PDQ.com mobilePDQ.com desktop
Support
general-blog-image-01

Intel Processor Identification Utility Vulnerability Fix

Kris PowellKris Powell
·

Intel recently fixed a vulnerability with the Intel Processor Identification Utility (advisory here). You may not think this software is on your network, but are you certain? With PDQ Inventory you can be certain! 

Find all installs of Intel Processor Identification Utility with PDQ Inventory

Let's scan for all applications installed on all our machines using PDQ Inventory. We’re looking for the Intel Processor Identification Utility. We’ll make a dynamic collection to identify which machines have that utility installed. We will also be looking for versions of that utility below a threshold.

Intel-Process-Identifcation-Utility-Dynamic-Collection

In this image, I'm looking for any machines that have the following attributes:

  • An application that matches

    Intel* Processor Identification Utility

    • I'm using a wildcard here since the install application use the trademark symbol in the name.

  • AND has a version less than

    6.1.0731

Now that we've identified the machines with the vulnerable version of the Utility, we're going to use PDQ Deploy to update them.

Updating Intel Processor Identification Utility with PDQ Deploy

As with most software, we could choose to update each machine on a manual basis (like an animal).  

Instead, we're going to create a PDQ Deploy package to deploy the software update to all affected machines. 

Upon investigating the Intel Processor Identification Utility, I noticed that it appears to be a bundled MSI file. 

I tried running the application with the /? Switch.

Intel-Processor-Identification-Utility-Options

Seeing that it took MSI options , I figured that I'd be able to use the options that we'd generally use with MSI files to get them installed silently.

With that in mind, I built a simple package with a single Install Step.

Install-Intel-Processor-Identification-Utility-Package

Using this package, I was able to install or update the Intel Processor Identification Utility software. 

With the PDQ Inventory dynamic collection, I'm able to target the machines that need to update the software using PDQ Deploy. 

Note: Old versions of the Intel Processor Identification Utility do not appear to update, so you'll likely need to uninstall those.

Wrapping Up

Since PDQ Inventory and PDQ Deploy can assist with identifying and patching, we can react faster to security advisories. No sweat.  

Now that we've got everything patched, we're going to have to figure out what to do with all this free time!  As for me, it's time for a nap!

Don't miss the next post!

How PowerShell can calculate your retirement

How PowerShell can track 401K growth

In this blog, I use PowerShell to focus and build a 401k calculator because its tax advantages make it ideal to build your retirement nest egg.

PowerShell