Intel November 2020 Platform Update fixes 95 vulnerabilities in total
Intel released November 2020 Tuesday with total 95 vulnerabilities fix. These include the critical ones that affecting Intel Wireless Bluetooth products and Intel Active Management Technology (AMT).
The company provided details on all the issues in 40 security advisories on its Product Security Centre. The list includes the recommendations for all vulnerable products at the end of each advisory.
Update highlights
- Intel addressed a critical vulnerability, detected as CVE-2020-8752 with CVSS score 9.4/10 in the Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM) products.
- Also, the November 2020 update addresses the security flaw (CVE-2020-12321) rated with CVSS severity base score of 9/6/10 and affecting some Intel Wireless Bluetooth products.
Platypus side-channels attack vulnerability patches
CVE-2020-8694 and CVE-2020-8695, new Intel CPU side-channel vulnerabilities, dubbed as Platypus were also patched with this update. These vulnerabilities could lead to information leakage from RAPL or Running Average Power Limit Interface and drain CPU and DRAM memory power.
International group of researchers from Graz University of Technology, CISPA Helmhgoltz Centre for Information Security and University of Birmingham disclosed were the first who disclosed about these two vulnerabilities.
Intel says, “We encourage customers to check for updates with their system manufacturers or, where applicable, download directly from Intel.”
Microsoft has also released a new batch of Intel microcode update for Windows 10 20H2, 2004, 1909 and all older versions for the fix of the discovered vulnerabilities. You can directly download the updates for the Microsoft Catalog.