Intel software fixes stamp down privilege escalation vulnerabilities, while microcode updates clean up CPU messes — chipmaker has its own Patch Tuesday as it stomps down 30 bugs

Intel took a page from Microsoft‘s book and published a bevy of software updates for some of its commonly used software on Tuesday. The update pack is large and contains a few noteworthy privilege escalation vulnerabilities. Additionally, there are a few microcode updates for minor issues with contemporary Intel chips, for which the company already posted Linux patches.

The biggest-ticket item is probably the UEFI Server Firmware exploit and denial-of-service, or CVE-2025-30185, rated 8.3 out of 10. Although Intel’s description is vague, the company says that a “privileged user” can change data, granting themselves access to the UEFI in ring-0 and in turn, the entire machine.

At the very least, a competent attacker can cause the machine to become unresponsive. While having administration privileges on a machine is a high bar to clear for an attacker, this exploit is particularly troublesome in server and cloud datacenter environments in which one rogue admin can easily place a back door, or cause mischief for other users in the system.

While nobody deploys the Intel UEFI firmware directly, it serves as a basis for HP, Dell, et al, to make their own versions, meaning there are many exploitable servers in the wild right now.

There are also privilege-escalation bugs in the Intel ProSet Wi-Fi and Intel Arc B-series GPU drivers. For the wireless drivers, there’s a bug (CVE-2025-35971) that allows anyone in your network can cause your Wi-Fi card to lost packets or its connection entirely. Annoying, yes, but not the end of the world. If you have an Intel Wi-Fi card, we recommend you update to the latest drivers now.

Likewise, we have the same update advice for the Arc B-series GPU drivers. There are a couple of noteworthy vulnerabilities, but the most dangerous one (CVE-2025-32091) allowing for privilege escalation also already requires administrator access, so in a desktop system it’s of little concern. The most interesting one is the second one (CVE-2025-31647), which might let any user leak data that they shouldn’t have access to.

As for the microcode fixes, they mostly pertain to an issue across many CPU lines with the Repeat Scan String Byte (REP SCASB) and Repeat Compare String Byte (REP CMPSB) instructions, as they can return incorrect results if another core or thread accesses the memory in use. There are also multiple fixes for several specific power-saving features across Xeon processor lines.

Finally, Arrow Lake CPUs get the aforementioned fixes, and there’s also a patch for a problem where an isochronous USB 3.2 input device might experience dropped packets; to our best guess this could produce interrupted video or audio in webcams, microphones, and other A/V equipment.

Follow Tom’s Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.

Source: Latest from Tom’s Hardware.