Tuesday, February 4th 2020
Microsoft Releases Microcode Updates Adressing Intel CPU Vulnerabilities under Windows 10
Microsoft today has released several microcode updates for Intel CPUs. The updates are meant to be applied in a case-by-case basis under their Windows 10 operating system, and these updates target several releases of that OS (ranging from version 1507 through version 1903/1909). These address several vulnerability exploits related to side-channel and speculative execution attacks on Intel CPUs.
The updates need to be installed specifically for the Windows OS version you're rocking, and on systems with CPUs affected by the vulnerabilities and covered by this microcode update release. These include Intel's Denverton (Atom C3000 series); Sandy Bridge, Sandy Bridge E and EP (2000 and 3000 series), Valleyview (Atom Z3000 series) and Whiskey Lake U CPUs (8000U series, 5000U series, and 4200U series). These updates must be installed manually by users.
Windows 10 version 1903/1909: KB497165
Windows 10 version 1809: KB4494174
Windows 10 version 1803: KB4494451
Windows 10 version 1709: KB4494452
Windows 10 version 1703: KB4494453
Windows 10 Version 1607: KB4494175
Windows 10 Version 1507: KB4494454
Source:
GHacks.net
The updates need to be installed specifically for the Windows OS version you're rocking, and on systems with CPUs affected by the vulnerabilities and covered by this microcode update release. These include Intel's Denverton (Atom C3000 series); Sandy Bridge, Sandy Bridge E and EP (2000 and 3000 series), Valleyview (Atom Z3000 series) and Whiskey Lake U CPUs (8000U series, 5000U series, and 4200U series). These updates must be installed manually by users.
Windows 10 version 1809: KB4494174
Windows 10 version 1803: KB4494451
Windows 10 version 1709: KB4494452
Windows 10 version 1703: KB4494453
Windows 10 Version 1607: KB4494175
Windows 10 Version 1507: KB4494454
11 Comments on Microsoft Releases Microcode Updates Adressing Intel CPU Vulnerabilities under Windows 10
The most shocking line in the article.:eek:
But because it's also user-controlled, it means that it's far less likely to be deployed in general due to being put off, thus slightly increasing the odds that it could be utilized by a malicious actor.
CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling (MSBDS)?
CVE-2018-12127 – Microarchitectural Load Port Data Sampling (MLPDS)
CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling (MFBDS)
What do Sandy Bridge EP and Whiskey Lake have in common that other Core series CPUs do not?