Intel discovers four security bugs in its products

Posted on Thursday, Apr 11 2019 @ 12:24 CEST by Thomas De Maesschalck
INTC logo
Intel issued a warning about four newly discovered security holes in its products. First up, the firm has a patch for a high-severity flaw in the Intel Media Software Development Kit (SDK) that allow for escalation of privilege. Another software bug is found in the Intel Graphics Performance Analyser for Linux, that medium-severity flaw also got updated other operating systems were not affected.

Next, some of Broadwell U i5-based NUC systems with firmware version prior to MYBDWi5v.86A have a bug that enables an authenticated user to boost their privilege level, perform a DOS attack, or expose supposedly-protected data. Updated firmware is available via the Intel website.

Rated less severe is another bug in Intel's processors. Deemed less of an issue than Spectre of Meltdown, the new vulnerability seems more related to SPOILER, and will require developers to adjust their software:
Considerably less troublesome than Spectre or Meltdown, the company claims, the vulnerability lies in the virtual memory mapping (VMM) capabilities of selected processors and allows an authenticated user on the local system to 'potentially enable information disclosure'. It's most closely related to the Spoiler vulnerability, and requires that developers tweak their software to resist side-channel and timing attacks - meaning Intel has not, and will not, be releasing patches of its own to resolve the vulnerability.
Via: Bit Tech

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments