Intel Releases Security Updates Addressing 90 Vulnerabilities, Including a Critical AI Tool Flaw

Published by

teaser
Intel has issued 41 security advisories covering more than 90 vulnerabilities as part of its latest Patch Tuesday update. This routine update cycle addresses numerous issues across Intel's range of products, predominantly on the software side. The highlight of this release is a vulnerability in the Intel Neural Compressor, which has been assigned the highest severity rating of 10.0 on the Common Vulnerability Scoring System (CVSS). This critical flaw could allow an escalation of privilege attack via remote access on versions prior to the latest update. The Neural Compressor, a tool not commonly found on most computers but used in AI-engineering workflows, is designed to optimize AI language models by reducing their size and enhancing their performance. Given its specific application, only a targeted user group typically utilizes this tool, though it's critical for those users to ensure they have updated to the latest software release to avoid potential security risks.

Other notable vulnerabilities addressed include several high-severity issues affecting the UEFI firmware on server products, as well as the Arc and Iris Xe Graphics software. These vulnerabilities could potentially allow privilege escalation, denial of service (DoS) attacks, or lead to information disclosure. Additionally, medium-severity vulnerabilities have been identified in the Meteor Lake Core Ultra processors and various other Intel software products, such as the Processor Diagnostic Tool, Graphics Performance Analyzers, and Extreme Tuning Utility.

Intel has already deployed security patches for all identified vulnerabilities, advising users to update their systems to mitigate any potential risks. This update is crucial not only for maintaining the security and integrity of the systems but also for ensuring the privacy and safety of the data they handle. Patch Tuesday, an industry-wide practice observed on the second Tuesday of each month, involves major software and hardware manufacturers releasing security patches. This particular Patch Tuesday was unusually active for Intel, marking a departure from its typically quieter security update cycles. 

Source: Intel

Share this content
Twitter Facebook Reddit WhatsApp Email Print