Chipzilla adds to IT admins security update load
By Shaun Nichols14 Jan 2019
While admins were busy wrangling with the mass of security patches from Microsoft, Adobe, and SAP last week, Intel slipped out a fix for a potentially serious flaw in its Software Guard Extensions (SGX) feature.
Chipzilla's January 8 update addresses CVE-2018-18098, an issue Intel describes as an "improper file verification" that can be exploited on Windows machines to escalate privileges. In effect, the security blunder can be leveraged by malware running on a system, or rogue logged-in users, to gain administrator rights and take over a vulnerable box.
Full Article.