Local Privilege Escalation or Denial of Service via the Intel® Graphics Driver

Lenovo Security Advisory: LEN-7484

Potential Impact: Local privilege escalation or denial of service

Severity**:** High

**Scope of Impact:**Industry-Wide

**CVE Identifier:**CVE-2016-5647

Summary Description:

Multiple potential vulnerabilities exist in the Intel® Graphics Driver for Microsoft Windows. These graphics drivers are included in some Lenovo products. These vulnerabilities can lead to a local privilege escalation or denial of service condition.

If this vulnerability puts you at an unacceptable level of risk and you want to mitigate before the Lenovo-certified driver is available for your product, you can visit the Intel security webpage (https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00054&languageid=en-fr) to download and install the reference driver. Please be aware that the reference driver has not been qualified by Lenovo. If you experience problems as a result of installing the driver from the Intel support site, please contact Intel directly. When the Lenovo-certified driver is available for download from the Lenovo Support site, Lenovo recommends that you uninstall the Intel reference driver, and upgrade to the Lenovo support site version.

Mitigation Strategy for Customers (what you should do to protect yourself):

Update to the latest Intel Graphics Driver version available for your system.

Product Impact:

For some products, there are multiple versions of the driver which may have been updated. In this case, the link will take you to the support page for that product. Click on Drivers & Software. Then select your Operating System. Select Display & Video Graphics for the component. Scroll down the list until you find the correct driver for your system.