Intel July Updates With Security Fixes Rolled-Out Amidst Patch Tuesday

The ‘Patch Tuesday’ no more remains confined to Microsoft now. Many other companies have also adapted it as a trend to release monthly updates on this event. This month too, Intel released its scheduled security patches for a couple of bugs. Here is a quick round-up of Intel July updates.

Intel July Updates Fix High-Severity Flaw

The vulnerability affected the Intel® Processor Diagnostic Tool. Upon exploit, this vulnerability could lead to various damaging situations. As stated in Intel’s advisory,

Improper access control in the Intel(R) Processor Diagnostic Tool before version 4.1.2.24 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.

Intel deemed the vulnerability (CVE-2019-11133) as a high-severity flaw where it received a CVSS base score of 8.2. They have fixed the flaw with the release of Intel® Processor Diagnostic Tool version 4.1.2.24 or later.

Besides, they also credited Eclypsium researcher Jesse Michael for highlighting the vulnerability.

Medium-Severity Bug Fix In SSD DC

Alongside the important vulnerability discussed above, Intel also patched a medium severity flaw affecting Intel Solid State Drives for Data Center. The vulnerability allegedly affected the Intel(R) SSD DC S4500 Series and S4600 Series, leading to an elevation of privilege upon an exploit.

As described in Intel’s advisory,

Improper authentication in firmware for Intel(R) SSD DC S4500 Series and Intel(R) SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access.

This medium severity flaw attained a CVSS base score of 5.3. Intel advises the users to ensure updating to the Intel® SSD DC S4500/S4600 Series firmware to SCV10150 or later to avoid any mishap.

This month’s Intel update package looks relatively smaller as compared to the previous month’s release.

Besides Intel, Microsoft and Adobe also rolled-out their Patch Tuesday updates for July this week.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients