silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,055
Intel issued two security updates for software and hardware products to patch vulnerabilities that may allow escalation of privilege and information disclosure.The software security flaw impacts Intel Easy Streaming Wizard before version 2.1.0731, a wizard tool designed to help Twitch and YouTube streamers set up the Open Broadcaster Software (OBS) streaming software easier using a step by step method.
The vulnerability tracked as CVE-2019-11166 and reported by Karthikeyan Selvaraj comes with a medium severity score of 5.7, and it could be used by an authenticated attacker to escalate their privileges on the system via a local attack.
According to Intel's advisory, the flaw is caused by improper file permissions in the installer for Intel Easy Streaming Wizard and the attackers require high local privileges to run what is considered a high complexity attack. Even though this decreases the risks of such attacks being successfully carried out, skilled attackers may still be able to exploit the flaw especially given that doing this doesn't require user interaction.
Intel recommends users to update Intel Easy Streaming Wizard to 2.1.0731 or later using Windows 10 update packages available from Intel's support website.
Intel Patches Privilege Escalation Flaw in Easy Streaming Wizard
Intel issued two security updates for software and hardware products to patch vulnerabilities that may allow escalation of privilege and information disclosure.
www.bleepingcomputer.com