Intel patches 27 flaws in Wi-Fi adapters — what you need to do
Security holes could let local hackers seize total control
If your PC has an Intel or Killer Wi-Fi chip — and you may need to open Device Manager to find out — then it might be time to manually update the chip's driver. Intel has just patched 27 security flaws that affect 15 different wireless adapters.
The affected wireless chips are:
- Intel Wi-Fi 6E AX210
- Intel Wi-Fi 6 AX200, AX201
- Intel Wireless-AC 9260, 9461, 9462, 9560
- Intel Dual Band Wireless-AC 3165, 3168, 8260, 8265
- Intel Wireless 7265 (Rev D) Family
- Killer Wireless-AC 1550
- Killer Wi-Fi 6 AX1650
- Killer Wi-Fi 6E AX1675
The Killer line is made by a company Intel bought in 2020 that specializes in Wi-Fi chips for gaming PCs. Unlike the Intel-branded chips, Killer chips can be found on PCs that run on AMD CPUs as well as Intel CPUs. Most of these wireless chips, whether branded as Intel or Killer, handle Bluetooth connections too.
How to see what kind of wireless chip you're using
To find out what kind of Wi-Fi adapter you've got, type "device manager" into the Windows search field at the bottom left of your screen, then select the Device Manager when it pops up as a search result.
Scroll down to "Network adapters" and click the little arrowhead to the left to expand the listing. Your Wi-Fi adapter will be one of the top listings. For our workplace-issued Dell laptop, it was an Intel Dual Band Wireless-AC 8265, as seen on the list of vulnerable devices above.
How could someone use these flaws to attack you?
We're not going to trouble you with the details of the security flaws, which you can read about on Intel security advisories SA-00539, SA-00581 and SA-00582.
Suffice it to say that the flaws, as Intel puts it, "may allow escalation of privilege, denial of service or information disclosure" on the part of attackers via "local" or "adjacent" access.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
In plain English, that means that someone (or something) on the same wired or Wi-Fi network, or possibly hooked into the local network through a VPN, could use these flaws to temporarily knock out your Wi-Fi connectivity, steal sensitive data or, worst of all, gain control of your PC. (One of the flaws involves the Bluetooth component of the same chipsets listed above.)
The silver lining is that the attacks are not "remote" and hence won't work over the internet. The attacker would have to be in your home, your workplace or in a place that offers public Wi-Fi access, such as a hotel lobby, café or park.
How to install Intel and Killer wireless driver updates
We're not allowed to update the Wi-Fi chipset driver on our workplace PC, but you can do so on your home Windows computer by going to the appropriate page on the Intel website, downloading the firmware update and following the installation instructions.
In most cases, it's just a matter of downloading and running an executable file. Users of Linux and Chrome OS will get the patches directly from their OS distributors.
Here is the link to update the Wi-Fi drivers on plain old Intel wireless adapters. Users of Killer adapters have to download and install a different Wi-Fi driver patch. Both brands of adapters get the same Bluetooth driver update.
If you want to get fancy, you can download and install Intel's Driver & Support Assistant to keep all your Intel hardware automatically updated. But the addition of another program that can update firmware and has very high system privileges might just create another potential avenue of attack for hackers.
Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.