This is your "1904" one. 196KB.
https://www.catalog.update.microsoft.com/Search.aspx?q=intel%20system%201%2F21%2F2019%201904.12.0.1208
; File Name: heci.inf
; Install information file for TeeDriver Driver
[TEE_DDI_W10.Services]
AddService = MEI, %FLG_ADDREG_NOCLOBBER%, TEE_Service_W10, win10_32.EventLog
ServiceBinary = TeeDriverW8x64.sys # [Covers Win8 and Win10]
# 2019-02-07 01:11
TEE_DeviceDesc = "Intel(R) Management Engine Interface "
TEE_SvcDesc = "Intel(R) Management Engine Interface "
*******
As for what it might potentially do, it's probably already
installed, and this is just an update. About all I can find
right away, is a bilge article like this.
https://en.wikipedia.org/wiki/Host_Embedded_Controller_Interface
The Management Engine is largely uncontrollable by the user. I
want to see a jumper on the motherboard, that could be used to
disable it, and prevent shenanigans. Instead, you just get
bullshit from Intel, such as a tray readout claiming "well, it
might be disabled, but it's software so who really knows".
The Management Engine is a microcontroller (could be in the PCH
aka Southbridge), that provides a means for operations to "burrow into"
a computer from the network. It relies on the motherboard having
an Intel NIC with a special property - the NIC is "dual head", and
packets can be defined, such that they go to the Management Engine
without the OS knowing. It's because of this, you can remotely
boot a Management Engine computing product, even if it's crashed.
A typical scenario, is a Dell Business laptop is plugged into the
network, and the power is off (the laptop is in S5). All of a
sudden, the business laptop "spring to life" and the IT department
pushes out a software update. The laptop promptly goes to
sleep later. At one time, Intel had promised to add this
tech into the Wifi path as well, so in some year, the products
would have the additional function of over-the-air Wifi updates
when the computer was otherwise shutdown.
On a mobile system such as a laptop, the WOL has to be enabled
(NIC has core power or Wifi has core power and MAC processing
is operational), and then the management engine can do its thing.
Researchers have determined the embedded controller runs Minux.
https://en.wikipedia.org/wiki/MINIX
The BIOS chip has multiple code images inside. On a Management Engine
product, such as a Dell Business laptop, maybe there's a 4MB
flash module in the BIOS chip, which the Management Engine loads
and that's where the Minux comes in.
And in all of that, there's no "guaranteed OFF button", as
there's some mechanism where the Management Engine could be
used as an anti-theft solution.
There have been exploits for this interface, which is why
this is just so much "trailing slime" in terms of unnecessary
featuritis.
My newest computer has all the infrastructure for this, but
the BIOS module is missing. (I.e. There *is* a BIOS module,
but it's a null one of some sort. Or at least we think it's
null and cannot harm anyone, but who can be sure when your
hardware has an "attack surface" sitting there 24 hours a day?)
*******
Now, the Dell package is different, as it's 90MB in size.
That's more than just a 196KB TEEdriver, that's the whole
package of stuff you might not necessarily want.
It's likely related to the Windows Update one, but the Dell
one contains the higher level packages.
I got a similar one, which was 50MB, for my newest system.
But it contained *three* pieces of software, of which
*two* of them *did not belong on the computer*. I promptly
uninstalled the little fucker, because Intel had the nerve
to *break Firefox* with their nonsense. Such is the
paternal Father Intel, looking out for my wellbeing,
by breaking my browser (if you were downloading a file,
the download would mysteriously fail as the last byte came
in - clever...). So if any fat-assed 50MB+ updates
come in, I won't be taking them, because I've "been there
and bought the Tshirt". And there won't be any repeat
performances.
You see, at the time, the jumbo package was "recommended as
a way to solve the Device Manager HECI blemish". Now, instead,
we have the Windows Update one, which will put in that TEE
driver and remove the Device Manager blemish. You don't
need to install that Dell one necessarily. Or, if you
do decide you "love Dell", take your sweet time
analysing the package, to see if Intel has learned
any lessons. I see no reason to suspect Intel has
learned a damn thing since the last time :-(
Intel has made it harder to get to their forum, to
read discussion threads about some of this stuff. So one
lead I wanted to pursue, was thwarted by Intel with their
crafty "we'll just redirect you to a random meaningless
web page" shtick. Intel is going out of their way to make
friends.
Paul