Microsoft lobs Skylake Spectre microcode fixes out through its Windows

Just go install Intel's patch while we hunt the next CPU-level security flaw in Intel's silicon

By Shaun Nichols in San Francisco


Microsoft is pushing out another round of security updates to mitigate data-leaking Spectre side-channel vulnerabilities in modern Intel x64 chips.

Redmond said those who run Windows 10 Fall Creators Update and Windows Server Core with Skylake (aka 6th-generation Core) CPUs can go through the Microsoft Update Catalogue to get KB4090007, which contains Intel's latest microcode patches to address Spectre design flaws in the processor silicon.

Specifically, the update will give those machines patches for CVE 2017-5715, also known as Spectre Variant 2. The branch target injection flaw would potentially allow malware on a PC or server to steal sensitive data, such as passwords, from kernel, hypervisor, or application memory.

The Skylake fixes are part of a larger line of microcode updates for the Spectre flaws that Intel is planning to roll out in the coming weeks. Chipzilla said people should obtain the security patches from their computer manufacturers, or via Microsoft.

Microsoft also gave an update on its work to address the compatibility issues that have arisen between some antivirus apps and its Meltdown/Spectre mitigations.

Redmond said that while it believes the "vast majority" of commercial anti-malware products are now able to handle the mitigations without triggering a blue screen of death, there are still some packages that may have problems, meaning Microsoft will continue to check which antivirus packages are in use and whether it is compatible with the fixes before a system is allowed to install the updates.

"We will continue to require that an AV compatibility check is made before delivering the latest Windows security updates via Windows Update until we have a sufficient level of AV software compatibility," Microsoft explained. "We recommend users check with their AV provider on compatibility of their installed AV software products."

Microsoft's next scheduled security update for all of its products (read: Patch Tuesday) is March 13. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Monday: Intel teases 48-core Xeon. Tuesday: AMD whips covers off 64-core second-gen Epyc server processor

Chipzilla more like Tyrannosaurus Rekt

Hmm, there's something fishy about this graph charting AMD's push into Intel's server turf

Epyc chips nibble bits off Xeon's x86 revenue share

Monday: Intel touts 28-core desktop CPU. Tuesday: AMD turns Threadripper up to 32

It's crazy how a little competition can cause that

Ex-Intel exec Diane Bryant exits Google cloud

Could Chipzilla replace Brian with a Bryant?

Linux 4.19 lets you declare your trust in AMD, IBM and Intel

Wave the CPU trust flag if you're feeling safe enough

Intel hands first Optane DIMM to Google, where it'll collect dust until a supporting CPU arrives

+Comment Leaked roadmap emerges, still full of holes

Another Meltdown, Spectre security scare: Data-leaking holes riddle Intel, AMD, Arm chips

CPU slingers insist existing defenses will stop attacks – but eggheads disagree

Cheap-ish. Not Intel. Nice graphics. Pick, er, 3: AMD touts Ryzen Pro processors for business

Quickly follows 2018's Pro Mobile parts

Google’s Android Emulator gains AMD and Hyper-V support

But Intel’s HAXM is still ‘Droid’s preferred hypervisor

A bit of intel on AMD's embedded Epyc and Ryzen processors

Dips Zen toes into embedded world with hot new SoCs