Intel has posted a fresh crop of firmware updates for security flaws in its chipsets.

The March fix bundle includes nine advisories covering processors, FPGAs, and other components, as well as the high-profile Meltdown-style LVI hole.

Among the most expansive is the advisory for Intel graphics drivers. In total, 17 CVE-listed bugs were patched, ranging from elevation-of-privilege and denial-of-service to information-disclosure flaws.

The FPGA PAC N-3000 card has received an update for two CVE-listed flaws, one allowing elevation-of-privilege for an attacker and another allowing for denial-of-service.

A single flaw in the Optane DC Persistent Memory Management Software could potentially allow for elevation of privilege or a denial of service.

An image of a secured computer chip

‘Unfixable’ boot ROM security flaw in millions of Intel chips could spell ‘utter chaos’ for DRM, file encryption, etc

READ MORE

An information-disclosure flaw in data forwarding for Intel processors prompted an advisory and firmware update, as did the already disclosed LVI design flaw.

Intel NUC mini-computers got an update for an escalation of privilege bug rated as a “high” risk.

Those using the Intel Max 10 FPGA hardware will want to enable JTAG Secure Mode to guard against an information disclosure vulnerability.

Intel’s BlueZ Bluetooth component has been updated with a fix for a high-risk flaw that would potentially allow information disclosure or denial of service attacks.

SmartSound, a component in both the 10th and 8th generation Intel CPUs, has received a patch for a flaw that would allow an unauthenticated user to elevate privileges and move through a target system.

Users and admins are advised to test and install any of the needed Intel updates as soon as possible. ®

Sponsored:
Webcast: Build the next generation of your business in the public cloud



Source link

Is your business effected by Cyber Crime?

If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.

Digitpol is available 24/7.

Email: info@digitpol.com
Europe +31558448040
UK +44 20 8089 9944
ASIA +85239733884

You must be logged in to post a comment.