Dozens of flaws patched to stop chips turning into potatoes • The Register

Intel has posted a fresh crop of firmware updates for security flaws in its chipsets.

The March fix bundle includes nine advisories covering processors, FPGAs, and other components, as well as the high-profile Meltdown-style LVI hole.

Among the most expansive is the advisory for Intel graphics drivers. In total, 17 CVE-listed bugs were patched, ranging from elevation-of-privilege and denial-of-service to information-disclosure flaws.

The FPGA PAC N-3000 card has received an update for two CVE-listed flaws, one allowing elevation-of-privilege for an attacker and another allowing for denial-of-service.

A single flaw in the Optane DC Persistent Memory Management Software could potentially allow for elevation of privilege or a denial of service.

‘Unfixable’ boot ROM security flaw in millions of Intel chips could spell ‘utter chaos’ for DRM, file encryption, etc

READ MORE

An information-disclosure flaw in data forwarding for Intel processors prompted an advisory and firmware update, as did the already disclosed LVI design flaw.

Intel NUC mini-computers got an update for an escalation of privilege bug rated as a “high” risk.

Those using the Intel Max 10 FPGA hardware will want to enable JTAG Secure Mode to guard against an information disclosure vulnerability.

Intel’s BlueZ Bluetooth component has been updated with a fix for a high-risk flaw that would potentially allow information disclosure or denial of service attacks.

SmartSound, a component in both the 10th and 8th generation Intel CPUs, has received a patch for a flaw that would allow an unauthenticated user to elevate privileges and move through a target system.

Users and admins are advised to test and install any of the needed Intel updates as soon as possible. ®

Sponsored:
Webcast: Build the next generation of your business in the public cloud