/industry-wired/media/agency_attachments/2024/12/04/2024-12-04t130344212z-iw-new.png)
/industry-wired/media/agency_attachments/2024/12/04/2024-12-04t130332454z-iw-new.jpg)
/industry-wired/media/post_attachments/wp-content/uploads/2024/02/Security-Alert-Intel-Chips-Affected-34-Flaws-Exposed-Chaitanya.jpg "publive-image")
Intel Chips Under Fire: Unveiling 34 Critical Vulnerabilities
Intel revealed 34 critical security vulnerabilities contained in 32 software and firmware duplicates. 32 Software security flaws affect drivers for chipsets, Wi-Fi, other products, and even applications like XTU, oneAPI Toolkit, Intel Unison Software, and firmware vulnerabilities also affect Thunderbolt Intel for all users for their Thunderbolt driver and controllers are updated immediately recommended.
Unlike the significant security issues Intel has faced in the past, such as last year's Downfall vulnerability, these patches are for several unrelated matters. Those disclosures are no exception never for Intel and the company batches when everyone is patched into strict software and firmware maintenance) shows weakness in the middle
Most software-related exploits take place in low-key programs, such as Intel's battery life diagnostic tool and other apps that most users probably don't use or haven't heard of. However, there are a few highlights: Intel Unison, oneAPI Toolkit, oneAPI Software Installers, and the CPU overclocking XTU app all have security issues. Some drivers are also affected, which can be a problem because such drivers are not guaranteed to be automatically updated.
However, Intel's Thunderbolt communication technology is probably the most affected. Each Thunderbolt driver and Thunderbolt controller firmware has disclosure issues, but the driver disclosure is particularly troubling as it describes 20 individual exploits that allow attackers to escalate privileges, deny service, and steal data vulnerability; three of these 20 have a very "high."
Most of these 20 thunderbolt driver exploits and firmware exploits require so-called "local access," which requires either physical access to a vulnerable or remote computer or a physical user; the ground method can be socially engineered in the vicinity of a weakness, which means that web attacks are also successful It is possible, but only with moderate severity.
Intel has patched all but one affected piece of software and firmware, the System Usage Report for Gameplay tool. This app had already been canceled, so why not get a patch? Intel recommends you remove it.
Unfortunately, since these are all bugs with no significant root cause, patching all of them means updating any software and firmware you use that Intel has probably written; most users will bother with only Thunderbolt, drivers, and maybe Intel Unison, but Enthusiasts and developers should have plenty to update on their devices.
Conclusion: The identification of 34 vulnerabilities in Intel chips is a stark reminder of the ongoing challenges facing the cybersecurity landscape and highlights the critical importance of remaining diligent, resource innovation, and cooperation to strengthen the resilience of digital systems against evolving threats.