Next, some of Broadwell U i5-based NUC systems with firmware version prior to MYBDWi5v.86A have a bug that enables an authenticated user to boost their privilege level, perform a DOS attack, or expose supposedly-protected data. Updated firmware is available via the Intel website.
Rated less severe is another bug in Intel's processors. Deemed less of an issue than Spectre of Meltdown, the new vulnerability seems more related to SPOILER, and will require developers to adjust their software:
Considerably less troublesome than Spectre or Meltdown, the company claims, the vulnerability lies in the virtual memory mapping (VMM) capabilities of selected processors and allows an authenticated user on the local system to 'potentially enable information disclosure'. It's most closely related to the Spoiler vulnerability, and requires that developers tweak their software to resist side-channel and timing attacks - meaning Intel has not, and will not, be releasing patches of its own to resolve the vulnerability.Via: Bit Tech