In a fresh move to further shore up security, Microsoft is providing Intel’s Spectre fix for PCs with Skylake processors running Windows 10 – with further patches to be delivered for older generation CPUs in the future.
Of course, Intel is already pushing out Spectre (and Meltdown) patches itself, with numerous processor families seeing microcode updates released in the past few weeks; but Intel doesn’t supply these directly to end users.
Rather, they’re given to hardware manufacturers, who must subsequently incorporate these fixes into their firmware updates, test them, then release them to the actual consumer. In the case of some smaller manufacturers, that process could take some time, so what Microsoft is effectively doing here is offering another route to protect yourself.
If you haven’t got the patch through from your hardware vendor, then you can grab it directly from Microsoft instead. The current caveat is you need to be running the latest version of Windows 10 (Fall Creators Update), in which case you can snag the first patch – which covers ‘some’ Skylake devices – from the Microsoft Update Catalog (it’s update KB4090007).
Microsoft doesn’t specify exactly which Skylake PCs will be able to apply the update currently, but coverage will broaden in time, and indeed the company will start to offer Intel’s patches for other Core processors, too.
In a blog post, Microsoft noted: “We will offer additional microcode updates from Intel as they become available to Microsoft. We will continue to work with chipset and device makers as they offer more vulnerability mitigations.”
Getting your fix
Following Intel’s revamped Skylake fix – which was overhauled to resolve issues that could potentially cause system instability – the chip giant pushed out rejigged fixes for Kaby Lake and Coffee Lake CPUs, and then most recently for Broadwell and Haswell processors.
So logically we can expect coverage from Microsoft to come in the same order, going forward.
Meanwhile, Microsoft is still patching its Windows operating system against these vulnerabilities, as this is a two-pronged effort: both software and hardware need to be patched up.
And hopefully all the holes will be covered before Meltdown or Spectre exploits are let loose in the wild (which may not be too long, given that white hat security experts have already formulated a proof-of-concept exploit which was successfully used on a MacBook).
Via the Inquirer