Intel patches vulnerable driver update utility
The vulnerablity could allow a legitimate download to be intercepted and replaced.
Intel today issued a patch to fix a vulnerability associated with the Intel driver update utility MitM that could have been remotely exploited by a bad actor.
The vulnerability (CVE-2015-1493) was discovered by Core Security researchers in November who found that the driver, version 18.104.22.168, transmits sensitive or security critical data in a cleartext communication channel that could potentially be intercepted by an unauthorized person.
“The update request could be automatically detected by a third party on the same network and then the reply could be modified transparently, making the user download what is supposed to be a legitimate driver, but instead could be anything from malware to a remote access tool or whatever the malicious user wants,” Joaquin Rodriguez Varela, senior security researcher for Core Security told SCMagazine.com in a Tuesday email.