 Tower PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP EliteOne 705 G1 21-inch Non-Touch All-in-One PC Not affected 05/03/2017
HP EliteOne 705 G2 23-inch Touch All-in-One PC Not affected 05/03/2017
HP EliteOne 800 G1 21.5-inch Non-Touch All-in-One PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP EliteOne 800 G1 All-in-One PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP EliteOne 800 G2 23-inch Non-Touch All-in-One PC Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP EliteOne 800 G2 23-inch Touch All-in-One PC Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP EliteOne 800 G3 23.8-inch Non-Touch All-in-One PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP EliteOne 800 G3 23.8-inch Touch All-in-One PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP MP6 Digital Signage Player Affected 8.1.71.3608 Now Available sp80102

Release Notes
05/12/2017
HP MP9 G2 Retail System Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP MP9 Retail System Model 9000 Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP MultiSeat ms6200 Desktop Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP Pro 3500 G2 Microtower PC Not affected 05/03/2017
HP ProDesk 400 G1 Desktop Mini PC Not affected 05/03/2017
HP ProDesk 400 G1 Microtower PC Not affected 05/03/2017
HP ProDesk 400 G1 Small Form Factor PC Not affected 05/03/2017
HP ProDesk 400 G2 Desktop Mini PC Not affected 05/03/2017
HP ProDesk 400 G2 Microtower PC Not affected 05/03/2017
HP ProDesk 400 G3 Desktop Mini PC Not affected 05/03/2017
HP ProDesk 400 G3 Microtower PC Not affected 05/03/2017
HP ProDesk 400 G3 Small Form Factor PC Not affected 05/03/2017
HP ProDesk 400 G4 Microtower PC Not affected 05/03/2017
HP ProDesk 400 G4 Small Form Factor PC Not affected 05/03/2017
HP ProDesk 405 G1 Microtower PC Not affected 05/03/2017
HP ProDesk 405 G2 Microtower PC Not affected 05/03/2017
HP ProDesk 480 G1 Microtower PC Not affected 05/03/2017
HP ProDesk 480 G2 Microtower PC Not affected 05/03/2017
HP ProDesk 480 G3 Microtower PC Not affected 05/03/2017
HP ProDesk 480 G4 Microtower PC Not affected 05/03/2017
HP ProDesk 485 G1 Microtower PC Not affected 05/03/2017
HP ProDesk 485 G2 Microtower PC Not affected 05/03/2017
HP ProDesk 490 G1 Mictotower PC Not affected 05/03/2017
HP ProDesk 490 G2 Microtower PC Not affected 05/03/2017
HP ProDesk 490 G3 Microtower Not affected 05/03/2017
HP ProDesk 498 G1 Microtower PC Not affected 05/03/2017
HP ProDesk 498 G2 Microtower PC Not affected 05/03/2017
HP ProDesk 498 G3 Microtower Not affected 05/03/2017
HP ProDesk 600 G1 Desktop Mini PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP ProDesk 600 G1 Small Form Factor PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP ProDesk 600 G1 Tower PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP ProDesk 600 G2 Desktop Mini PC Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP ProDesk 600 G2 Microtower PC Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP ProDesk 600 G2 Small Form Factor PC Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP ProDesk 600 G3 Desktop Mini PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP ProDesk 600 G3 Microtower PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP ProDesk 600 G3 Small Form Factor PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP ProDesk 680 G1 Tower PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP ProDesk 680 G2 Microtower PC Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP ProDesk 680 G3 Microtower PC Affected 11.6.12.3202 Now Available sp80169

Release Notes
05/09/2017
HP ProOne 400 G1 19.5-inch Non-Touch All-in-One Not affected 05/03/2017
HP ProOne 400 G1 21.5-inch Touch All-in-One Not affected 05/03/2017
HP ProOne 400 G1 23-inch Non-Touch All-in-One Not affected 05/03/2017
HP ProOne 400 G2 20-inch Non-Touch All-in-One PC Not affected 05/03/2017
HP ProOne 400 G2 20-inch Touch All-in-One PC Not affected 05/03/2017
HP ProOne 460 G2 20-inch Non-Touch All-in-One PC Not affected 05/03/2017
HP ProOne 480 G2 20-inch Non-Touch All-in-One PC Not affected 05/03/2017
HP ProOne 600 G1 All-in-One PC Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HP ProOne 600 G2 21.5-inch Non-Touch All-in-One PC Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP ProOne 600 G2 21.5-inch Touch All-in-One PC Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP RP2 Retail System Model 2000 Not affected 05/03/2017
HP RP2 Retail System Model 2020 Not affected 05/03/2017
HP RP2 Retail System Model 2030 Not affected 05/03/2017
HP RP3 Retail System Model 3100 Not affected 05/03/2017
HP RP5 Retail System Model 5810 Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017
HHP rp5800 Retail System Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP RP7 Retail System Model 7800 Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP RP7 Retail System Model 7100 Not affected 05/03/2017
HP RP9 G1 AiO Retail System Model 9015 Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP RP9 G1 AiO Retail System Model 9018 Affected 11.0.18.3003 Now Available sp80346

Release Notes
05/19/2017
HP SignagePlayer mp8200 Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP SignagePlayer mp8200s Affected 7.1.91.3272 Now Available sp80103

Release Notes
05/12/2017
HP t420 Flexible Thin Client Not affected 05/03/2017
HP t520 Flexible Thin Client Not affected 05/03/2017
HP t530 Flexible Thin Client Not affected 05/03/2017
HP t610 Flexible Thin Client Not affected 05/03/2017
HP t610 PLUS Flexible Thin Client Not affected 05/03/2017
HP t620 Flexible Thin Client Not affected 05/03/2017
HP t628 Flexible Thin Client Not affected 05/03/2017
HP t630 Flexible Thin Client Not affected 05/03/2017
HP t730 Flexible Thin Client Not affected 05/03/2017
HP t820 Flexible Thin Client Affected 9.1.41.3024 Now Available sp80100

Release Notes
05/12/2017

Desktop Workstations

Stations de travail fixes


Produit Impact ME FW (Management Engine Firmware) minimum requis pour le correctif Date cible disponible N° du softpaq / Lien de téléchargement Dernière mise à jour
HP Z1 Workstation Affected 7.1.91.3272 Now available sp80506

Release Notes
05/30/2017
HP Z1 Workstation Affected 7.1.91.3272 Now available sp80507 (Linux)

Release Notes
05/30/2017
HP Z1 Workstation Affected 8.1.71.3608 Now available sp80089

Release Notes
05/08/2017
HP Z1 Workstation Affected 8.1.71.3608 Now available sp80151 (Linux)

Release Notes
10/05/2017
HP Z1 G2 Workstation Affected 9.1.41.3024 Now available sp80087

Release Notes
05/08/2017
HP Z1 G2 Workstation Affected 9.1.41.3024 Now available sp80150 (Linux)

Release Notes
10/05/2017
HP Z1 G3 Workstation Affected 11.6.27.3264 Now available sp79976

Release Notes
05/05/2017
HP Z1 G3 Workstation Affected 11.6.27.3264 Now available sp80094 (Linux)

Release Notes
5/12/2017
HP Z2 Mini G3 Workstation Affected 11.6.27.3264 Now available sp79976

Release Notes
05/05/2017
HP Z2 Mini G3 Workstation Affected 11.6.27.3264 Now available sp80094 (Linux)

Release Notes
5/12/2017
HP Z200 Workstation Affected 6.2.61.3535 Now available sp80262

Release Notes
5/15/2017
HP Z200 Workstation Affected 6.2.61.3535 Now available sp80261 (Linux)

Release Notes
5/15/2017
HP Z200 Workstation SFF Affected 6.2.61.3535 Now available sp80262

Release Notes
5/15/2017
HP Z200 Workstation SFF Affected 6.2.61.3535 Now available sp80261 (Linux)

Release Notes
5/15/2017
HP Z210 Convertible Minitower Workstation Affected 7.1.91.3272 Now available sp80092

Release Notes
05/08/2017
HP Z210 Convertible Minitower Workstation Affected 7.1.91.3272 Now available sp80153 (Linux)

Release Notes
5/12/2017
HP Z210 Small Form Factor Workstation Affected 7.1.91.3272 Now available sp80092

Release Notes
05/08/2017
HP Z210 Small Form Factor Workstation Affected 7.1.91.3272 Now available sp80153 (Linux)

Release Notes
5/12/2017
HP Z220 CMT Workstation Affected 8.1.71.3608 Now available sp80089

Release Notes
05/08/2017
HP Z220 CMT Workstation Affected 8.1.71.3608 Now available sp80151 (Linux)

Release Notes
10/05/2017
HP Z220 SFF Workstation Affected 8.1.71.3608 Now available sp80089

Release Notes
05/08/2017
HP Z220 SFF Workstation Affected 8.1.71.3608 Now available sp80151 (Linux)

Release Notes
10/05/2017
HP Z228 Microtower Workstation Affected 9.1.41.3024 Now available sp80087

Release Notes
05/08/2017
HP Z228 Microtower Workstation Affected 9.1.41.3024 Now available sp80150 (Linux)

Release Notes
10/05/2017
HP Z230 MT Workstation Affected 9.1.41.3024 Now available sp80087

Release Notes
05/08/2017
HP Z230 MT Workstation Affected 9.1.41.3024 Now available sp80150 (Linux)

Release Notes
10/05/2017
HP Z230 SFF Workstation Affected 9.1.41.3024 Now available sp80087

Release Notes
05/08/2017
HP Z230 SFF Workstation Affected 9.1.41.3024 Now available sp80150 (Linux)

Release Notes
10/05/2017
HP Z238 Microtower Workstation Affected 11.6.27.3264 Now available sp79976

Release Notes
05/05/2017
HP Z238 Microtower Workstation Affected 11.6.27.3264 Now available sp80094 (Linux)

Release Notes
05/12/2017
HP Z240 SFF Workstation Affected 11.6.27.3264 Now available sp79976

Release Notes
05/05/2017
HP Z240 SFF Workstation Affected 11.6.27.3264 Now available sp80094 (Linux)

Release Notes
05/12/2017
HP Z240 Tower Workstation Affected 11.6.27.3264 Now available sp79976

Release Notes
05/08/2017
HP Z240 Tower Workstation Affected 11.6.27.3264 Now available sp80094 (Linux)

Release Notes
05/12/2017
HP Z400 Workstation Not affected 05/09/2017
HP Z420 Workstation (J61 v1.xx) Affected 7.1.91.3272 Now available sp80091

Release Notes
05/08/2017
HP Z420 Workstation (J61 v1.xx) Affected 7.1.91.3272 Now available sp80154 (Linux)

Release Notes
10/05/2017
HP Z420 Workstation (J61 v2.xx, v3.xx) Affected 8.1.71.3608 Now available sp80090

Release Notes
05/08/2017
HP Z420 Workstation (J61 v2.xx, v3.xx) Affected 8.1.71.3608 Now available sp80152 (Linux)

Release Notes
05/12/2017
HP Z440 Workstation Affected 9.1.41.3024 Now available sp80050

Release Notes
05/08/2017
HP Z440 Workstation Affected 9.1.41.3024 Now available sp80149 (Linux)

Release Notes
10/05/2017
HP Z600 Workstation Not affected 05/09/2017
HP Z620 Workstation (J61 v1.xx) Affected 7.1.91.3272 Now available sp80091

Release Notes
05/08/2017
HP Z620 Workstation (J61 v1.xx) Affected 7.1.91.3272 Now available sp80154 (Linux)

Release Notes
10/05/2017
HP Z620 Workstation (J61 v2.xx, v3.xx) Affected 8.1.71.3608 Now available sp80090

Release Notes
05/08/2017
HP Z620 Workstation (J61 v2.xx, v3.xx) Affected 8.1.71.3608 Now available sp80152 (Linux)

Release Notes
05/12/2017
HP Z640 Workstation Affected 9.1.41.3024 Now available sp80050

Release Notes
05/08/2017
HP Z640 Workstation Affected 9.1.41.3024 Now available sp80149 (Linux)

Release Notes
10/05/2017
HP Z800 Workstation Not affected 05/09/2017
HP Z820 Workstation (J63 v1.xx) Affected 7.1.91.3272 Now available sp80091

Release Notes
05/08/2017
HP Z820 Workstation (J63 v1.xx) Affected 7.1.91.3272 Now available sp80154 (Linux)

Release Notes
10/05/2017
HP Z820 Workstation (J63 v2.xx, v3.xx) Affected 8.1.71.3608 Now available sp80090

Release Notes
05/08/2017
HP Z820 Workstation (J63 v2.xx, v3.xx) Affected 8.1.71.3608 Now available sp80152 (Linux)

Release Notes
05/12/2017
HP Z840 Workstation Affected 9.1.41.3024 Now available sp80050

Release Notes
05/08/2017
HP Z840 Workstation Affected 9.1.41.3024 Now available sp80149 (Linux)

Release Notes
10/05/2017

Commercial Notebooks

Ordinateurs portables professionnels, stations de travail mobiles et clients l stat mobiles


Produit Impact ME FW (Management Engine Firmware) minimum requis pour le correctif Date cible disponible N° du softpaq / Lien de téléchargement Dernière mise à jour
HP 6360t Mobile Thin Client Affected 9.1.41.3024 Now Available sp80139

Release Notes
05/12/2017
HP Elite x2 1011 G1 Tablet Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP Elite x2 1012 G1 Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP EliteBook 1040 G2 Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP EliteBook 2170p Affected 8.1.71.3608 Now Available sp80195

Release Notes
05/12/2017
HP EliteBook 2540p Affected 6.2.61.3535 Now Available sp80146

Release Notes
05/12/2017
HP EliteBook 2560p Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP EliteBook 2570p Affected 8.1.71.3608 Now Available sp80195

Release Notes
05/12/2017
HP EliteBook 2740p Affected 6.2.61.3535 Now Available sp80146

Release Notes
05/12/2017
HP EliteBook 2760p Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP EliteBook 720 G1 Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP EliteBook 720 G2 Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP EliteBook 725 G2 Not affected 05/03/2017
HP EliteBook 725 G3 Not affected 05/03/2017
HP EliteBook 725 G4 Not affected 05/03/2017
HP EliteBook 740 G1 Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP EliteBook 740 G2 Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP EliteBook 745 G2 Not affected 05/03/2017
HP EliteBook 745 G3 Not affected 05/03/2017
HP EliteBook 745 G4 Not affected 05/03/2017
HP EliteBook 750 G1 Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP EliteBook 750 G2 Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP EliteBook 755 G2 Not affected 05/03/2017
HP EliteBook 755 G3 Not affected 05/03/2017
HP EliteBook 755 G4 Not affected 05/03/2017
HP EliteBook 820 G1 Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP EliteBook 820 G2 Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP EliteBook 820 G3 Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP EliteBook 820 G4 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/12/2017
HP EliteBook 828 G3 Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP EliteBook 828 G4 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/09/2017
HP EliteBook 840 G1 Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP EliteBook 840 G2 Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP EliteBook 840 G3 Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP Elitebook 840 G4 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/09/2017
HP EliteBook 8440p Affected 6.2.61.3535 Now Available sp80146

Release Notes
05/12/2017
HP EliteBook 8440w Mobile Workstation Affected 6.2.61.3535 Now Available sp80146

Release Notes
05/12/2017
HP EliteBook 8460p Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP EliteBook 8460w Mobile Workstation Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP EliteBook 8470p Affected 8.1.71.3608 Now Available sp80195

Release Notes
05/12/2017
HP EliteBook 8470w Mobile Workstation Affected 8.1.71.3608 Now Available sp80195

Release Notes
05/12/2017
HP EliteBook 848 G3 Affected 11.0.18.3003 Now Available sp80174

Release Notes
05/09/2017
HP EliteBook 848 G4 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/12/2017
HP EliteBook 850 G1 Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP EliteBook 850 G2 Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP EliteBook 850 G3 Notebook PC Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP EliteBook 8540p Affected 6.2.61.3535 Now Available sp80146

Release Notes
05/12/2017
HP EliteBook 8540w Mobile Workstation Affected 6.2.61.3535 Now Available sp80146

Release Notes
05/12/2017
HP EliteBook 8560p Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP EliteBook 8560w Mobile Workstation Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP EliteBook 8570p Affected 8.1.71.3608 Now Available sp80195

Release Notes
05/12/2017
HP EliteBook 8570w Mobile Workstation Affected 8.1.71.3608 Now Available sp80195

Release Notes
05/12/2017
HP EliteBook 8740w Mobile Workstation Affected 6.2.61.3535 Now Available sp80146

Release Notes
05/12/2017
HP EliteBook 8760w Mobile Workstation Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP EliteBook 8770w Mobile Workstation Affected 8.1.71.3608 Now Available sp80195

Release Notes
05/12/2017
HP EliteBook Folio 1020 G1 Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP EliteBook Folio 1030 G1 Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP EliteBook Folio 1040 G1 Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP EliteBook Folio 1040 G3 Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP EliteBook Folio 9470m Affected 8.1.71.3608 Now Available sp80195

Release Notes
05/12/2017
HP EliteBook Folio 9480m Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP EliteBook Folio G1 Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP EliteBook Revolve 810 Affected Now Available sp80195

Release Notes
05/12/2017
HP EliteBook Revolve 810 G2 Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP EliteBook Revolve 810 G3 Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP EliteBook x360 1030 G2 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/12/2017
HP mt42 Mobile Thin Client Not affected 05/05/2017
HP mt43 Mobile Thin Client Not affected 05/05/2017
HP Omni 10 Not affected 05/05/2017
HP Pro Tablet 610 G1 Not affected 05/05/2017
HP ElitePad 1000 G2 Not affected 05/03/2017
HP ElitePad 900 Not affected 05/03/2017
HP mt40 Mobile Thin Client Not affected 05/03/2017
HP mt41 Mobile Thin Client Not affected 05/03/2017
HP Pro Tablet 608 G1 Not affected 05/03/2017
HP Pro X2 612 G2 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/12/2017
HP ProBook 11 EE G1 Not affected 05/03/2017
HP ProBook 11 EE G2 Not affected 05/03/2017
HP ProBook 4230s Not affected 05/03/2017
HP ProBook 430 G1 Not affected 05/03/2017
HP ProBook 430 G2 Not affected 05/03/2017
HP ProBook 430 G3 Not affected 05/03/2017
HP ProBook 430 G4 Not affected 05/03/2017
HP ProBook 4330s Not affected 05/03/2017
HP ProBook 4331s Not affected 05/03/2017
HP ProBook 4340s Not affected 05/03/2017
HP ProBook 4341s Not affected 05/03/2017
HP ProBook 440 G0 Not affected 05/03/2017
HP ProBook 440 G1 Not affected 05/03/2017
HP ProBook 440 G2 Not affected 05/03/2017
HP ProBook 440 G3 Not affected 05/03/2017
HP ProBook 440 G4 Not affected 05/03/2017
HP ProBook 4430s Not affected 05/03/2017
HP ProBook 4431s Not affected 05/03/2017
HP ProBook 4435s Not affected 05/03/2017
HP ProBook 4436s Not affected 05/03/2017
HP ProBook 4440s Not affected 05/03/2017
HP ProBook 4441s Not affected 05/03/2017
HP ProBook 4445s Not affected 05/03/2017
HP ProBook 4446s Not affected 05/03/2017
HP ProBook 445 G1 Not affected 05/03/2017
HP ProBook 445 G2 Not affected 05/03/2017
HP ProBook 446 G3 Not affected 05/03/2017
HP ProBook 450 G0 Not affected 05/03/2017
HP ProBook 450 G1 Not affected 05/03/2017
HP ProBook 450 G2 Not affected 05/03/2017
HP ProBook 450 G3 Not affected 05/03/2017
HP ProBook 450 G4 Not affected 05/03/2017
HP ProBook 4530s Not affected 05/03/2017
HP ProBook 4535s Not affected 05/03/2017
HP ProBook 4540s Not affected 05/03/2017
HP ProBook 4545s Not affected 05/03/2017
HP ProBook 455 G1 Not affected 05/03/2017
HP ProBook 455 G2 Not affected 05/03/2017
HP ProBook 455 G3 Not affected 05/03/2017
HP ProBook 455 G4 Not affected 05/03/2017
HP ProBook 470 G0 Not affected 05/03/2017
HP ProBook 470 G1 Not affected 05/03/2017
HP ProBook 470 G2 Not affected 05/03/2017
HP ProBook 470 G3 Not affected 05/03/2017
HP ProBook 470 G4 Not affected 05/03/2017
HP ProBook 4730s Not affected 05/03/2017
HP ProBook 4740s Not affected 05/03/2017
HP ProBook 5330m Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP ProBook 6360b Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP ProBook 640 G1 Affected 9.1.41.3024 Now Available sp80139

Release Notes
05/12/2017
HP ProBook 640 G2 Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP ProBook 640 G3 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/12/2017
HP ProBook 645 G1 Not affected 05/03/2017
HP ProBook 645 G2 Not affected 05/03/2017
HP ProBook 645 G3 Not affected 05/03/2017
HP ProBook 6450b Affected 6.2.61.3535 Now Available sp80146

Release Notes
05/12/2017
HP ProBook 6460b Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP ProBook 6465b Not affected 05/03/2017
HP ProBook 6470b Affected 8.1.71.3608 Now Available sp80195

Release Notes
05/12/2017
HP Probook 6475b Not affected 05/03/2017
HP ProBook 650 G1 Affected 9.1.41.3024 Now Available sp80139

Release Notes
05/12/2017
HP ProBook 650 G2 Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP ProBook 650 G3 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/12/2017
HP EliteBook 850 G4 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/09/2017
HP ProBook 655 G1 Not affected 05/03/2017
HP ProBook 655 G2 Not affected 05/03/2017
HP ProBook 655 G3 Not affected 05/03/2017
HP ProBook 6550b Affected 6.2.61.3535 Now Available sp80146

Release Notes
05/12/2017
HP ProBook 6560b Affected 7.1.91.3272 Now Available sp80144

Release Notes
05/12/2017
HP ProBook 6565b Not affected 05/03/2017
HP ProBook 6570b Affected 8.1.71.3608 Now Available sp80195

Release Notes
05/12/2017
HP ProBook X2 612 G1 Tablet Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP ProBook x360 11 G1 Not affected 05/03/2017
HP Spectre Pro x360 G1 Convertible PC Affected 10.0.55.3000 Now Available sp80275

Release Notes
05/18/2017
HP Spectre Pro x360 G2 Convertible PC Affected 11.0.25.3001 Now Available Sp80276

Release Notes
05/18/2017
HP ZBook 14 G2 Mobile Workstation Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP ZBook 14 Mobile Workstation Affected 9.5.61.3012 Now Available sp80145

Release Notes
05/12/2017
HP ZBook 15 G2 Mobile Workstation Affected 9.1.41.3024 Now Available sp80139

Release Notes
05/12/2017
HP ZBook 15 G3 Mobile Workstation Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP ZBook 15 G4 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/09/2017
HP ZBook 17 G4 Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/09/2017
HP ZBook 15 Mobile Workstation Affected 9.1.41.3024 Now Available sp80139

Release Notes
05/12/2017
HP ZBook 15u G2 Mobile Workstation Affected 10.0.55.3000 Now Available sp80099

Release Notes
05/12/2017
HP ZBook 15u G3 Mobile Workstation Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP ZBook 15u G4 Mobile Workstation Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/09/2017
HP ZBook 17 G2 Mobile Workstation Affected 9.1.41.3024 Now Available sp80139

Release Notes
05/12/2017
HP ZBook 17 G3 Mobile Workstation Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP ZBook 17 Mobile Workstation Affected 9.1.41.3024 Now Available sp80139

Release Notes
05/12/2017
HP ZBook Studio G3 Mobile Workstation Affected 11.0.18.3003 Now Available sp80341

Release Notes
05/19/2017
HP ZBook Studio G4 Mobile Workstation Affected 11.6.12.3202 Now Available sp80247

Release Notes
05/09/2017
HP ProBook 430 G4 (vPro) Affected 11.6.12.3202 Now Available sp80245

Release Notes
05/09/2017

Les procédures de gestion des systèmes et des processus de sécurité doivent être consultées régulièrement pour garantir l'intégrité des systèmes. HP améliore constamment les fonctions de sécurité des produits logiciels pour offrir des solutions à jour en termes de sécurité.


« HP diffuse largement ce bulletin de sécurité afin d'attirer l'attention des utilisateurs sur les produits HP concernés par les informations de sécurité contenues dans ce bulletin. HP recommande à tous les utilisateurs de déterminer l'applicabilité de ces informations selon leur situation et de prendre les mesures appropriées. HP ne garantit pas l'exactitude et l'exhaustivité de ces informations pour toutes les situations d'utilisateurs et, en conséquence, HP ne saurait, dans les limites prévues par la loi, être tenue responsable de tout dommage résultant de l'utilisation ou du non-respect des informations fournies dans ce bulletin. De même, sous réserve des lois et réglementations applicables, HP décline toute garantie, expresse ou implicite, dont les garanties de valeur marchande et d'adaptation à un usage ou objectif spécifique, de droit de propriété ou de non-contrefaçon. »


HISTORIQUE DE RÉVISION Version 8 - 5/13/2017


Correctifs de sécurité tiers : Les correctifs de sécurité tiers à installer sur les systèmes exécutant les logiciels HP doivent être appliqués conformément à la politique de gestion des correctifs du client.


Assistance : Pour toute question relative à la mise en œuvre des recommandations présentées dans le présent Bulletin de sécurité, contactez les services d'assistance HP par le biais habituel. Pour toute autre question concernant le contenu de ce bulletin de sécurité, envoyez vos questions par e-mail à l'adresse hp-security-alert@hp.com


Rapport Pour faire part d'une faille de sécurité potentielle liée à un produit pris en charge par HP, envoyez un e-mail à l'adresse : hp­security­alert@hp.com


Abonnement : Pour vous abonner et recevoir les prochains bulletins de sécurité HP par e-mail, visitez la page https://h41369.www4.hp.com/alerts-signup.php?lang=en&cc=US&jumpid=hpsc_profile


Catégorie de logiciel : La catégorie de logiciel est représentée dans le titre, par les deux caractères suivant les lettres HPSB.


  • PI = Impression et traitement d’image HP
  • HF = Matériel et micrologiciel HP
  • ST = Logiciel de stockage HP
  • GN = Logiciel général HP

Assistance : Pour plus d'informations, contactez les services d'assistance HP par le biais habituel.


Rapport : Pour faire part d'une faille de sécurité potentielle détectée dans un produit pris en charge par HP, envoyez un e-mail à l'adresse : hp-security-alert@hp.com


Il est fortement recommandé d’utiliser le chiffrement PGP de toute information relative à la sécurité transmise à HP, notamment s'il s'agit d'informations d'exploitation.


Pour obtenir la clé PGP d'alerte de sécurité, envoyez un e-mail comme suit :


À: hp-security-alert@hp.com


Objet : Demande de clé


© Copyright 2017 HP Development Company, L.P.


HP Inc. décline toute responsabilité en cas d’erreurs ou d’omissions de nature technique ou rédactionnelle dans le présent document. Les informations sont fournies « en l'état », sans aucune garantie. Dans les limites autorisées par la loi, HP, ses affiliés, sous-traitants ou fournisseurs ne sauraient être tenus responsables de tout dommage accidentel, spécial ou conséquent, dont les frais liés aux temps d'arrêt, à la perte de profits, de dommages liés à la fourniture de services ou de produits d'échange, ou encore de dommages liés à des pertes de données ou une restauration logicielle. Les informations contenues dans le présent document peuvent être modifiées sans préavis. HP Inc. et les noms des produits HP référencés ici sont des marques déposées de HP Inc. aux États-Unis et dans d'autres pays. Tous les produits mentionnés dans le présent document peuvent être des marques et/ou des marques déposées de leurs sociétés respectives.


Retour au début