-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2018.0186
               Intel Smart Sound Technology vulnerabilities
                               25 July 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Intel Smart Sound Technology
Operating System:     Windows
Impact/Access:        Administrator Compromise -- Existing Account
Resolution:           Patch/Upgrade
CVE Names:            CVE-2018-3672 CVE-2018-3670 CVE-2018-3666
Member content until: Friday, August 24 2018

OVERVIEW

        Several vulnerabilities have been found in Intel Smart Sound 
        Technology before version 9.21.00.3541. [1]


IMPACT

        The vendor has supplied the following information regarding the vulnerabilities:
        
        "CVE-2018-3666
        Driver module in Intel Smart Sound Technology before version 9.21.00.3541
        potentially allows a local attacker to execute arbitrary code as administrator
        via a non-paged pool overflow.
        7.5 High CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
        
        CVE-2018-3670
        Driver module in Intel Smart Sound Technology before version 9.21.00.3541
        potentially allows a local attacker to execute arbitrary code as administrator
        via a buffer overflow.
        7.5 High CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
        
        CVE-2018-3672
        Driver module in Intel Smart Sound Technology before version 9.21.00.3541
        potentially allows a local attacker to execute arbitrary code as administrator
        via a system calls.
        7.5 High CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" [1]


MITIGATION

        The vendor has provided the following advice:
        
        "Intel recommends users check with system manufacturers for Intel(R) Smart Sound
        Technologies version 9.21.00.3541 or later." [1]


REFERENCES

        [1] INTEL-SA-00163: Intel Smart Sound Technology vulnerabilities
            https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00163.html

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBW1ktSWaOgq3Tt24GAQhrrBAAtICbQ0eLrKCgM+Mr31VNuiiz/nwo5Fat
BKOxiWwYbKC3F34sx9EZ4DQvvTTQrJXgyFyal/9QPIlp1gvFTWXULzR4RM7b7ZC1
qFEE2gy6WyJZDbAfkzkw1rOJkV5Tg2KPumNQNFuWsj+q5kGk4POilZwN5/aGop/y
6xq0peHVjXdtc40goY0GuohsLI1C0NplC47T7ikh5eyCFvhd1FrwyznorEXbfPvE
EZbuxpBRVO7KVhstJB4NyOUaTNdF+elNydKH9Ieob8WSw7v7cAypox+0H+i3yYP6
XZVge7Z46eVwppfPRB7MiZA34BhVT3gnCYXPM9AzqF64zJtUWq3xGgyRYSsoGxGc
Vk6qf5GkO4xiscEHyopiLMjRIkAi9nEL0vy9rEurwDggkq0Sc1uEF6g02BO/RAel
EptTJUT5JI7wOdyhGNJpS+dDbrC0Wiv1MImd2+zv5i516OZw7DpfZSiGSbW7umGt
ZeN3uOgvlAFGac5HSXpmn+mNgKr+dFEwwiwWX5c4Ymda7kef9ATfZWZB/uPzD4GA
nV4DGLy+m/gaIDFJMMW8HUUXDH0NHNr8KSMrMn4530CNyy7RQ8KDinYfAEB5jQ26
gvyXE0oRe7IofNvrecB8q7GC21aTE+HlEj99VtY7pYM5twb8XOCtBnv8P/io7GsR
ECPxMgMUQdE=
=bOWQ
-----END PGP SIGNATURE-----