Microsoft has released Intel Microcode update that resolve MDS speculative side channel execution vulnerabilities in older versions of Windows 10 and Windows server.
Last month, researchers disclosed new Microarchitectural Data Sampling (MDS) vulnerabilities that allow applications to read data from locations they should not have access to. This includes the operating system kernel, processes, the Software Guard eXtensions (SGX) enclave, and CPU-internal operations.
This could allow programs that exploit these vulnerabilities to steal sensitive information such as passwords and cryptographic keys.
To mitigate these vulnerabilities in older versions of Windows 10, Microsoft has released the following new updates today:
- KB4494175: Intel microcode updates for Windows 10, version 1607, and Windows Server 2016
- KB4494452: Intel microcode updates for Windows 10, version 1709
- KB4494453: Intel microcode updates for Windows 10, version 1703
- KB4494454: Intel microcode updates for Windows 10 RTM
If you are using these versions of Windows 10, you should check to see if the released Microcodes support your CPU and install them.
Update 6/4/19: This article erroneously stated these updates were released yesterday due to a timestamp update on the support bulletins. These updates were released on May 14th, 2019.
I apologize for the confusion.
Comments
Gerrie57 - 5 years ago
Those updates weren’t released today.
If you click on the download links on MS update catalog, you’ll see they were released on May 14.
They were also already visible in the microcode overview from May 15.
https://support.microsoft.com/en-us/help/4093836/summary-of-intel-microcode-updates