1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Serious flaw patched in Intel Driver Update Utility

Discussion in 'CSO' started by RSS, Jan 20, 2016.

  1. RSS

    RSS New Member Member

    A software utility that helps users download the latest drivers for their Intel hardware components contained a vulnerability that could have allowed man-in-the-middle attackers to execute malicious code on computers.

    The tool, known as the Intel Driver Update Utility, can be downloaded from Intel's support website. It provides an easy way to find the latest drivers for various Intel chipsets, graphics cards, wireless cards, desktop boards, Intel NUC mini PCs or the Intel Compute Stick.

    The vulnerability stems from the tool using unencrypted HTTP connections to check for driver updates. Such connections can be intercepted and modified by attackers located on the same local network as affected computers or in control of a router along their Internet connection paths.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page