Getac Technology Corporation Statement for 2025H2 security update.

NOTICE:
Getac Technology Corporation (“Getac”) continues to work on qualifying and applying the fixes provided by Intel Corporation (“Intel”) / Insyde Software Corp. (“Insyde”) on supported Getac systems. Please refer to the table below to identify fixes for your systems.

Release Date: 12^th Dec, 2025 

Latest Release Date: 12^th Dec, 2025

Summary:

This security update is for 2025H2, but during the testing period, issues from 2025Q3 were also partially covered. Please refer to the SAs below for further information.

Intel SA-01270: Potential security vulnerabilities in some Intel^® PROSet/Wireless WiFi Software products may allow denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. (link)

Intel SA-01259: Potential security vulnerabilities in some Intel^® Graphics software may allow escalation of privilege, denial of service or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. (link)

Intel SA-01253: Potential security vulnerabilities in some Intel^® Graphics Driver software may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. (link)

Intel SA-01252: A potential security vulnerability in some Intel^® Arc™ GPU may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. (link)

Intel SA-01247: Potential security vulnerabilities in some Intel^® Processor indirect branch predictors may allow information disclosure. Intel is releasing microcode updates to mitigate these potential vulnerabilities. (link)

Intel SA-01235: Potential security vulnerabilities in some Intel^® Graphics software may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. (link)

Intel SA-01224: Potential security vulnerabilities in some Intel^® PROSet/Wireless WiFi and Killer™ WiFi software products may allow information disclosure or denial of service. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. (link)

Intel SA-01203: Potential security vulnerabilities in some Intel^® System Security Report and System Resource Defense (PPAM) firmware may allow escalation of privilege or information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. (link)

Intel SA-01180: A potential security vulnerability in the Intel^® Integrated Connectivity I/O interface (CNVi) for some Intel^® Core™ Ultra Processors may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. (link)

Intel SA-01153: A potential security vulnerability in some Intel^® Processors may allow information disclosure. Intel is releasing microcode updates and prescriptive guidance to mitigate this potential vulnerability. (link)

Intel SA-01152: Potential security vulnerabilities in Intel^® Converged Security and Manageability Engine (CSME), Intel^® Active Management Technology (AMT), and Intel^® Standard Manageability firmware may allow information disclosure, denial of service, or escalation of privilege. Intel is releasing updates to mitigate these potential vulnerabilities. (link)

Intel SA-01144: Potential security vulnerabilities in some Intel^® Ethernet Adapter Complete Driver Pack may allow escalation of privilege or denial of service. Intel is releasing updates to mitigate these potential vulnerabilities. (link)

Intel SA-01139: Potential security vulnerabilities in the UEFI firmware for some Intel^® Processors may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing UEFI firmware and CPU microcode updates to mitigate these potential vulnerabilities. (link)

Intel SA-01044: A potential security vulnerability in some Intel^® Video Processing Library (VPL) software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. (link)

Intel SA-00606: A potential security vulnerability in some Intel^® Wireless Bluetooth^® and Killer™ Bluetooth^® products may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. (link)

Insyde SA-2024015: AcpiS3SaveDxe/ChipsetSvcDxe: A potential DXE memory corruption vulnerability. (link)

Insyde SA-2024016: VariableRuntimeDxe: Unsafe functions may cause buffer over-read. (link)

Insyde SA-2024018: UsbCoreDxe: Improper input validation may cause arbitrary code execution. (link)

Insyde SA-2024019: [EDK2] Integer overflows in PeCoffLoaderRelocateImage. (link)

Insyde SA-2024021: Howyar Reloader UEFI Application vulnerable to execution of unsigned software in a hardcoded path. (link)

Insyde SA-2025001: [OpenSSL]Timing side-channel in ECDSA signature computation. (link)

Insyde SA-2025002: SecureFlashDxe: Incorrect UEFI variable attributes check allows usage of invalid certificate. (link)

Insyde SA-2025003: [FreeType] Upgrade FreeType to v2.13.3. (link)

Getac Affected Products and Recommendation:

• For certain products currently being manufactured or already in the field, Getac will also release solutions for the update. Please check the affected products in the table below:  

• The latest version solution is backwards-compatible with the previous version.

GETAC AFFECTED PRODUCTS AND SOLUTION (Intel SA-01270 / Intel SA-01224 / Intel SA-00606)

* Please note that the schedule above is subject to change due to the test status.

GETAC AFFECTED PRODUCTS AND SOLUTION (Intel SA-01259 / Intel SA-01253 / Intel SA-01252 / Intel SA-01235 / Intel SA-01044)

* Please note that the schedule above is subject to change due to the test status.

GETAC AFFECTED PRODUCTS AND SOLUTION (Intel SA-01144)

* Please note that the schedule above is subject to change due to the test status.

GETAC AFFECTED PRODUCTS AND SOLUTION (Intel SA-01152/ Intel SA-01166/ Intel SA-01203/ Intel SA-01153/ Intel SA-01180/ Intel SA-01247/ Intel SA-01139/All Insyde SAs)

* Please note that the schedule above is subject to change due to the test status.

GETAC AFFECTED PRODUCTS AND SOLUTION (Intel SA-01152)

* Please note that the schedule above is subject to change due to the test status.

GETAC AFFECTED PRODUCTS AND SOLUTION (Intel SA-01180)

* Please note that the schedule above is subject to change due to the test status.

Getac Disclaimer:

All content and other information mentioned in this statement or offered arising from the issue described herein are provided on an “as is ” basis. Getac hereby expressly disclaims any warranties of any kind, express or implied, including without limitation warranties of merchantability, fitness for any particular purpose, non-infringement of intellectual property. All products, information, and figures specified are preliminary based on current expectations and Getac reserves the right to change or update any content thereof at any time without prior notice. Getac assessments have been estimated or simulated using Getac internal analysis or architecture simulation or modeling, and may not represent the actual risk to the users’ local installation and individual environment. Users are recommended to determine the applicability of this statement to their specified environments and take appropriate actions. The use of this statement, and all consequences of such use, is solely at the user’s own responsibility, risk, and expense thereof. In no event shall Getac or any of its affiliates be liable for any and all claims, damages, costs or expenses, including without limitation, loss of profits, loss of data, loss of business expectancy, compensatory, direct, indirect, consequential, punitive, special, or incidental damages or business interruption arising out of or in connection with related to the information contained herein or actions that the user decides to take based thereon. Getac reserves the right to interpret this disclaimer and update this disclaimer whenever necessary.