Intel Patches Vulnerabilities In Four Different Products

  • 121
  •  
  •  
  • 1
  •  
  •  
  •  
    122
    Shares

Alongside Adobe patches and Microsoft Patch Tuesday updates, Intel has also released security updates for different products patching vulnerabilities posing a threat to four different products.

Intel Patches Vulnerabilities With High-Severity Ratings

As disclosed by the vendors in their security advisories, Intel patches vulnerabilities in four different products this week.

The most serious security flaw among all four existed in Intel® Media SDK. Receiving a CVSS base score of 7.8, Intel marked this vulnerability (CVE-2018-18094) with high-severity. As described in their advisory, the flaw affected the Intel® Media SDK versions prior to 2018 R2.1. Upon exploit, this could allow privilege escalation to an authenticated attacker accessing locally.

Another high-severity flaw (CVE-2019-0163) that attained a CVSS base score of 7.5 existed in Intel NUC firmware. According to Intel’s advisory, an attacker gaining local access to the target system may gain multiple advantages by exploiting this flaw.

“Insufficient input validation in system firmware for Intel(R) Broadwell U i5 vPro before version MYBDWi5v.86A may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.”

The vendors recommend the users to upgrade their Intel® Broadwell U i5 vPro firmware to the patched version MYBDWi5v.86A or later.

Two Other Less Serious Flaws Also Fixed

Apart from the above two vulnerabilities, Intel has also patched two relatively less severe flaws in other products.

One of these is a medium-severity flaw (CVE-2019-0158) in Intel® Graphics Performance Analyzer for Linux. The flaw affected the software versions 18.4 and earlier, allowing escalation of privilege to a local attacker. As mentioned in their advisory, this flaw has received a CVSS base score of 6.7. Intel recommends the users to upgrade to the patched 2019 R1 release.

The other flaw marks a low-severity vulnerability with a CVSS base score of 3.8 in some Intel microprocessors. Intel describes in its advisory that exploiting the flaw (CVE-2019-0162) could to disclosure of information.

“Memory access in virtual memory mapping for some microprocessors may allow an authenticated user to potentially enable information disclosure via local access.”

To stay protected from potential exploits via this flaw, Intel advises the users to follow best practices. Intel, however, did not reveal any specific fix to mitigate this vulnerability.

In January as well, Intel patched numerous security flaws in different Intel products including three high-severity flaws.

Take your time to comment on this article.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!