Intel has announced a series of firmware bugs that could result in endpoints such as data center servers, workstations, mobile devices, and storage products being compromised.
The bugs, first reported by The registrycan allow attackers to leak information and escalate their privileges, and have been labeled “High Severity” by Intel.
A full list of products that may be impacted by the vulnerabilities can be found here herewhich includes 10th Gen Intel Core processors and Intel Core X-series processors.
Share your thoughts on cybersecurity and get a free copy of Hacker’s Manual 2022. Help us uncover how organizations are preparing for the post-Covid world and the impact these activities are having on their cybersecurity plans. Enter your e-mail address end of this survey to get the $10.99/£10.99 bookazine.
What should users do?
Intel recommends that users of affected processors update to the latest versions provided by their system manufacturer to resolve these issues.
Unfortunately, the above weren’t the only bugs Intel was able to announce.
A potential vulnerability in Intel processors that could allow information disclosure was also announced, although this was only described as “low severity” by Intel.
Intel said that “observable behavioral variances in some Intel processors could allow an authorized user to allow disclosure of information via local access.”
The bug could potentially affect all Intel processor families, according to the hardware giant.
Intel recommends that each affected product should use the LFENCE instruction “after loads that should observe writes from another thread to the same shared memory address”.
Firewalls alone may not be enough in this day and age, Intel isn’t the only one with potential hardware vulnerabilities floating around.
Academic researchers have demonstrated a successful attack strategy to bypass the protection provided by AMD’s famous Secure Encrypted Virtualization (SEV) technology.
> Intel is big on a new type of processor that you’ve probably never heard of
> Intel Sapphire Rapids Leak offers a sneak peek at specs and performance
> Intel Arc desktop GPUs could be delayed – by some time
Anyone interested in posting more bugs and has information about a security issue or vulnerability in an Intel-branded product or technology can email it to [email protected] after sharing confidential information with it encrypted PGP public key.
According to Intel’s own research, there is a demand for more hardware security.
The survey, based on interviews with 1,406 people in the United States, Europe, Middle East, Africa and Latin America, found that 75% of respondents expressed an interest in hardware-based security approaches, while 40% expressed an interest in “security at a silicon level”.
- Check out our guide to the best malware removal products
above The registry
This article was previously published on Source link