Microsoft to Windows users: Here are new critical Intel security updates for Spectre v2
Video: AMD and Microsoft join forces to block Spectre attacks.
Meltdown-Spectre
Microsoft has released new Windows updates that include Intel hardware fixes to address the Spectre variant 2 CPU flaw.
Microsoft this week published on the Microsoft Update Catalog KB4078407 and KB4091666, respectively a software update for Windows 10 and Windows Server 2016, and an update targeting Intel machines that includes the chip-maker's microcode updates.
The two updates address Spectre Variant 2 CVE-2017-5715, known as a branch target injection vulnerability disclosed by Google researchers in January.
Of all three variants that constitute Meltdown and Spectre, variant 2, which affects Intel and AMD chips, has been the most problematic.
Intel halted the rollout of its initial microcode updates after it was found they caused unexpected reboots. Intel last month completed re-releasing microcode mitigations for the Spectre variant 2 flaw in all CPUs ever released over the past nine years.
While hardware manufacturers were meant to release Intel's updates, Microsoft in March began releasing them, starting with the Windows 10 Fall Creators Update, version 1709, on devices with specific 6th Generation Intel Core and Core m processors: Skylake H/S (CPUID 506E3) and Skylake U/Y and U23e (CPUID 406E3).
See more: IT pro's guide to the Windows 10 Fall Creators Update (free PDF)
Microsoft recommends users check with their device manufacturer before installing KB4078407.
The KB4091666 Windows Update brings Intel's microcode updates to more families of Intel CPUs than the initial March update KB4090007. The newer update covers Intel Core, Pentium, Celeron, and Xeon processors from Skylake, Broadwell, and Haswell CPUs.
"We will offer additional microcode updates from Intel thru this KB Article for these operating systems as they become available to Microsoft," Microsoft noted in a support document.
Microsoft has also released a new KB4090007 package for the Fall Creators Update with Intel's hardware updates for more Skylake, Broadwell, and Haswell CPUs.
Previous and related coverage
Windows 10 on AMD? This new update plus Microsoft's patch block Spectre attacks
AMD has released microcode updates for Spectre variant 2 that require Microsoft's latest Windows 10 patch.
Intel: We now won't ever patch Spectre variant 2 flaw in these chipsA handful of CPU families that Intel was due to patch will now forever remain vulnerable.
Windows 7 Meltdown patch opens worse vulnerability: Install March updates nowMicrosoft's Meltdown fix opened a gaping hole in Windows 7 security, warns researcher.
Intel's new Spectre fix: Skylake, Kaby Lake, Coffee Lake chips get stable microcodeIntel makes progress on reissuing stable microcode updates against the Spectre attack.
Got an old PC? Find out whether you will get Intel's latest Spectre patch (TechRepublic) Intel has listed a range of CPUs released between 2007 and 2011 that will not receive a firmware update to help guard against Spectre-related exploits.
Class-action suits over Intel Spectre, Meltdown flaws surge (CNET) Since the beginning of 2018, the number of cases has risen from three to 32.