Intel Patchday March 2020

Windows Update[German] Intel has issued a security advisory on March 10, 2020, in which vulnerabilities in various products and available updates are pointed out. A critical vulnerability is found in a graphics driver.


Advertising

I already became aware of a fixed vulnerability in the Windows graphics driver via the tweet from Bleeping Computer.

Below is an excerpt from the list of Intel products affected by vulnerabilities for which Intel has published security advisories.

  • INTEL-SA-00354: Intel® Smart Sound Technology Advisory, Security-Index 8.6
  • INTEL-SA-00315: Intel® Graphics Driver Advisory, Security-Index 8.4
  • INTEL-SA-00352: BlueZ Advisory, Security-Index 8.3
  • INTEL-SA-00343: Intel® NUC™ Firmware Advisory, Security-Index 7.8
  • INTEL-SA-00349: Intel® MAX® 10 FPGA Advisory, Security-Index  6.1
  • INTEL-SA-00319: Intel® FPGA Programmable Acceleration Card N3000 Advisory, Security-Index 6
  • INTEL-SA-00330: Snoop Assisted L1D Sampling Advisory, Security-Index 5.6
  • INTEL-SA-00334: Intel® Processors Load Value Injection Advisory, Security-Index 5.6
  • INTEL-SA-00326: Intel® Optane™ DC Persistent Memory Module Management Software Advisory, Security-Index 4.4

Concerning  INTEL-SA-00334, "Intel® Processor Load Value Injection" (LVI), Intel is aware of reports about this (see the blog post New LVI LFB vulnerability discovered in Intel CPUs. Due to the many complex requirements that must be met to successfully perform the LVI method, Intel believes that LVI poses virtually no risk in real-world environments where the operating system and VMM are trusted. New guidelines and mitigation tools for LVI are now available. Details can be found in the linked articles.


Advertising

This entry was posted in Security, Software, Update, Windows and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).