Intel Product Security Advisories and Notices

Intel® Desktop Boards Privilege Escalation

Tue, 02 Feb 2010 04:05:23 -0500

Software running administrative (ring 0) privilege can under certain circumstances change code running in System Management Mode.

SINIT misconfiguration allows for Privilege Escalation

Tue, 22 Dec 2009 04:05:22 -0500

An updated SINIT Authenticated Code Module (ACM) is available for affected Intel products to correct a misconfiguration that allows for the circumvention of Intel® Trusted Execution Technology.

Intel® Desktop Board Buffer Overflow Local Privilege Escalation

Sat, 31 Oct 2009 03:05:23 -0500

Updated BIOS is available for Intel® Desktop Board products to correct a buffer overflow in the Bitmap processing code.

New BIOS available for Intel® Desktop Board products BIOS to prevent unauthorized downgrading to a previous BIOS version.

Sat, 17 Oct 2009 04:05:22 -0400

New BIOS is available for Intel® Desktop Board products BIOS to prevent downgrading to a previous BIOS version without supervisor/admin permission.

Intel® Desktop and Intel® Server Boards Privilege Escalation

Wed, 29 Jul 2009 04:05:22 -0400

Software running administrative (ring 0) privilege can under certain circumstances change code running in System Management Mode.

Intel® Desktop and Intel® Mobile Boards Privilege Escalation

Tue, 26 Aug 2008 03:14:20 -0400

Software running administrative (ring 0) privilege can under certain circumstances change code running in System Management Mode.

Intel Keyboard Buffer Information Disclosure Vulnerability

Tue, 26 Aug 2008 03:14:20 -0400

Specific Intel BIOS's fail to sanitize user input entered during the Power On Self Test, POST, process. Under certain situations this issue could potentially result in a disclosure of information.

Intel® PROSet/Wireless Software Local Information Disclosure

Thu, 21 Jun 2007 22:37:13 -0400

A security vulnerability exists in the Intel® PROSet/Wireless Software (PROSet application) because of insecure usage of shared memory allowing a person having access to the user’s computer or malicious software installed on the user’s computer to obtain access to users’ wireless network security information.

Intel® LAN Driver Buffer Overflow Local Privilege Escalation

Thu, 21 Jun 2007 22:37:13 -0400

A software vulnerability exists in the specified PCI, PCI-X and PCIe Intel network component drivers that could allow unprivileged code executing on an affected system to perform a local privilege escalation.

Intel® Centrino Wireless Driver Malformed Frame Remote Code Execution

Thu, 21 Jun 2007 22:37:13 -0400

Security vulnerabilities exist in the Microsoft* Windows* drivers for the Intel® 2200BG and 2915ABG PRO/Wireless Network Connection Hardware because of the way that they currently handle certain frames. An attacker could potentially exploit these vulnerabilities which could potentially lead to remote code execution and system control.

Intel® Centrino Wireless Driver Malformed Frame Privilege Escalation

Thu, 21 Jun 2007 22:37:13 -0400

A security vulnerability exists in the Microsoft* Windows* drivers for the Intel® 2100 PRO/Wireless Network Connection Hardware because of the way that driver handles certain requests by applications. The vulnerability could potentially be exploited by injecting specially crafted malicious frames into the driver and with the aid of an application loaded on the local system kernel level privileges could potentially be obtained.

Intel® Enterprise Southbridge 2 Baseboard Management Controller Denial of Service

Thu, 21 Jun 2007 22:37:12 -0400

A denial of service vulnerability exists in the Intel® Enterprise Southbridge 2 Baseboard Management Controller which may allow malicious users to connect to a server system within a local area network and issue any Intelligent Platform Management Interface command. If proper external network access procedures are followed the vulnerability is limited to internal access within a local network.