Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Intel Publishes 41 Security Advisories for Over 90 Vulnerabilities 

Intel has published 41 new May 2024 Patch Tuesday advisories covering a total of more than 90 vulnerabilities. 

Intel

This Patch Tuesday, Intel published 41 new security advisories covering a total of more than 90 vulnerabilities found in the company’s products. 

The chip giant has released patches for a majority of these vulnerabilities, while for some it has provided mitigations. 

The most important flaw, based on its severity rating of ‘critical’ and a CVSS score of 10, is CVE-2024-22476. The security hole has been identified in Neural Compressor, an AI product that performs model optimization to reduce the model size and increase the speed of deep learning inference for deployment on CPUs or GPUs. 

Intel says this critical vulnerability could allow an unauthenticated attacker to “enable escalation of privilege via remote access”.

High-severity flaws have been found in the UEFI firmware of server products, Arc & Iris Xe Graphics, PROSet/Wireless, Power Gadget, Trust Domain Extensions, Secure Device Manager, Dynamic Tuning Technology, Thunderbolt, Graphics Performance Analyzers, BIOS Guard and Platform Properties Assessment Module, and Ethernet Controller I225 Manageability products.

These flaws can allow privilege escalation, DoS attacks, or information disclosure.

Medium-severity vulnerabilities have been addressed in Data Streaming Accelerator and Analytics Accelerator, Processor Diagnostic Tool, Graphics Performance Analyzers, Extreme Tuning Utility, Computing Improvement Program, Ethernet Controller Administrative Tools, Quartus Prime, Processor Identification Utility, Programmable Gate Array, Core Ultra processor, and Advisor products.

Medium-severity issues have also been found in Inspector, Distribution for GDB, Data Center GPU Max Series, Performance Counter Monitor, VTune Profiler, Chipset Device Software, Driver & Support Assistant, Context Sensing Technology, Arc Control, Libva library, Dynamic Load Balancer, Graphics Command Center Service, Endurance Gaming Mode, Server Board onboard video driver, Media SDK, and oneAPI Video Processing Library products.

Advertisement. Scroll to continue reading.

Exploitation of a majority of these flaws can lead to privilege escalation, and some can allow DoS attacks or information disclosure. 

Related: Companies Respond to ‘Downfall’ Intel CPU Vulnerability 

Related: Intel, AMD, Zoom, Splunk Release Patch Tuesday Security Advisories

Related: Chipmaker Patch Tuesday: Intel, AMD Address New Microarchitectural Vulnerabilities

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Fastly announced that Scott Lovett will join the company as Chief Revenue Officer, effective June 3, 2024.

Digital transformation consulting firm Synechron has hired Aaron Momin as CISO.

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

More People On The Move

Expert Insights