Thunderbolt, XTU, chipset drivers, and more
(Image credit: Intel)All but one have been patched.
Intel has disclosed a whopping 34 security vulnerabilities, contained within 32 pieces of software and two kinds of firmware. The 32 software security bugs broadly impact drivers for chipsets, Wi-Fi, and other components, and also include applications such as XTU, the oneAPI Toolkit, and Intel Unison. One software and one firmware vulnerability also impact Thunderbolt — Intel recommends all users update their Thunderbolt drivers and controllers immediately.
Unlike big security issues that Intel has encountered in the past, such as last year's Downfall vulnerability, these patches are for a number of unrelated issues. Such a disclosure isn't unprecedented for Intel, and the company discloses vulnerabilities in batches once all are patched (or, at least, patched among actively-maintained software and firmware).
Most of the software-related exploits occur in low-key programs, such as Intel's Battery Life Diagnostic Tool and other apps that most users probably don't use or haven't heard of. However, there are a few high-profile cases: Intel Unison, the oneAPI Toolkit and oneAPI Software Installers, and the CPU overclocking XTU app are all impacted by security issues. Some drivers are also impacted, which could be problematic as these sorts of drivers aren't guaranteed to be updated automatically.
Intel's Thunderbolt connectivity technology is perhaps the most significantly affected, however. Thunderbolt drivers and Thunderbolt controller firmware each have a disclosure, but the driver disclosure is especially concerning as it details 20 individual exploits that allow attackers to escalate privileges, perform denial of service attacks, and steal data. Three of these 20 vulnerabilities have are "high" severity.
Thankfully, most of those 20 Thunderbolt driver exploits and the firmware exploit require what is called "local access," which requires either physical or remote access to a vulnerable computer, or someone with physical access who can be socially engineered. There is one adjacent vulnerability, which means attacks through a network can also be successful, but it only has a medium severity rating.
Intel has patched all but one of the impacted pieces of software and firmware — the System Usage Report for Gameplay tool. This app was already discontinued, hence why it won't be receiving a patch; Intel recommends just getting rid of it.
Unfortunately, as these are all various bugs with no central root cause, patching all of them means updating every piece of software and firmware you use that's listed by Intel. Most users will probably only have to worry about Thunderbolt, various drivers, and perhaps Intel Unison, but enthusiasts and developers might have much to update on their machines.
source
