« Previous 1 2
News for Admins
Tech News
Intel Releases Microcode to Provide Important Security Fixes
The latest Patch Tuesday from The Intel Product Security Center Advisories (https://www.intel.com/content/www/us/en/security-center/default.html) includes a long list of updates that range from Trace Analyzer and Collector Advisory to Chipset Firmware Advisory. It's a sizable list of patches, but it isn't the only release the company has made available. On the official Intel GitHub site, you'll also find microcode-20220207 (https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20220207), which updates a vast number of platforms, from 4th Gen X series all the way to 11th Gen Mobile CPUs.
Of all of these patches, there are two that are listed as high on the Common Vulnerability Scoring System (CVSS). The first is Intel SA-00528, which only affects lower-end Pentium and Atom CPUs. The second is INTEL-SA-00632, which is an escalation of privilege, denial of service information, and information disclosure vulnerability. SA-00632 affects Quartus Prime Pro edition before version 21.3 and Quartus Prime Standard edition before version 21.1.
Another patch, Intel SA-00532 (https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html), labeled as a medium threat, is much more widespread and could lead to denial of service due to insufficient control flow management. This vulnerability affects numerous products ranging from 6th Gen to 10th Gen Core CPUs and a number of Xeon processors.
Some Intel-based systems have begun shipping (since Jan 2022) with the new microcode for both Intel Core and Xeon processors.
« Previous 1 2
Buy this article as PDF
(incl. VAT)