itwbennett writes: The flaw in a utility that helps users download the latest drivers for their Intel hardware components stems from the tool using unencrypted HTTP connections to check for driver updates. It was discovered by researchers from Core Security and was reported to Intel in November. The Core Security researchers found that the utility was checking for new driver versions by downloading XML files from Intel's website over HTTP. These files included the IDs of hardware components, the latest driver versions available for them and the corresponding download URLs. Intel Driver Update Utility users are strongly advised to download the latest version from Intel's support website.
Attend or create a Slashdot 20th anniversary party! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×