Intel has announced the discovery of ten distinct security vulnerabilities affecting a wide array of its graphics drivers and software, impacting nearly every Intel GPU product and integrated graphics solution dating back to the 6th generation of Core processors. The vulnerabilities, which span consumer CPUs, Iris Xe and Arc GPUs, as well as Intel Data Center GPU Flex 140/170 units, underscore the breadth of the issue across Intel´s product portfolio. Users are strongly encouraged to update their drivers to the latest versions, as these patches address all known affected products released before October 2024.
Although all of the newly disclosed vulnerabilities require local access to the affected systems—somewhat limiting their risk for the typical end user—they enable a range of possible exploits, such as privilege escalation, denial of service, and unauthorized information disclosure. The most critical vulnerability class identified is improper access control within graphics drivers and associated software, which has the potential to compromise user data and system stability. Those using driver versions issued after October 2024 are considered protected from these security threats.
This GPU vulnerability announcement is the latest in a series of security lapses for Intel. Earlier in the same week, researchers at ETH Zurich demonstrated a new method for bypassing Intel´s fixes for the Spectre v2 CPU vulnerability, impacting a large suite of Intel processors. Intel has responded to these discoveries with advisories recommending BIOS or microcode updates for affected CPUs. The string of recent disclosures highlights persistent challenges in Intel´s software security practices, coming at a time when the company is already facing business pressures, including delays in its Foundry program´s profitability and recent waves of layoffs. Observers view these security issues as significant, adding further uncertainty to Intel´s future direction.
