Chipzilla kicks out firmware patches plus a side channel Spoiler alert Thought you were done patching this week? Not if you're using an Intel-powered PC or server
Intel has posted another round of firmware updates with fixes for four CVE-listed vulnerabilities. Chipzilla's April patch load includes fixes for a pair of bugs considered by Intel to be high security risks, as well as a speculative execution bug reported by university researchers last month. CVE-2018-18094 is an escalation of privilege flaw in the Intel Media SDK installer. An attacker with code already running on the vulnerable machine could exploit the flaw to gain higher access privileges w...