Content

Intel rolls out security updates for seven products

Intel has released a series of security updates crossing seven product lines with three rated high and four carrying a medium severity rating.

The three high-rated issues cover Intel’s NUC (CVE-2019-11140), Processor Identification Utility for Windows (CVE-2019-11163) and Computing Improvement Program (CVE-2019-11162).

The NUC vulnerability is due to an insufficient session validation in system firmware that could lead to a privileged user to potentially enable escalation of privilege, denial of service and or information disclosure via local access.

CVE-2019-11163 is an insufficient access control in a hardware abstraction driver issue impacting versions before 6.1.0731 and which could allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

The Computing Improvement Program flaw is based on insufficient access control in hardware abstraction in SEMA driver for the product that if exploited could let an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

The medium-rated problems can be found in Intel RAID Web Console 2, Authenticate, Driver & Support Assistant and Remote Displays SDK.

Intel has released patches for all included issues.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.