Video: Intel's patches for Spectre variant 4 will slow your CPU.
Meltdown-Spectre
Microsoft has released a set of new microcode patches from Intel that address Spectre vulnerabilities, as well as the recently disclosed Foreshadow attacks.
The updates are available for all supported versions of Windows 10 and Windows Server.
As noted on the support page for Windows 10 version 1803, the microcode updates include mitigations for Spectre Variant 3a, CVE-2018-3640, Spectre Variant 4, CVE-2018-3639, as well as two of the Foreshadow bugs, CVE-2018-3615 and CVE-2018-3646, which are also known as L1TF or 'L1 Terminal Fault'.
As Microsoft recently highlighted, Windows machines with affected Intel CPUs will need microcode as well as software patches to mitigate the Foreshadow attacks.
SEE: 20 pro tips to make Windows 10 work the way you want (free PDF)
Microsoft began helping Intel deliver its microcode updates after Intel first started addressing the Meltdown and Spectre CPU flaws in January. The microcode updates help mitigate Spectre Variant 2, CVE 2017-5715.
Foreshadow includes CVE-2018-3615, which affects Intel's Software Guard Extensions (SGX) enclaves, while CVE-2018-3620 affects operating systems and System Management Mode (SMM) memory. CVE-2018-3646 impacts virtualization.
Microsoft made the updates, all dated 8/20/2018, available on the Microsoft Update Catalog this week.
Previous and related coverage
Microsoft: Here's how to limit 'Foreshadow' attack impact
Windows Server admins using Hyper-V have some complicated choices to make about how best to mitigate Foreshadow on Intel hardware.
Another day, another Intel CPU security hole: Lazy State
Intel has announced that there's yet another CPU security bug in its Core-based microprocessors.
Meltdown-Spectre: Oracle's critical patch update offers fixes against CPU attacks
The enterprise software giant is working on Spectre fixes for Solaris on Sparc V9.
New Spectre variant 4: Our patches cause up to 8% performance hit, warns Intel
Intel's Spectre variant 4 patch will be off by default, but users who turn it on are likely to see slower performance.
Spectre chip security vulnerability strikes again; patches incoming
Are 8 new 'Spectre-class' flaws in Intel CPUs about to be exposed?
Reports are emerging of eight new 'Spectre-class' security CPU vulnerabilities.
Ex-Intel security expert: This new Spectre attack can even reveal firmware secrets
A new variant of Spectre can expose the contents of memory that normally can't be accessed by the OS kernel.
Microsoft to Windows users: Here are new critical Intel security updates for Spectre v2
Microsoft releases new Windows updates to address the Spectre variant 2 flaw affecting Intel chips.
Windows 10 on AMD? This new update plus Microsoft's patch block Spectre attacks
AMD has released microcode updates for Spectre variant 2 that require Microsoft's latest Windows 10 patch.
Intel: We now won't ever patch Spectre variant 2 flaw in these chips
A handful of CPU families that Intel was due to patch will now forever remain vulnerable.
Windows 7 Meltdown patch opens worse vulnerability: Install March updates now
Microsoft's Meltdown fix opened a gaping hole in Windows 7 security, warns researcher.
Intel's new Spectre fix: Skylake, Kaby Lake, Coffee Lake chips get stable microcode
Intel makes progress on reissuing stable microcode updates against the Spectre attack.
Got an old PC? Find out whether you will get Intel's latest Spectre patch TechRepublic
Intel has listed a range of CPUs released between 2007 and 2011 that will not receive a firmware update to help guard against Spectre-related exploits.
Class-action suits over Intel Spectre, Meltdown flaws surge CNET
Since the beginning of 2018, the number of cases has risen from three to 32.