Intel Releases Security Updates (July 9, 2019)

[German]Intel has released several security updates on July 9, 2019 to fix vulnerabilities in Intel Solid State Drives for Data Centers and Intel Processor Diagnostic Tool. One of the vulnerabilities is rated as high.


Advertising

I came across a message from the US-CERT via a private Twitter notification, which refers to the security updates for fixing vulnerabilities in Intel Solid State Drives for Data Centers and Intel Processor Diagnostic Tool.

An attacker could exploit these vulnerabilities to escalate permissions on a previously infected computer. The Cybersecurity and Infrastructure Security Agency (CISA) recommends that users and administrators review the Intel Security Advisories INTEL-SA-00267 and INTEL-SA-00268and perform the necessary updates.

INTEL-SA-00267

INTEL-SA-00267 describes a possible vulnerability (CVE-2018-18095) in Intel® Solid State Drives (SSD) firmware of the S4500/S4600 data center (DC) series. A vulnerability in the firmware may allow permissions to escalate.

CVSS Base Score: 5.3 Medium, affected products:
Intel® SSD DC S4500 Series firmware before SCV10150
Intel® SSD DC S4600 Series firmware before SCV10150

Updates can be downloaded here


Advertising

INTEL-SA-00268

INTEL-SA-00268 describes a potential vulnerability (CVE-2019-11133) in the Intel® Processor Diagnostic Tool. This can allow an escalation of privileges, denial of service or information disclosure.

CVSS Base Score: 8.2 High, affected products:
Intel® Processor Diagnostic Tool for 32-bit before version 4.1.2.24_32bit
Intel® Processor Diagnostic Tool for 64-bit before version 4.1.2.24_64bit

Updates can be downloaded here


Advertising

This entry was posted in computer, Security, Update and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).