Summary:
Intel is releasing patches to mitigate security vulnerability CVE-2017-5704
Description:
Platform sample code firmware included with 4th Gen Intel® Core™ Processor (Haswell), 5th Gen Intel® Core™ Processor (Broadwell), 6th Gen Intel® Core™ Processor (Skylake), and 7th Gen Intel® Core™ Processor (Kaby Lake) potentially exposes password information in memory to a local attacker with administrative privileges.
• High 7.2 CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Affected products:
Platform sample code for the following processor generations:
• 4th Gen Intel® Core™ Processor (Haswell)
• 5th Gen Intel® Core™ Processor (Broadwell)
• 6th Gen Intel® Core™ Processor (Skylake)
• 7th Gen Intel® Core™ Processor (Kaby Lake)
Recommendations:
Intel has released updated firmware to address these issues and recommends that end-users contact their system manufacturers for updated system firmware.