Intel® PROSet/Wireless Software Denial of Service

2017-07-25T00:00:00
ID LENOVO:PS500109-NOSID
Type lenovo
Reporter Lenovo
Modified 2017-07-25T00:00:00

Description

Lenovo Security Advisory: LEN-14246

Potential Impact: Denial of service

Severity: Medium

Scope of Impact: Industry-Wide

CVE Identifier: CVE-2016-8104

Summary Description:

A buffer overflow security vulnerability has been identified in the Intel® PROSet/Wireless Software and Drivers before version 19.20.3. This vulnerability allows a local user to crash iframewrk.exe causing a potential denial of service.

If this vulnerability puts you at an unacceptable level of risk and you want to mitigate before the Lenovo-certified driver is available for your product, you can visit the Intel security webpage (https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00065&languageid=en-fr) to download and install the reference driver. Please be aware that the reference driver has not been qualified by Lenovo. If you experience problems as a result of installing the driver from the Intel support site, please contact Intel directly. When the Lenovo-certified driver is available for download from the Lenovo Support site, Lenovo recommends that you uninstall the Intel reference driver, and upgrade to the Lenovo support site version.

Mitigation Strategy for Customers (what you should do to protect yourself):

Update to the latest Intel PROSet/Wireless Software and Drivers for your system

Product Impact:

Intel® PROSet/Wireless Software and Drivers before version 19.20.3.