Intel has addressed 73 security vulnerabilities as part of Patch Tuesday June 2021, including high severity ones affecting some versions of the Intel Security Library and BIOS firmware for Intel processors.
Intel detailed the security flaws in 29 security advisories published today in its Product Safety Center.
“Today we published 29 security advisories that address 73 vulnerabilities. 40 of them, or 55%, were found internally through our own proactive security investigation,” said Intel Director of Communications Jerry Bryant. saying.
Intel provides a list of affected products and recommendations for vulnerable products at the end of each advisory, along with contact details for security researchers who want to report security issues or vulnerabilities found in Intel-branded technology.
Highlights of the June 2021 Intel Platform Update
Notably, among security updates released today, Intel addressed five high-severity vulnerabilities affecting Intel Virtualization Technology for Directed I / 0 Products (VT-d), BIOS firmware for some Intel processors, and Intel Security Library.
The first of them (followed as CVE-2021-24489) is due to incomplete cleanup on some Intel VT-d products that could allow authenticated attackers to escalate privileges through local access.
Intel fixed four more bugs (followed as CVE-2020-12357, CVE-2020-8670, CVE-2020-8700, Y CVE-2020-12359) caused by improper initialization, race condition, incorrect input validation, and insufficient control flow management in the CPU BIOS firmware, allowing privilege escalation through local or physical access.
The high severity bug patched in the Intel Security Library affects versions prior to version 3.3, and is caused by a key exchange without entity authentication that allows authenticated attackers to escalate privileges through access to the net.
Intel also patched 11 other high severity security vulnerabilities affecting Intel NUCs, Intel Driver and Support Assistant (DSA), Intel RealSense ID, Array Open Programmable Acceleration Engine (OPAE) driver. Intel Field Programmable Gate (FPGA) for Linux and Intel Thunderbolt controllers.
Full List of June 2021 Patch Tuesday Advisories
You can find a list of all Intel security advisories issued in the table below, with full details on each of the vulnerabilities addressed and information on the affected products within the linked entries in the Product Security Center.
“Intel recommends that users of affected products update to the latest firmware version. provided by the system manufacturer that addresses these issues, “the company added.
“Overall 95% of the issues being addressed today are the result of our ongoing investments in safety assurance, which is consistent with our Product Safety Report 2020. “
“During the first six months of 2021, we addressed 132 potential vulnerabilities and 70% of them were discovered and mitigated internally before they were publicly disclosed,” added Bryant.
“56 of 132 issues were found in Bluetooth graphics, networking, and components.”