Intel UHD Graphics driver - security advisory if version less than 26.20.100.7584

Discussion in 'Systems' started by crypticc, Sep 6, 2020.

Thread Status:
Not open for further replies.
  1. crypticc

    crypticc Member

    hi all

    Surprised this isn't being talked about more, or I've missed the thread so I've created this here.

    It was bothering me that Intel driver update wizard kept nagging me on each reboot for Intel UHD graphics driver update, but when running - it would install and then uninstall and driver version remained stuck on 26.20.100.7261. Rebooting would then result in another nag.

    It bothered me even more when recently I found this article suggesting a vunerability for versions less than 26.20.100.7584 - which clearly the OEM drivers were.
    https://support.razer.com/articles/1688819461
    https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html


    My concern initially was that the reason for my inability to upgrade the drivers was because it had already been exploited on my PC. And then I found this. Basically OEM DCH drivers < 26.20.100.8141 couldn't be overwritten by non-OEM Intel driver later than that. (which 26.20.100.7261 clearly is earlier and hence wouldn't be overwritten)

    https://www.intel.com/content/www/us/en/support/articles/000056629/graphics.html

    The fix is to device manager, uninstall, (clicking the option to uninstall Intel drivers completely) and then reinstall.
    Actually mine skipped a step and automatically reinstalled the newest version rather than OEM because I'd already downloaded and unzipped the zip drivers and attempted a manual install. Windows therefore grabbed those by default rather than the generic drivers.

    https://downloadcenter.intel.com/download/29808/Intel-Graphics-Windows-10-DCH-Drivers?wapkw=intel graphics

    Finally this update brings updated intel control panel, so go into programs and features to uninstall the older Intel Graphics Control panel.


    Cheers all

    Chris
     
  2. crypticc

    crypticc Member

    hi

    Bumping this one as I've found this doesn't actually fix it. well it does but only until the razer rebooted at which point it reinstalls 26.20.100.7261.
    What I don't understand is that I've been into the device manager and actually deleted those driver versio.
    Is anyone else stuck on 26.20.100.7261?

    Chris
     
  3. crypticc

    crypticc Member

    yes - this doesn't work. Razer or Intel need to update the drivers that they have on MS driver update. Until they do we get to keep the drivers that have the vulnerability that allows command privilege escalation. Joy.

    Steps to reproduce

    1) download 27.20.100.8935 from intel (standalone or .exe - doesn't matter as both fail to stick)
    2) disconnect network/disable wifi.
    3) open device manager
    4) select "intel(R) UHD Graphics 630".
    note driver version 26.20.100.7261
    5) click uninstall device
    click on the "delete driver from this device" option
    OK.

    6) scan for changes (device now shows as "Microsoft Basic Display Adapter") - note at this point if you haven't turned off network/wifi then windows will beep as it will have automatically reinstalled the vulnerable 26.20.100.7261.

    7) reboot. [keep wifi/network disconnected.]

    8) open device manager
    9) select "intel(R) UHD Graphics 630".
    10) either run the driver .exe or unzip the .zip and run the igxpin.exe in the folder
    note driver version now 27.20.100.8935 - so far so good

    11) Accept the reboot device prompt [keep wifi/network disconnected.]

    12) open device manager
    13) select "intel(R) UHD Graphics 630".
    note driver version still 27.20.100.8935 - still okay

    And then to see what keep happening when Windows does it's thing, whether that is a prompted or even an unprompted update
    [I have auto driver updates turned off].

    14) go-to the Windows "search" bar and type in "Windows Update".


    15) open device manager
    16) select "intel(R) UHD Graphics 630".

    note driver version now goes back to 26.20.100.7261 = bad. This is the vulnerable version

    And now we're stuck with 26.20.100.7261 unless repeat above exercise and only until the next windows version check.
    It's impossible to "update driver" even if you know the folder location.
     
  4. crypticc

    crypticc Member

    p.s. interesting this was on Windows 10 before updating to 2020-11 culminative update.

    This time I tried installing 2020-11 culminative update. [while it was updating it again tried to install 26] .20.100.7261
    But after the update was done but before accepting the reboot from that culminative update I then repeated the above steps to uninstall the old driver and install updated drivers.

    I then accepted reboot of the culminative update.

    Since then a few checks of trigger both scan for hardware changes and I'm still on 27.20.100.8935 = good
     
Thread Status:
Not open for further replies.
Sign In with Razer ID >


Don't have a Razer ID yet?
Get Razer ID >