HP has been informed of potential security vulnerabilities identified in the Insyde UEFI firmware update utility used by certain HP PC products which may allow escalation of privilege, denial of service, or information disclosure via local access. HP is releasing SoftPaq updates with mitigation for the potential vulnerabilities.
Insyde has released software updates to mitigate the potential vulnerabilities in the firmware update utilities for HP PC products. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that mitigate the potential vulnerabilities. See the affected platforms listed below.