When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works .
(Image credit: Getty Images) Intel took a page from Microsoft 's book and published a bevy of software updates for some of its commonly used software on Tuesday. The update pack is large and contains a few noteworthy privilege escalation vulnerabilities. Additionally, there are a few microcode updates for minor issues with contemporary Intel chips, for which the company already posted Linux patches .
The biggest-ticket item is probably the UEFI Server Firmware exploit and denial-of-service, or CVE-2025-30185 , rated 8.3 out of 10. Although Intel's description is vague, the company says that a "privileged user" can change data, granting themselves access to the UEFI in ring-0 and in turn, the entire machine.
At the very least, a competent attacker can cause the machine to become unresponsive. While having administration privileges on a machine is a high bar to clear for an attacker, this exploit is particularly troublesome in server and cloud datacenter environments in which one rogue admin can easily place a back door, or cause mischief for other users in the system.
Intel Outside: Researcher downloaded data on all 270,000 Intel employees from an internal business card website
Microsoft’s August 2025 security updates are breaking recovery tools on Windows 10 and Windows 11 PCs
Microsoft patches Windows 10 issue that accidentally blocked extended security updates from installing
While nobody deploys the Intel UEFI firmware directly, it serves as a basis for HP, Dell , et al, to make their own versions, meaning there are many exploitable servers in the wild right now.
There are also privilege-escalation bugs in the Intel ProSet Wi-Fi and Intel Arc B-series GPU drivers. For the wireless drivers, there's a bug ( CVE-2025-35971 ) that allows anyone in your network can cause your Wi-Fi card to lost packets or its connection entirely. Annoying, yes, but not the end of the world. If you have an Intel Wi-Fi card, we recommend you update to the latest drivers now.
Likewise, we have the same update advice for the Arc B-series GPU drivers. There are a couple of noteworthy vulnerabilities, but the most dangerous one ( CVE-2025-32091 ) allowing for privilege escalation also already requires administrator access, so in a desktop system it's of little concern. The most interesting one is the second one ( CVE-2025-31647 ), which might let any user leak data that they shouldn't have access to.
As for the microcode fixes, they mostly pertain to an issue across many CPU lines with the Repeat Scan String Byte (REP SCASB) and Repeat Compare String Byte (REP CMPSB) instructions, as they can return incorrect results if another core or thread accesses the memory in use. There are also multiple fixes for several specific power-saving features across Xeon processor lines.
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/software/SPONSORED_LINK_URL
- https://www.tomshardware.com/software/intel-software-fixes-stamp-down-privilege-escalation-vulnerabilities-while-microcode-updates-clean-up-cpu-messes-chipmaker-has-its-own-patch-tuesday-as-it-stomps-down-30-bugs#main
- https://www.tomshardware.com
- Chinese AI startup gets access to 2,300 banned Blackwell GPUs by exploiting cloud loophole — rents compute from Indonesian firm with 32 Nvidia GB200 server rack
- YMTC moves ahead with third chipmaking fab in Wuhan despite U.S. sanctions — blacklisted Chinese chipmaker bets big on memory
- Sony announces 240 Hz PlayStation gaming monitor — QHD monitor features built-in DualSense charging hook and VRR support for PS5
- Tesla targets AI data centers with massive Megapack batteries as grid-strain fears grow — says $50B/GW for a 2-hour system over a 20-year lifetime is 'outsized
- NVIDIA Partners Bring Physical AI, New Smart City Technologies to Dublin, Ho Chi Minh City, Raleigh and More
Informational only. No financial advice. Do your own research.