SINIT AC Modules

SINIT AC Modules

I've been trying to find the correct SINIT AC module to pair with a HP 8100 Elite Desktop (Q57 chipset).I found that the olderi5_i7_DUAL_SINIT_18.BIN module works with the machine but the newer v51 modules do not (i7_QUAD-SINIT_51.BIN ori5_i7_DUAL-SINIT_51.BIN).
Has anyone else run into this issue?

4 posts / 0 new
Last post
For more complete information about compiler optimizations, see our Optimization Notice.

Well, the ...51.BIN has a security vulnerability fixed.. It doesn't look like HP has posted an update BIOS that goes along with the new BIN files - you may want to ask them about it. Intel is not aware of active use of the vulnerability described in this advisory, Intel has made updated SINIT Authenticated Code Modules (ACMs) available at mitigate this issue. If your BIOS includes an SINIT ACM, which is more common for Intel TXT server platforms, a BIOS update that includes the updated SINIT ACM should be installed; please contact your platform OEM. Intel is also providing microcode updates, which will revoke vulnerable SINIT ACMs by causing GETSEC[SENTER] to fail. The BIOS update that contains the new microcode patch should be installed on all affected systems. Note that prior to installing the microcode update, an updated SINIT ACM must be installed to launch your Intel TXT enabled software. Contact your solutions provider or IntelTXT software vendor if your IntelTXT environment fails to launch and to determine how to update your software with the new SINIT ACM. Intel highly recommends that these updates be applied to mitigate this issue.

If SINIT and Microcode updates for your TXT-capable platform are not immediately available Intel recommends you take the following actions to protect your platform:If IntelTXT is disabled you are not affected by this issue.

If you are not actively running IntelTXT disable it in the BIOS.Consult your owners manual for instructions on how to disable Intel TXT in BIOS.Once you have confirmed that Intel TXT is disabled on your system, you should:
oMaintain control of your computing environment. Administrative access, like Ring 0 in a typical operating system, is required to implement this attack.
oApply all patches and security updates for your operating system and applications.
oEnsure that security utilities such as firewalls, antivirus, etcetera are kept current with updates.

Hey John7944 - did you have any further questions reqarding these bin files? If not, I'll close this issue.

No other questions about SINIT. Thank you for the help.

Leave a Comment

Please sign in to add a comment. Not a member? Join today