Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0188 Intel Processor Diagnostic Tool Advisory 10 July 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Processor Diagnostic Tool Operating System: Windows Impact/Access: Increased Privileges -- Existing Account Denial of Service -- Existing Account Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-11133 Member content until: Friday, August 9 2019 OVERVIEW Intel has discovered a vulnerability in Intel(R) Processor Diagnostic Tool before version 4.1.2.24 .[1] IMPACT Intel has provided the following information regarding the vulnerability: "Vulnerability Details: CVEID: CVE-2019-11133 Description: Improper access control in the Intel(R) Processor Diagnostic Tool before version 4.1.2.24 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" [1] MITIGATION Intel recommends that users update to the latest version. [1] REFERENCES [1] Intel Processor Diagnostic Tool Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00268.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXSU5CGaOgq3Tt24GAQiROBAAsDiYjTfEyHc6JWk2EhGCdCfb+ACumHYa QCskK2IautEnZRpnlIndt4gIAN3v1+V2PHOvjs1fuywsozijVLnsMLHmip7rzlyj pN1rKac5w0ksTWS7HEYHLPKnk3yqE74umlbQUjZCswjpcd0HEAQtWLIXvRv0KKLn OYqBvIBFjd8aTBhPBE0YbJVjIE7/xy0RX1r96aDlkUjY4JgMDLLb/HalIJWTQ3Dz XRlGxSijRSusW9CXiBO6mIJv9jqOGFWYsXtBqlW28qoDlu4pcBI3f2fJrJd/Fve2 8vkklU5r56JFBhMCSTp8Dw+Z9vjOe5zEwKfVwm+AjHm5GpTPbvgZkl+NWxgWyGWG 8HrlSPM1kUT+57m7YhdIwZAVUSxBJl0ClHksKtiTS2rB7DRk7iB6MR6Sm1EuDj0U wur+FXpUGDqosVwn0wgiEvEq4dr2+VgSvsIOmRTE5w9eZp9dCQmZZkbJfxNc8n1M cmJLvXu8x1v7WVKuUn/HuoKzGweUDnJbyf4VUC+ghPQJ+fLM5naI8WFj2pJwhTQI 2+N+Vs0ooaUjwqjF7YJVCm4t6TaRPtFx6Ju5JdNv5b5Sn20TciLI6JZsK9NZE4yM QErkf+Y2Aff2E/GoQy5+wGnD46mTausfG5WjqiKZc+KVmqKBoyoyV/1mr/8qTfER maRZEi9BnGc= =HkzV -----END PGP SIGNATURE-----