All of the fixes have OS kernel components, and some of the fixes are combined with processor
microcode updates in addition to kernel updates.
Today, we are announcing the expansion of devices covered by Windows security updates by removing the anti-virus compatibility check for Windows 10 devices, expanding the availability of Intel
microcode updates in the Microsoft Catalog, and adding coverage for x86 editions of Windows 71 and Windows 8.1.
Not exact matches
We've now completed release of
microcode updates for Intel microprocessor products launched
in the last 9 + years that required protection against the side - channel vulnerabilities discovered by Google.
However, as indicated
in our latest
microcode revision guidance, we will not be providing
updated microcode for a select number of older platforms for several reasons, including limited ecosystem support and customer feedback.
A full list of available Intel
microcode updates by Window 10 version can be found
in KB4093836.
«After a comprehensive investigation of the microarchitectures and
microcode capabilities for these products, Intel has determined to not release
microcode updates for these products,» Intel says
in its latest guidance.
«We've now completed release of
microcode updates for Intel microprocessor products launched
in the last 9 + years that required protection against the side - channel vulnerabilities discovered by Google,» said an Intel spokesman.
In an
update on its efforts to combat Spectre and Meltdown, Microsoft says it is now starting to distribute
microcode updates from Intel.
In addition, Microsoft announced that it's making available Intel
microcode updates for the Windows 10 Fall Creators
Update, version 1709.
(Microsoft has stepped
in to provide
microcode updates, assisting smaller vendors who wouldn't or couldn't provide timely patches.)
Dell has now released new BIOS
updates with Intel's revised
microcode for datacenter servers and PowerEdge Server 14G, 13G, and 12G generation servers, with 11G
updates still
in process.
On January 22, three weeks after releasing
microcode updates to address the speculative execution side - channel vulnerabilities, Intel advised PC makers to halt the deployment of its Spectre patches due to unexpected system reboots and
in some instances data loss.
Intel has finally released new
microcode updates to address the Spectre Variant 2 flaw
in the older chips that triggered its across - the - board halt on early fixes for the vulnerability.
Chips with production fixes
in Intel's
microcode update guidance document have been validated by Intel and approved for use
in a production environment.
Bugs
in Intel's
microcode updates for the Spectre Variant 2 attack have caused the most problems on patched systems, prompting HP and Dell to pause and roll back their respective BIOS
updates, while Microsoft this week issued a Windows
update that disabled Intel's fix for Variant 2.
The chipmaker on Wednesday said it has released
microcode updates for several Skylake - based platforms, while
updates for other architectures will be released
in the coming days.
«Earlier this week, we released production
microcode updates for several Skylake - based platforms to our OEM customers and industry partners, and we expect to do the same for more platforms
in the coming days,» Intel vice president Navin Shenoy wrote.
In general, new CPU
microcode is provided through
updates to the system's UEFI firmware, or BIOS.
Microsoft will re-enable this protection
in the future when Intel releases stable
microcode updates.
The new
microcode will be made available
in most cases through OEM firmware
updates.
However, since
microcode updates can be reverted, developers relying on SGX
in the cloud would need to verify the CPU security version number during remote attestation.
In other words, an
updated microcode can send different instructions to the circuits inside the CPU.
Of course, Intel is already pushing out Spectre (and Meltdown) patches itself, with numerous processor families seeing
microcode updates released
in the past few weeks; but Intel doesn't supply these directly to end users.
In new
microcode revision guidance released by the chipmaker, Intel added a «stopped» status to its
microcode updates relating to the Meltdown and Spectre flaws, which would suggest that it won't be issuing patches to fully mitigate the vulnerabilities affecting a large number of its microprocessors.
«We've now completed release of
microcode updates for Intel microprocessor products launched
in the last 9 + years that required protection against the side - channel vulnerabilities discovered by Google Project Zero,» said Intel
in a statement to Threatpost.
Intel has officially pushed out
microcode updates with Spectre and Meltdown mitigations for all of the processors it launched
in the past...
Intel has officially pushed out
microcode updates with Spectre and Meltdown mitigations for all of the processors it launched
in the past five years.
The full list of firmware
updates is available
in «KB4090007: Intel
microcode updates.»
bleepingcomputer.com -
In a press release on Tuesday, Intel announced it resumed the deployment of CPU
microcode firmware
updates.
In a separate but related release, Microsoft announced it is significantly expanding the number of Intel - validated
microcode updates it's making available through the Microsoft Catalog site.
In addition to installing the microcode updates, full protection requires modifications to the Windows registry, as described in a pair of technical articles that cover Windows client software and Windows Server release
In addition to installing the
microcode updates, full protection requires modifications to the Windows registry, as described
in a pair of technical articles that cover Windows client software and Windows Server release
in a pair of technical articles that cover Windows client software and Windows Server releases.
«We have now released
microcode updates for 100 percent of Intel products launched
in the past five years that require protection against the side - channel method vulnerabilities discovered by Google,» Intel CEO Brian Krzanich announced
in a Thursday blog post.
Keeping its chips secure and performant at the same time is a long - term commitment, said Intel's Krzanich, who urges all users to keep their systems up - to - date at all times as more
microcode firmware
updates are coming for its processors
in the next few months, and it's the best and easiest ways to ensure you're always protected.