Security News

The U.S. Cybersecurity and Infrastructure Security Agency on Friday added three flaws to its Known Exploited Vulnerabilities catalog, citing evidence of active abuse in the wild. Details about the flaw were disclosed by Ethiopian cyber security research firm Octagon Networks in March 2022.

Microsoft says apps using DirectX are crashing on Windows systems after installing cumulative updates released in November 2022 because of an Intel graphics driver bug. Until an update addressing this issue is released, Microsoft says that affected customers can temporarily work around it by updating their Intel GPU driver to a newer version.

People in Russia can reportedly once again download drivers and some other software from Intel and Microsoft, which both withdrew from the nation after its invasion of Ukraine. The situation, we're assured, is this: while Intel's website generally remains closed to netizens visiting from Russia, if those people can reach Intel's download portal from a search engine or some other place, they can now, once again, use that site even if they are in the land of Putin.

A financially motivated threat actor tracked as Scattered Spider was observed attempting to deploy Intel Ethernet diagnostics drivers in a BYOVD attack to evade detection from EDR security products. The BYOVD technique involves threat actors using a kernel-mode driver known to be vulnerable to exploits as part of their attacks to gain higher privileges in Windows.

Source code for the BIOS used with Intel's 12th-gen Core processors has been leaked online, possibly including details of undocumented model-specific registers and even the private signing key for Intel's Boot Guard security technology. </p. Other folks have claimed to the file contains tools for provisioning or tweaking BIOS images, as well as Intel's reference implementation of the Alder Lake UEFI and an OEM implementation, said to be that of Lenovo.

Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week. The published content contains Unified Extensible Firmware Interface code for Alder Lake, the company's 12th generation processors that was originally launched in November 2021.

Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic, raising cybersecurity concerns with researchers. On Friday, a Twitter user named 'freak' posted links to what was said to be the source code for Intel Alder Lake's UEFI firmware, which they claim was released by 4chan.

Linux users have reported seeing weird white flashes and rapid blinking on their Intel laptop displays after upgrading to Linux kernel version 5.19.12, leading to warnings that the bug may damage displays. Besides being a visual annoyance, the unexpected screen flickering prevents users from doing anything on their systems, and Intel Linux kernel engineer Ville Syrjäl warns that it could also damage the display.

Microsoft is now blocking the Windows 11 22H2 update from being offered on some systems with Intel Smart Sound Technology audio drivers. "Intel and Microsoft have found incompatibility issues with certain versions of drivers for Intel Smart Sound Technology on Intel 11th Gen Core processors and Windows 11," Microsoft said in a Windows Health dashboard update.

The US Treasury Department has issued sactions against Iran's intelligence agency in response to that country's cyberattack against Albania and other "Cyber-enabled activities against the United States and its allies." Earlier this week, NATO ally Albania cut its diplomatic relations with Iran after blaming a July cyberattack that hit its government infrastructure on Iranian state-sponsored attackers.