Intel software fixes stamp down privilege escalation vulnerabilities, while microcode updates clean up CPU messes — chipmaker has its own Patch Tuesday as it stomps down 30 bugs
Intel took a page from Microsoft's book and published a bevy of software updates for some of its commonly used software on Tuesday. The update pack is large and contains a few noteworthy privilege escalation vulnerabilities. Additionally, there are a few microcode updates for minor issues with contemporary Intel chips, for which the company already posted Linux patches.
The biggest-ticket item is probably the UEFI Server Firmware exploit and denial-of-service, or CVE-2025-30185, rated 8.3 out of 10. Although Intel's description is vague, the company says that a "privileged user" can change data, granting themselves access to the UEFI in ring-0 and in turn, the entire machine.
At the very least, a competent attacker can cause the machine to become unresponsive. While having administration privileges on a machine is a high bar to clear for an attacker, this exploit is particularly troublesome in server and cloud datacenter environments in which one rogue admin can easily place a back door, or cause mischief for other users in the system.
While nobody deploys the Intel UEFI firmware directly, it serves as a basis for HP, Dell, et al, to make their own versions, meaning there are many exploitable servers in the wild right now.
There are also privilege-escalation bugs in the Intel ProSet Wi-Fi and Intel Arc B-series GPU drivers. For the wireless drivers, there's a bug (CVE-2025-35971) that allows anyone in your network can cause your Wi-Fi card to lost packets or its connection entirely. Annoying, yes, but not the end of the world. If you have an Intel Wi-Fi card, we recommend you update to the latest drivers now.
Likewise, we have the same update advice for the Arc B-series GPU drivers. There are a couple of noteworthy vulnerabilities, but the most dangerous one (CVE-2025-32091) allowing for privilege escalation also already requires administrator access, so in a desktop system it's of little concern. The most interesting one is the second one (CVE-2025-31647), which might let any user leak data that they shouldn't have access to.
As for the microcode fixes, they mostly pertain to an issue across many CPU lines with the Repeat Scan String Byte (REP SCASB) and Repeat Compare String Byte (REP CMPSB) instructions, as they can return incorrect results if another core or thread accesses the memory in use. There are also multiple fixes for several specific power-saving features across Xeon processor lines.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Finally, Arrow Lake CPUs get the aforementioned fixes, and there's also a patch for a problem where an isochronous USB 3.2 input device might experience dropped packets; to our best guess this could produce interrupted video or audio in webcams, microphones, and other A/V equipment.
Bruno Ferreira is a contributing writer for Tom's Hardware. He has decades of experience with PC hardware and assorted sundries, alongside a career as a developer. He's obsessed with detail and has a tendency to ramble on the topics he loves. When not doing that, he's usually playing games, or at live music shows and festivals.
