11
Intel has published a whole host of security vulnerabilities, with mitigations rolling out, but attackers will need local access to actually do anything
Intel has recently spotted a whole host of security vulnerabilities in the UEFI for many of its products, which could allow the escalation of privileges to bad actors. It’s a problem worth updating your device over when updates are available, but for now, just stay vigilant of who is near your rig.
The highest severity problems on the list register a CVSS score of 8.7 (1.3 off the highest), and these both involve improper input validation, which can enable local code execution. Though local access to your rig is needed, neither 8.7 severity vulnerability involves “special internal knowledge and requires no user interaction”.
Article continues below
Nonetheless, requiring local access does mean you aren’t necessarily in trouble without the update for now. It’s always good to stay up-to-date, in case you’ve found yourself unlucky enough to be found by a bad actor, but for most, it’s not a huge deal.
The severity of reported problems isn’t purely about ease of use. That 8.7 on the high end is a combination of complexity to use, plus how much it impacts confidentiality, integrity and availability, plus a whole pile of other factors. Severity is a good sign of how serious a problem is, but many problems will be hypothetical in nature.
As pointed out by Intel, “Intel, and nearly the entire technology industry, follows a disclosure practice called coordinated disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.”
Generally, by the time you hear about a problem from the manufacturer, chances are that fixes are already out there, or in the works. Just don’t leave it too long before updating your system. A healthy rig is an updated rig.
Best gaming rigs 2026
