In recent days Intel released a considerable amount of update patches to correct various vulnerabilities that could allow remote code execution in compromised systems, reports an ethical hacking training expert from the International Institute of Cyber Security.
The company launched some security alerts to inform its users of the potential risks. According to the ethical hacking training expert, a group of corrected vulnerabilities affects the Converging Management and Security Engine (CSME), server platform services, reliable execution engine, and active management technology (AMT).
These implementations run at such a low level on the hardware stack that suspicious activity sometimes goes unnoticed for the anti-malware software. Vulnerabilities would allow escalating privileges, sensitive information leaking, or even generating denial-of-service conditions, mentions Intel.
Within this group are 12 vulnerabilities, 5 identified as critical. Of these high severity errors, only the identified as CVE-2018-12187 is remotely executable; this is a denial-of-service vulnerability based on insufficient validation in Intel AMT, mention the specialists.
Two of the vulnerabilities considered critical require that attackers have local access, in other words, they must log into the compromised machine so that the victim interacts with the malicious file. These vulnerabilities (tracked as CVE-2018-12190 and CVE-2018-12200) could allow for escalation of privileges and loss of control over the compromised device.
A second set of patches solved some bugs in the Windows 10 graphics drivers that could generate denial of service conditions, information leaking and execution problems, mentions the ethical hacking training expert.
This second group of patches corrected 19 vulnerabilities, two of which were considered critical. The most serious security errors are derived from memory corruption and insufficient input validation on the Intel kernel mode controller. Other warnings issued by Intel referred to critical firmware vulnerability (CVE-2018-12204) that enables arbitrary code execution.
On the other hand, Lenovo issued updates to implement many of these Intel corrections in its own products a few days after Intel launched its updates.