Latest Intel Patches for Software Flaws
Intel made an announcement about a high-severity vulnerability in its software that identifies Intel processors in Windows. The flaw has a bunch of malicious impacts on affected systems, such as opening systems up to information disclosure or denial of service attacks.
Intel has released security updates to address vulnerabilities in multiple products. A hacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The flaw stems from insufficient access control in a hardware abstraction driver for the software, versions earlier than 6.1.0731. The flaw allows an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
Intel has released patches to address this flaw as well as others. The other flaws including a flaw in the hardware abstraction of the SEMA driver that could allow escalation of privilege, denial of service or information disclosure have also been addressed.
Vulnerabilities continue to show up in the NUC. In April Intel fixed a high-severity NUC vulnerability that could enable escalation of privilege, denial of service, and information disclosure for impacted systems. In in June, Intel patched seven high-severity vulnerabilities in the system firmware of its Intel NUC.
Intel's latest patches comes at the heels of a new type of side-channel attack discovered last week affecting millions of newer Intel microprocessors manufactured after 2012. The attack, SWAPGS, is similar to existing side-channel attacks such as Spectre and Meltdown and it could allow a hacker to gain access to sensitive data such as passwords and encryption keys on consumer and enterprise PCs.