InfoSecBulletin Cybersecurity for mankind
Intel released 41 security advisories this Patch Tuesday, which contain information about over 90 vulnerabilities in their products. The company has fixed most of the vulnerabilities with patches and provided some mitigations for others.
The most significant flaw is CVE-2024-22476. It is rated as ‘critical’ and has a severity score of 10. This flaw has been found in Neural Compressor, an AI product that optimizes models to make them smaller and faster for deep learning applications on CPUs or GPUs.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Intel says this critical vulnerability could allow an unauthenticated attacker to “enable escalation of privilege via remote access”.
Serious flaws were discovered in various server products’ UEFI firmware, including Arc & Iris Xe Graphics, PROSet/Wireless, Power Gadget, Trust Domain Extensions, Secure Device Manager, Dynamic Tuning Technology, Thunderbolt, Graphics Performance Analyzers, BIOS Guard, Platform Properties Assessment Module, and Ethernet Controller I225 Manageability products. These flaws can allow privilege escalation, DoS attacks, or information disclosure.
Medium-severity vulnerabilities in various products have been fixed. These products include Data Streaming Accelerator, Analytics Accelerator, Processor Diagnostic Tool, Graphics Performance Analyzers, Extreme Tuning Utility, Computing Improvement Program, Ethernet Controller Administrative Tools, Quartus Prime, Processor Identification Utility, Programmable Gate Array, Core Ultra processor, and Advisor.
Medium-severity issues have been found in various Intel products such as Inspector, Distribution for GDB, Data Center GPU Max Series, Performance Counter Monitor, VTune Profiler, Chipset Device Software, Driver & Support Assistant, and others.
Many of these flaws can be used to gain more privileges or carry out DoS attacks or information disclosure.
