Windows 10 security: Microsoft issues Intel microcode updates against MDS attacks

Microsoft releases standalone updates containing Intel microcode mitigations for recently disclosed MDS attacks.

Intel to Windows 10 users: You have patches for 19 severe flaws, use them! Update Intel Windows graphics drivers, and stop using Intel Matrix Storage Manager and USB 3.0 Creator Utility.

Microsoft has released new Intel microcode updates for older versions of Windows 10 to address the recently disclosed Microarchitectural Data Sampling (MDS) attacks that affect Intel CPUs.

Microsoft has already released software updates to address the four MDS speculative execution side-channel vulnerabilities, known as Zombieload, RIDL, and Fallout, and the company has now released Intel microcode updates that are required to be fully protected. 

The new Intel microcode updates from Microsoft, spotted by BleepingComputer, are for some older versions of Windows 10. The updates are available from the Microsoft update Catalog website. 

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

KB4494175 applies to Windows Server 2016, Windows 10, version 1607; KB4494452 applies to Windows 10, version 1709; KB4494453 applies to Windows 10, version 1703; and KB4494454 applies to Windows 10 RTM. 

An attacker could use the MDS flaws to retrieve data from inside Intel CPUs in processes to which the attacker's code should not have access.

According to Microsoft, an MDS attack on computers in the cloud could allow one virtual machine to improperly access information from another.   

While major cloud providers have already applied mitigations for the MDS attacks, it's expected to take much longer for consumer PCs to receive the full fix. 

Microsoft lists dozens of Intel CPUs for which the microcode update is available, ranging from Ivy Bridge CPUs to Intel's latest 9th generation Core processors. 

Microsoft notes that these updates are standalone updates targeted to the respective versions of Windows 10. 

"This update also includes Intel microcode updates that were already released for these operating systems at the time of release to manufacturing (RTM)," it adds. 

It also urges users and admins to hold off applying these updates until they check with their device manufacturer and Intel websites to see what's recommended regarding the microcode.

More on MDS and Windows 10 security