Alongside Adobe patches and Microsoft Patch Tuesday updates, Intel has additionally launched safety updates for various merchandise patching vulnerabilities posing a menace to 4 totally different merchandise.
Intel Patches Vulnerabilities With Excessive-Severity Scores
As disclosed by the distributors of their safety advisories, Intel patches vulnerabilities in 4 totally different merchandise this week.
Probably the most critical safety flaw amongst all 4 existed in Intel® Media SDK. Receiving a CVSS base rating of seven.8, Intel marked this vulnerability (CVE-2018-18094) with high-severity. As described of their advisory, the flaw affected the Intel® Media SDK variations previous to 2018 R2.1. Upon exploit, this might permit privilege escalation to an authenticated attacker accessing domestically.
One other high-severity flaw (CVE-2019-0163) that attained a CVSS base rating of seven.5 existed in Intel NUC firmware. In keeping with Intel’s advisory, an attacker gaining native entry to the goal system could achieve a number of benefits by exploiting this flaw.
“Inadequate enter validation in system firmware for Intel(R) Broadwell U i5 vPro earlier than model MYBDWi5v.86A could permit an authenticated consumer to probably allow escalation of privilege, denial of service, and/or data disclosure by way of native entry.”
The distributors suggest the customers to improve their Intel® Broadwell U i5 vPro firmware to the patched model MYBDWi5v.86A or later.
Two Different Much less Critical Flaws Additionally Fastened
Aside from the above two vulnerabilities, Intel has additionally patched two comparatively much less extreme flaws in different merchandise.
Considered one of these is a medium-severity flaw (CVE-2019-0158) in Intel® Graphics Efficiency Analyzer for Linux. The flaw affected the software program variations 18.four and earlier, permitting escalation of privilege to an area attacker. As talked about of their advisory, this flaw has obtained a CVSS base rating of 6.7. Intel recommends the customers to improve to the patched 2019 R1 launch.
The opposite flaw marks a low-severity vulnerability with a CVSS base rating of three.Eight in some Intel microprocessors. Intel describes in its advisory that exploiting the flaw (CVE-2019-0162) might to disclosure of knowledge.
“Reminiscence entry in digital reminiscence mapping for some microprocessors could permit an authenticated consumer to probably allow data disclosure by way of native entry.”
To remain shielded from potential exploits by way of this flaw, Intel advises the customers to observe finest practices. Intel, nevertheless, didn’t reveal any particular repair to mitigate this vulnerability.
In January as properly, Intel patched quite a few safety flaws in several Intel merchandise together with three high-severity flaws.
Take your time to touch upon this text.