Intel recently fixed a vulnerability with the Intel Processor Identification Utility (advisory here).
You may not think this software is on your network, but are you certain? With PDQ Inventory you can be certain!
Find all installs of Intel Processor Identification Utility with PDQ Inventory
Let’s scan for all applications installed on all our machines using PDQ Inventory. We’re looking for the Intel Processor Identification Utility. We’ll make a dynamic collection to identify which machines have that utility installed. We will also be looking for versions of that utility below a threshold.
In this image, I’m looking for any machines that have the following attributes:
- An application that matches Intel* Processor Identification Utility
I’m using a wildcard here since the install application use the trademark symbol in the name.
- AND has a version less than 6.1.0731
Now that we’ve identified the machines with the vulnerable version of the Utility, we’re going to use PDQ Deploy to update them.
Updating Intel Processor Identification Utility with PDQ Deploy
As with most software, we could choose to update each machine on a manual basis (like an animal).
Instead, we’re going to create a PDQ Deploy package to deploy the software update to all affected machines.
Upon investigating the Intel Processor Identification Utility, I noticed that it appears to be a bundled MSI file.
I tried running the application with the /? Switch.
Seeing that it took MSI options , I figured that I’d be able to use the options that we’d generally use with MSI files to get them installed silently.
With that in mind, I built a simple package with a single Install Step.
Using this package, I was able to install or update the Intel Processor Identification Utility software.
With the PDQ Inventory dynamic collection, I’m able to target the machines that need to update the software using PDQ Deploy.
Note: Old versions of the Intel Processor Identification Utility do not appear to update, so you’ll likely need to uninstall those.
Since PDQ Inventory and PDQ Deploy can assist with identifying and patching, we can react faster to security advisories. No sweat.
Now that we’ve got everything patched, we’re going to have to figure out what to do with all this free time! As for me, it’s time for a nap!