Ames Computers / Walden Systems

Intel patched several high-severity flaws which could lead to code execution in its graphics drivers for Windows 10. Intel patched almost 20 vulnerabilities in its graphics drivers for Windows 10. Two severe flaws, CVE-2018-12216 and CVE-2018-12214 could both allow a privileged user to execute malicious code via local access, according to an Intel advisory. Multiple security vulnerabilities in Intel Graphics Driver for Windows may allow escalation of privileges, denial-of-service or information disclosure according to Intel's security advisory.

The graphics driver is the program that controls how graphic components work with the rest of the computer. Intel develops graphics drivers for Windows OS to communicate with specific Intel graphics devices. CVE-2018-12216 stems from insufficient input validation in the kernel mode driver within Intel Graphics Driver for Windows. The kernel mode driver of a graphics driver executes any instruction it needs on the CPU without waiting, and can reference any memory address that is available. The flaw exists in versions prior to 10.18.x.5059, 10.18.x.5057, 20.19.x.5063, 21.20.x.5064 and 24.20.100.6373. CVE-2018-12214 exists due to potential memory corruption in the kernel mode driver. Intel recommends that users of Intel Graphics Driver for Windows update to versions 10.18.x.5059