All but one have been patched.
Intel has disclosed a whopping 34 security vulnerabilities, contained within 32 pieces of software and two kinds of firmware. The 32 software security bugs broadly impact drivers for chipsets, Wi-Fi, and other components, and also include applications such as XTU, the oneAPI Toolkit, and Intel Unison. One software and one firmware vulnerability also impact Thunderbolt — Intel recommends all users update their Thunderbolt drivers and controllers immediately.
Unlike big security issues that Intel has encountered in the past, such as last year’s Downfall vulnerability, these patches are for a number of unrelated issues. Such a disclosure isn’t unprecedented for Intel, and the company discloses vulnerabilities in batches once all are patched (or, at least, patched among actively-maintained software and firmware).
Intel’s Thunderbolt connectivity technology is perhaps the most significantly affected, however. Thunderbolt drivers and Thunderbolt controller firmware each have a disclosure, but the driver disclosure is especially concerning as it details 20 individual exploits that allow attackers to escalate privileges, perform denial of service attacks, and steal data. Three of these 20 vulnerabilities have are “high” severity.
Thankfully, most of those 20 Thunderbolt driver exploits and the firmware exploit require what is called “local access,” which requires either physical or remote access to a vulnerable computer, or someone with physical access who can be socially engineered. There is one adjacent vulnerability, which means attacks through a network can also be successful, but it only has a medium severity rating.
Intel has patched all but one of the impacted pieces of software and firmware — the System Usage Report for Gameplay tool. This app was already discontinued, hence why it won’t be receiving a patch; Intel recommends just getting rid of it.
Unfortunately, as these are all various bugs with no central root cause, patching all of them means updating every piece of software and firmware you use that’s listed by Intel. Most users will probably only have to worry about Thunderbolt, various drivers, and perhaps Intel Unison, but enthusiasts and developers might have much to update on their machines.