Hi everyone,
It’s patch Tuesday for May 2025 and today we released 27 security advisories. Of the 74 CVEs addressed, 99% are attributed to Intel’s proactive product security assurance efforts. The majority of these represent software updates for various applications, utilities, and drivers. May also represents the quarterly release cadence of the Intel Platform Update, the predictable process through which we release firmware and microcode updates in coordination with system manufacturers. Visit the Intel Product Security Center to find all the details about today’s updates.
In the Chips & Salsa video below, Priya Iyer and I give an overview of today’s security advisories. Joining us is Pawan Gupta to talk about the operating system (OS) and/or Virtual Machine Manager (VMM) updates that may be required to fully implement the mitigations available in INTEL-SA-01533.
Links to content referenced in the video:
Intel Platform Update process: https://intel.ly/4man2m8
System Manufacturer support sites: https://intel.ly/3GHonkf
Software guidance for Indirect Target Selection: https://intel.ly/4mqYndl
Intel GitHub Microcode Repository: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files
INTEL-SA-01153: https://intel.ly/430ZrNn
While Intel is not aware of any of these issues being used in attacks, we recommend applying security updates as soon as possible.
Thanks,
Jerry Bryant
Sr. Director, Incident Response and Security Communications
Intel Product Assurance and Security (IPAS)
Intel Product Assurance and Security (IPAS) is designed to serve as a security center of excellence – a sort of mission control – that looks across all of Intel. Beyond addressing the security issues of today, we are looking longer-term at the evolving threat landscape and continuously improving product security in the years ahead.