Posted on Wednesday, April 15 2020 @ 14:11 CEST by Thomas De Maesschalck
Intel patched nine security holes in its software. Bleeping Computer
writes the April 2020 Platform Update fixes various medium to high severity security bugs in multiple of the chip giant's software, firmware, and platforms.
Two of the vulnerabilities patched today are present in Intel PROSet/Wireless WiFi products on Windows 10 and allow:
authenticated attackers to potentially enable escalation of privilege via local access because of insecure inherited permissions (CVE-2020-0557)
unprivileged attackers to potentially enable denial of service via adjacent access due to Improper buffer restrictions in the kernel mode driver (CVE-2020-0558)
The two high severity flaws patched today are present in the system firmware for some Intel NUC mini PCs and in the Intel Modular Server MFS2600KISPP Compute Module, and they make it possible for:
authenticated attackers to potentially enable escalation of privilege via local access due to improper buffer restrictions (CVE-2020-0600)
unauthenticated attackers to potentially enable escalation of privilege via adjacent access because of improper conditions checks (CVE-2020-0578)
