Basically the driver updater looks over HTTP and downloads an unencrypted, easily parsable XML file with URLs leading to the files to download and execute as admin. A man in the middle attack could easily exploit this.

Source: Intel Driver Update Utility MiTM

This is a lot like the Drupal update vulnerability.