Intel has stated that it fixed 77 vulnerabilities in its recently released November Patch Tuesday. It also said that, “67 of the 77 vulnerabilities we are addressing were internally found”. The company maintained that even though the internally found vulnerabilities could have been handled without going public, but Intel believes in transparency. It has also assigned CVE IDs to all internally found vulnerabilities which will help customers assess risks involved, prioritize, and deploy updates.
Intel gave the news via a new security blog which intends to serve as a resource for security updates, bug bounty topics, and latest security research among the cybersecurity community. The blog contains a detailed list of 18 security advisories. All the affected Intel products and corresponding remedial recommendations are mentioned at the end of every advisory. In the following table, updates are ordered from highest to lowest severity rating:
|
Advisory ID |
Title | Internally Found | CVSS Range |
| Intel® CSME, Intel® SPS, Intel® TXE, Intel® AMT, Intel® PTT and Intel® DAL Advisory |
22 of 24 |
2.3 – 9.6 |
|
| INTEL-SA-00313 | Intel® BMC Advisory |
12 of 12 |
3.7 – 9.0 |
| INTEL-SA-00255 | Intel® Ethernet 700 Series Controllers Advisory |
10 of 11 |
5.6 – 8.8 |
| Intel® Graphics Driver for Windows* Advisory |
5 of 8 |
4.0 – 8.8 | |
| Intel® WIFI Drivers and Intel® PROSet/Wireless WiFi Software extension DLL Advisory |
3 of 3 |
8.2 – 8.7 |
|
| INTEL-SA-00288 | Intel® PROSet/Wireless WiFi Software Security Advisory |
3 of 3 |
5.3 – 8.5 |
| INTEL-SA-00220 | Intel® SGX and TXT Advisory |
2 of 2 |
8.2 – 8.2 |
| Intel® CPU Security Advisory |
2 of 2 |
7.5 – 8.2 |
|
| INTEL-SA-00293 | Intel® SGX Advisory |
1 of 2 |
7.0 – 7.8 |
| INTEL-SA-00280 | IPU UEFI Advisory |
1 of 2 |
7.5 – 7.5 |
| INTEL-SA-00309 | Nuvoton* CIR Driver for Windows® 8 for Intel® NUC Advisory |
0 of 1 |
6.7 |
| INTEL-SA-00210 | Intel® Processor Machine Check Error Advisory |
1 of 1 |
6.5 |
| INTEL-SA-00260 | Intel® Processor Graphics Update Advisory |
1 of 1 |
6.5 |
| INTEL-SA-00270 | TSX Transaction Asynchronous Abort Advisory |
0 of 1 |
6.5 |
| INTEL-SA-00164 | Intel® TXT Advisory |
1 of 1 |
6 |
| INTEL-SA-00219 | Intel® SGX with Intel® Processor Graphics Update Advisory |
1 of 1 |
6 |
| INTEL-SA-00254 | Intel® SMM Advisory |
1 of 1 |
6 |
| INTEL-SA-00271 | Intel® Xeon® Scalable Processors Voltage Setting Modulation Advisory |
1 of 1 |
5.8 |
(Above list of advisories is as per the original list published in Intel’s Security Blog and not an independent research of CISO MAG)
James J Goetz joins Intel’s Board of Directors
Intel also announced the onboarding of James (Jim) J. Goetz to its Board of Directors’ list. The company in a recent release stated that it is “very happy to have Goetz on the board,” who has served as a partner of Sequoia Capital since 2004. He comes in with a vast knowledge of working in technology and innovation domain and currently serves on the boards of several privately held companies including Palo Alto Networks Inc.
“Jim has a keen understanding of how technology is evolving and a strong track record helping technology companies capitalize on disruptive innovation,” said Intel Chairman Andy Bryant. “Jim has helped create and grow a number of technology companies and product lines to market-leading positions, both as an entrepreneur and as an investor. Jim’s technical insight, substantial operating experience, growth mindset, and deep private and public company board experience, all will further strengthen Intel’s board.”
