PC-Doctor Responds to Intel Ethernet Diagnostic Driver Security Vulnerability

Press Release

MEDIA CONTACT
Bob Zaretsky
PC-Doctor, Inc.
This email address is being protected from spambots. You need JavaScript enabled to view it.
+1 (775) 336-4000

FOR IMMEDIATE RELEASE

Intel Ethernet Diagnostic Driver Security Vulnerability

PC-Doctor, Inc., the global leader in PC, Android, Chrome OS, and Mac system health technologies, has learned of a security vulnerability in an Intel-provided driver used in our Intel-specific network diagnostics for Windows.

Vulnerability Details

This vulnerability may allow a local administrator to potentially enable escalation of privilege. For more details, refer to INTEL-SA-00135.

This vulnerability can be exploited only if someone with local administrative access to the system makes a specially crafted request to Intel’s driver while it is loaded by a PC-Doctor product. The Intel driver is loaded briefly when PC-Doctor detects hardware in the system, and when a user runs network diagnostics on some Intel Ethernet controllers.

Impacted Products

The impacted PC-Doctor products are those running under Windows with a bundled version of Intel's network diagnostics driver (< 1.4.0.10), including:

Toolbox 8.1 and earlier
PC-Doctor for Windows 8.1 and earlier
Service Center 14 and earlier
Factory products 6.10 and earlier

Updated Products

Factory products 6.11 and later

Recommendation

PC-Doctor recommends that Factory customers update to the newest version. We will provide updated versions of other impacted products in the future.

In the meantime, it is possible to use the following steps to remove the vulnerable driver and the software components that use it.

Quit PC-Doctor applications running on the system
Delete from the PC-Doctor installation directory (if present):
- pcdrsysinfonal.p5x
- pcdrsysinfonal.p5m
- pcdrnal.p5x
- pcdrnal.p5m
- iqvw32.cat
- iqvw32.inf
- iqvw32.sys
- iqvw64e.cat
- iqvw64e.inf
- iqvw64e.sys
- iqvw64.inf
- iqvw64.sys
  
  Depending on the version of PC-Doctor and the architecture of the processor, only a subset of the files listed above will be present.
OPTIONAL: Delete from c:\windows\system32\drivers (if present):
- iqvw32.inf
- iqvw32.sys
- iqvw64e.inf
- iqvw64e.sys
- iqvw64.inf
- iqvw64.sys
  
  PC-Doctor copies the driver files from its installation directory to system32\drivers while running, and then removes them on application close.
  
  Note: Products from other vendors may install these files into system32\drivers, and may use a newer, non-affected version. On the other hand, software from other vendors may install a vulnerable version of the Intel driver permanently on a system. For non-PC-Doctor installed drivers, we recommend checking the Intel advisory for further steps.

About PC-Doctor
Founded in 1993, PC-Doctor, Inc. is the global leader in PC and Android system health, and contextual messaging — offering the most comprehensive set of diagnostic, system information and software tools available. Our system health products optimize product quality, support, and service for the computer user, generating demonstrable savings for our customers. Several of the world's largest PC manufacturers are our clients, and they load tens of millions of copies of our software on their systems every year. For more information about PC-Doctor and its products, visit www.pc-doctor.com or call (866) 289-7237. International customers should call (775) 336-4000.

###