Intel after being affected by severe vulnerabilities known as “Meltdown” and “Spectre” which are responsible exploit critical vulnerabilities in modern processors and these hardware vulnerabilities allow programs to steal data which is currently processed on the computer. with the help of a malicious program which can get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.
After patching those vulnerabilities, recently they also found a new one in their Smart Sound Tech which is a modern-day technology acting as an integrated audio Digital Signal Processor responsible for audio, voice, and speech interactions which allows the new generation Core and Atom processor of Intel to respond to the voice command of users quickly offering high fidelity audio without impacting system performance and battery life.
The Smart Sound Tech versions CVE-2018-3666, CVE-2018-3670, and CVE-2018-3672 were identified as vulnerable as a driver module was affected in this Smart Sound Tech before version 9.21.00.3541 especially the module CVE-2018-3670 which allows a local attacker to execute arbitrary code as administrator via a buffer overflow exploit.
However, Intel was pretty quick in patching this one and they want the users to check with system manufacturers for Intel® Smart Sound Technologies version 9.21.00.3541 or later. To find more details check this link out.