Microsoft: We've fixed Windows 10 1903's Cortana CPU spike bug

Microsoft addresses bug causing CPU problems for the past two weeks for Windows 10 version 1903 users.
Written by Liam Tung, Contributing Writer

Microsoft's mega Patch Tuesday update also brought a fix for a several-week-old Cortana bug that was causing high CPU pain for Windows 10 version 1903 users. 

Microsoft last week finally acknowledged user complaints about the Cortana process SearchUI.exe causing abnormally high CPU usage. 

SEE: 30 things you should never do in Microsoft Office (free PDF)

Complaints rolled in after users installed the KB4512941 update that Microsoft released on Friday, August 30, to address bugs from a previous cumulative update that were lingering on in version 1903. 

Microsoft promised that a fix for the high CPU usage would be provided by mid-September, but the company actually delivered it a little earlier, as part of its huge September Patch Tuesday update. 

"Addresses an issue that causes high CPU usage from SearchUI.exe for a small number of users. This issue only occurs on devices that have disabled searching the web using Windows Desktop Search," Microsoft said in the security update KB4515384 released yesterday

Still, a small number of Windows Insiders had reported the same issue through the Feedback Hub in preview testing of the buggy update, which Microsoft missed despite recent efforts to improve its detection of narrowly reported issues  

The Patch Tuesday update address two zero-day elevation of privilege flaws that were under attack already. The update included 80 security fixes.   

Additionally, Microsoft patched two remote code execution bugs in the Remote Desktop Protocol. However, these don't appear to be as dangerous as the recent BlueKeep and DejaBlue vulnerabilities, which could be used to create a wormable exploit to automatically infect vulnerable machines on the same network.

SEE MORE: Windows 10 1903: Buggy update slows PCs, breaks Desktop Search, says Microsoft

"Unlike BlueKeep and DejaBlue, these members of the Blue Bug Group are all client-side. An attacker would need to convince someone to connect to their malicious RDP server or otherwise intercept (MITM) the traffic," said Dustin Childs from Trend Micro's Zero Day Initiative.  

"It's good to see these issues patched, but they don't carry the urgency of the recent wormable bugs."

More on Microsoft's Windows 10 updates

Editorial standards