Will it ever end? Microsoft released new Intel microcode updates for Windows 10 that install or update protections against various Spectre variants.
The updates are available for Windows 10 versions 1803, 1709, 1703, 1607 and 1507, and currently only available on the Microsoft Update Catalog website.
Günter Born notes that the update will also become available through Windows Update and WSUS, but this does not appear to be the case at this point in time.
The updates KB4346084, KB4346085, KB4346086, KB4346087, KB4346087 and KB4346088 update protections against attacks targeting vulnerabilities in Intel processors that affect most Intel processors.
If you don't know whether your Intel processor is affected try the free tool InSpectre for Windows to find out about it. You may also run commands from a PowerShell prompt to display vulnerability information.
The summary page highlights what the update does:
Intel recently announced that they have completed their validations and started to release microcode for recent CPU platforms that are related to Spectre Variant 3a (CVE-2018-3640: "Rogue System Register Read (RSRE)"), Spectre Variant 4 (CVE-2018-3639: "Speculative Store Bypass (SSB)"), L1TF (CVE-2018-3615, CVE-2018-3646: "L1 Terminal Fault"). In addition to microcode updates previously released in KB4100347 to address Spectre Variant 2 (CVE 2017-5715: "Branch Target Injection"), this update also includes microcode updates from Intel for the following CPUs.
In other words, the new update adds protection against Spectre variants 3a and 4, and includes previous updates as well that Intel and Microsoft released earlier.
The updates are standalone updates for the version of Windows 10 they have been created for. The mitigations are active immediately on client systems; Server administrators need to make modifications to systems they administrate to apply the protections according to Microsoft.
Windows 10 version 1803 users who check Windows Update may get an updated version of KB4100347 at this point in time. It is unclear why this update is delivered since it has been replaced by the update mentioned below.
I wish Microsoft would make it easier for users and administrators to follow what is going on. Why is there no page on the Microsoft website that lists operating system versions and the patches available for them to deal with Spectre threats?Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.