SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Intel Patched 374 Vulnerabilities in 2024

Intel says roughly 100 of the 374 vulnerabilities it patched last year were firmware and hardware security defects.
Intel security

In the calendar year 2024, Intel patched a total of 374 vulnerabilities in software, firmware, and hardware products, and paid bug bounty rewards for roughly half of them.

The largest number of bugs resolved last year (272) were found in software such as utilities (146), drivers (68), applications (35), SDKs (9), toolkits (8), and NUC appliances (5), Intel notes in its latest product security report.

The company also resolved 81 flaws in firmware in 2024, with UEFI (30), NUC BIOS (19), networking products (10) and chipsets (8) being impacted the most.

Last year, Intel patched 21 hardware vulnerabilities, including processors, Intel SGX, and side-channel issues, all discovered internally.

The total number of security defects resolved last year was 6% higher compared to 2023, but Intel says the number of flaws discovered and mitigated through its proactive efforts has increased as well, to 94% for firmware bugs and 92% for software issues.

According to the company, bug bounty rewards were handed out for 53% of the 374 vulnerabilities resolved in 2024, with most of the rewards (84%) being paid for software flaws. The remaining 16% were paid out for firmware defects. 

In recent years Intel has no longer shared information on the bug bounty amounts it has paid out. 

Intel’s report also shows that UEFI was the top bug bounty product category last year, followed by Power Gadget, NUC, NUC BIOS, and networking components.

Advertisement. Scroll to continue reading.

The tech giant also notes that it reported 52 platform firmware vulnerabilities, seven issues in its hardware root-of-trust firmware, and 10 GPU flaws last year.

To keep products patched, the company relies on a quarterly process of rolling out updates in microcode, firmware, and system BIOS, which also enables partners to validate and integrate the fixes on a predictable schedule.

Related: Chipmaker Patch Tuesday: Intel Publishes 44 and AMD Publishes 8 New Advisories

Related: New CounterSEVeillance and TDXDown Attacks Target AMD and Intel TEEs

Related: Intel Warns of 20+ Vulnerabilities, Advises Firmware Updates

Related: Intel Says No New Mitigations Required for Indirector CPU Attack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks
March 12, 2025

Join this in-depth briefing on how to protect executives and the enterprises they lead from the growing convergence of digital, narrative, and physical attacks.

Register

Webinar: Which Security Testing Approach is Right for You?
March 25, 2025

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Cybersecurity firm Absolute Security announced Harold Rivas as its new CISO.

Simon Forster has been named the new General Manager of DNS security firm Quad9.

Cybersecurity training company Immersive has named Mark Schmitz as its new CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.