Intel reveals a whole load of hardware security issues, so patch now

News
By published

Intel users should get ready to update their firmware

An image of security icons for a network encircling a digital blue earth.
(Image credit: Shutterstock)

Intel has announced a host of firmware bugs, which could allow endpoints such as datacentre servers, workstations, mobile devices, and storage products to become compromised.

The bugs, first reported by The Register, can allow bad actors to leak information and escalate their privileges, and were labelled by Intel as “high severity”.

A full list of products the vulnerabilities may impact can be found here, which includes 10th Generation Intel Core Processors and Intel Core X-series Processors.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022end of this survey

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

What should users do?

Intel recommends that users of the affected processors update to the latest versions provided by their system manufacturer to addresses these issues.

Unfortunately, the above was not the only set of bugs which Intel was able to announce.

A potential security vulnerability in Intel Processors which may allow information disclosure was also announced, though this was only dubbed “low severity” by Intel.

Intel said that “Observable behavioral discrepancy in some Intel processors may allow an authorized user to potentially enable information disclosure via local access.”

The bug could potentially affect all Intel processor families according to the hardware giant.

Intel recommends that any impacted product should utilize the LFENCE instruction “after loads that should observe writes from another thread to the same shared memory address”.

Firewalls may not be enough by themselves in today’s climate, it’s not just Intel that has potential hardware security vulnerabilities floating around.

Academic researchers have demonstrated a successful attack strategy to get around the protections provided by AMDs famed Secure Encrypted Virtualization (SEV) technology.

Read more

> Intel is going big on a new type of processor you’ve probably never heard of

> Intel Sapphire Rapids leak offers sneak peek at specs and performance

> Intel Arc desktop GPUs could be delayed – by quite some time

Anyone interested in outing more bugs and having information about a security issue or vulnerability with an Intel-branded product or technology can send it via e-mail to secure@intel.com, after encrypting sensitive information using its PGP public key.

The demand for greater hardware security is there according to Intel’s own research.

The survey, based on speaking to 1,406 people across the United States, Europe, the Middle East, Africa, and Latin America, found 75% of respondents expressed interest in hardware-based approaches to security, while 40% expressed interest in “security at a silicon level”.

Via The Register

TOPICS
Will McCurdy

Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.

Read more
Security
Intel slams Nvidia and AMD, claims chip giants have huge numbers of security flaws
AMD Ryzen 5 7600X processor
AMD confirms processor security flaws after Asus patch slips out early
AMD logo
AMD patches high severity security flaw affecting Zen chips
An abstract image of a lock against a digital background, denoting cybersecurity.
Apple CPU security issue could let hackers steal user data from browsers
AMD logo
Security flaw means AMD Zen CPUs can be "jailbroken"
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Hardware supply chain threats can undermine your endpoint infrastructure
Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 23 (game #385)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 23 (game #651)
Google Pixel 9 Pro Fold main display opened
Apple is rumored to be prioritizing battery life on the foldable iPhone – which could also feature a liquid metal hinge for added durability
Google Pixel 9
The Google Pixel 10 just showed up in Android code – and may come with a useful speed boost
More about security
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)

This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Toshiba Canvio Flex 4TB

I reviewed the Toshiba Canvio Flex 4TB – it's big on storage but stuck in the past
See more latest
Most Popular
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models
Micron SOCAMM memory module
World's biggest RAM vendors develop superior memory form factor exclusively for Nvidia, sorry Intel and AMD
Asus Vivobook 18
The Asus Vivobook 18 is the only affordable 18-inch laptop right now, and it comes with a powerful CPU no other laptop has
Peter Claffey as Ser Duncan the Tall in The Knight Of The Seven Kingdoms
A Knight Of The Seven Kingdoms: The Hedge Knight – everything we know so far about HBO's Game of Thrones prequel
Vinpower iXFlash and iXFlash Cube
This tiny 2TB USB Flash drive can both charge and backup your iPhone at the same time
Compal Adapt X modular laptop
One of the largest laptop manufacturers releases concept pictures of Adapt X, a modular laptop in the same vein as Framework
Anycubic foldable portable 3D printer
Anycubic may launch this gorgeous foldable portable 3D printer any day soon, and I can't wait to try it out
HP Fury G1i 18"
'2-inches gets you 30% more screen': HP is pitching 18-inch laptop as the best new thing in tech
Framework Desktop
Framework's Desktop is selling like hot cakes; Ryzen Max+ 395, Max 383 batches are sold out with next shipment in Q3
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)