Microsoft releases KB4558130 and KB4497165 to fix Intel CPU security issues - gHacks Tech News

ADVERTISEMENT

Microsoft releases KB4558130 and KB4497165 to fix Intel CPU security issues

Microsoft has released two security updates for the company's Windows 10 and Windows Server operating systems to address security flaws found in many Intel processors. The updates address issues related to the Spectre and Meltdown flaws discovered in 2018,

Tip: you can find out if your systems are affected by the security issues in several ways. On Windows, you can use PowerShell or a third-party program like InSpectre, and if you are using Linux, you may find this checkup tool useful.

The updates that Microsoft released this week are for the following operating system versions:

  • KB4558130: Windows 10 version 2004 and Windows Server version 2004.
  • KB4497165: Windows 10 version 1903 and 1909, Windows Server version 1903 and 1909.

The updates address the following flaws:

  • CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
  • CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling (MSBDS)?
  • CVE-2018-12127 – Microarchitectural Load Port Data Sampling (MLPDS)
  • CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling (MFBDS)

Microsoft notes that Intel has "completed software validations" and released new microcode for "current CPU platforms" to fix these threats.

The updates should only be installed on systems with affected processors. You need to check the support page on the Microsoft website to find out if the installed processor on a system is supported by the update.

Since the flaws affect most Intel processors released by the company in recent time, it is very likely that the processor is on the list (unless it is very old or rare).

How to obtain the update

intel microcode updates KB4558130 KB4497165

Microsoft plans to make the update available via Windows Update, but only for "some select products (CPUs)". The company does not reveal the names of the processors. If you check on Windows Updates and don't see the update, you need to download it from the company's Microsoft Update Catalog website to download and install it manually.

Direct download links:

Note that you need to verify that the CPU of the system is supported by the updates before you start the process to avoid any issues.

Now You: Have you installed Intel microcode updates on your systems?

Summary
Microsoft releases KB4558130 and KB4497165 to fix Intel CPU security issues
Article Name
Microsoft releases KB4558130 and KB4497165 to fix Intel CPU security issues
Description
Microsoft has released two security updates for the company's Windows 10 and Windows Server operating systems to address security flaws found in many Intel processors.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: »

Comments

  1. some1 said on September 7, 2020 at 2:54 pm
    Reply

    Anyone knows what is meant by the number in parenthesis?

    Intel CPU products updated on September 1, 2020

    Coffee Lake H (8+2) ?

    Is it safe to assume i7-8750H is still vulnerable without this update?

    1. Yuliya said on September 9, 2020 at 10:12 pm
      Reply

      Windows Registry Editor Version 5.00

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]
      “FeatureSettingsOverride”=dword:00000003
      “FeatureSettingsOverrideMask”=dword:00000003

      https://i.imgur.com/fp7927V.png
      Just disable them. You might have to re-write this .reg manually, as gHacks commenting system modifies the quotation sign (“). In my experience Inspectre did no manage to disable both mitigations; this registry entry is the Microsoft’s official documentation.

  2. Romukas said on September 7, 2020 at 4:44 pm
    Reply

    It’s that time of year to make your Intel PC slower again. YAY!

  3. ilev said on September 7, 2020 at 9:45 pm
    Reply

    Microsoft has released 8 Intel CPU security fixes :

    KB4558130: Intel microcode updates for Windows 10 2004
    KB4497165: Intel microcode updates for Windows 10 1909 and 1903
    KB4494174: Intel microcode updates for Windows 10 1809
    KB4494451: Intel microcode updates for Windows 10 1803
    KB4494452: Intel microcode updates for Windows 10 1709
    KB4494453: Intel microcode updates for Windows 10 1703
    KB4494175: Intel microcode updates for Windows 10 1607
    KB4494454: Intel microcode updates for Windows 10 1507

    1. Yuliya said on September 9, 2020 at 10:05 pm
      Reply

      This. They have releases for (almost?) every Windows 10 version. AFAIK these won’t be pushed through WU.

  4. Kee Marcello said on September 7, 2020 at 10:51 pm
    Reply

    I think that in this point in time you might as well slap a big chunk of cold stale oatmeal porridge on your intel CPU for at least some layer of protection.

  5. Paul(us) said on September 8, 2020 at 2:04 am
    Reply

    Yes, I already did IN 2018 and after I read your article from today I installed KB4558130 the latest patch directly. Thanks for this article, Martin.

    I have maybe a strange question for you Martin.
    I am now wondering or tomorrow when its patch Tuesday that Microsoft will install again KB4558130 and when they do that, what can go wrong than?

    Any idea on that subject Martin (Or anybody else who knows this)?

  6. Peterc said on September 8, 2020 at 4:06 am
    Reply

    Ha! Ice Lake for the w…. You know, I *was* going to write, “Ice Lake for the win!”, but that’s more properly reserved for AMD CPUs in this context, so let’s make it, “Ice Lake for the non-loss this time ’round!”

    Seriously, though: if my CPU hadn’t been spared, I would *really* want to know what the expected performance penalty would be, “this time ’round.”

  7. piomiq said on September 8, 2020 at 10:37 am
    Reply

    Ahh. So Intel fixes their processors in this way. Hmmm. They release new generation of processors in 10nm, but cannot fix their holes on hardware level.

  8. Gregor Thurston said on September 8, 2020 at 12:21 pm
    Reply

    Another “protective veneer to security check”, as long as this doesn’t mean some clumsy interpolation in my CPU I’m okay with it.

  9. Sebas said on September 8, 2020 at 5:34 pm
    Reply

    Well Gibson’s In Spectre says my machine is protected, performance is good and there are this updates available.

    How big is the risk anyway for a normal home user? I will pass it.

    1. Yuliya said on September 9, 2020 at 10:07 pm
      Reply

      Avoid them. These are theoretical exploits, and if you’ve got something which attempts to laverage them on your machine, you’ve got bigger problems to worry about.

  10. JohnIL said on September 9, 2020 at 5:26 pm
    Reply

    I feel like these vulnerabilities never really became active in the wild. They were proof of concepts that simply were too difficult to use in the wild. We as end users paid more of price installing these fixes that slowed down what hardware we paid for. I never installed any of them except for a couple firmware updates but I installed those to address other more specific issues that affected me. Everyone talked about these until we were sick of reading about them. Then we never read another thing about them being used in the wild.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.