Microsoft releases emergency patches to address Meltdown and Spectre vulnerabilities affecting most current processors

Spectre is more difficult to pull off, but it is harder to mitigate, as well. (Source: Google)

Windows promptly released security updates for all the Windows 10 builds in ordered to fix the Meltdown and Spectre vulnerabilities discovered by the Google Project Zero team earlier this week. Although there have not been reports of exploited systems, Windows 10 users had better install the patch.

Bogdan Solca, Published 01/04/2018

Earlier this week, the Google Project Zero team discovered critical security flaws in Intel’s, ARM’s and AMD’s processors that can be exploited to gain access to the entire system powered by the aforementioned CPUs. Google nicknamed these two flaws “Meltdown” and “Spectre” and said that they affect all Intel’s CPUs and the ARM-based SoCs, but have little to no effect on AMD’s chips. Microsoft was quick to address these issues and immediately released a series of patches for systems running Windows 10, but in its haste, the company forgot to provide clear notes on what exactly these patches can fix.

According to a Microsoft spokesperson, the Windows team has been working together with all the implicated chip manufacturers and were able to provide solutions in a timely manner, although it looks like there has not been any Windows customer report involving vulnerability exploits as of yet. The Meltdown vulnerability is considerably easier to fix than Spectre, but both are as critical as it gets when exploited to full effect.

Microsoft mentions that the security patches update the Windows SMB Server, the Windows Subsystem for Linux, Windows Kernel, Windows Datacenter Networking, Windows Graphics, Microsoft Edge, Internet Explorer, and the Microsoft Scripting Engine. There are no details regarding how these updates fix the vulnerabilities, however.

Here is the list of all the patches released for various Windows 10 versions:
•   Windows 10 Fall Creators Update is receiving KB4056892 (Build 16299.192)
•   Windows 10 Creators Update Version 17033 gets KB4056891 (Build 15063.850)
•   Version 1607 is getting KB4056890 (Build 14393.2007)
•   1511 receives KB4056888 (Build 10586.1356) – for enterprise and education only.
•   The original Windows 10 version is receiving KB4056893 (Build 10240.17738) – for enterprise only.

Even if no reports of the critical exploits have been recorded for now, Windows 10 users are strongly advised to install the security patch.

Source(s)

Microsoft

WCCFTech

AMD Ryzen 7000 series architecture (Source: AMD)

AMD Ryzen 7000 CPUs are faster in Linux with Spectre V2 mitigations enabled 10/05/2022

HP Support Assistant is vulnerable to DLL hijacking

New security flaw discovered in HP Support Assistant 09/08/2022

SplitSpectre threatens both Intel and AMD processors (Source: ZDNet)

The phantom returns: Researchers discover a new Spectre CPU attack, name it SplitSpectre 12/04/2018

Meltdown alongside Spectre was originally reported as a hardware level exploit on Intel CPUs (Source: meltdownattack.com)

Qualcomm CPUs have been shown to be unprotected against the Meltdown exploit, researchers say 08/09/2018

It has been standard practice to give companies 60-90 days to react to newly found exploits.

Previously unheard-of company claims AMD chips are full of vulnerabilities, does not provide details 03/14/2018

How to check if your PC is protected from Meltdown and Spectre 02/13/2018

The Chinese knew of Meltdown and Spectre much before the US Government according to The WSJ. (Source: Reddit)

Intel alerted select corporations about Meltdown/Spectre, China speculated to have known about it before the US 01/30/2018

Users of Intel 'Broadwell' chips will get a more reliable microcode update in the coming weeks. (Source: Wccftech)

Intel readying a more reliable Meltdown/Spectre fix for 'Broadwell' and 'Haswell' platforms 01/24/2018

'Haswell' CPU owners are getting increased security at the expense of reliability. (Source: Overclock3D)

Intel 'Haswell' and 'Broadwell' CPU users complain of higher system reboots after applying Meltdown and Spectre patches 01/14/2018

Meltdown and Spectre threats could also hit Chromebooks with the exception of those with ARM processors

Meltdown and Spectre patches not coming to older Chromebooks 01/12/2018

Microsoft blames the security update bricking systems on AMD. (Source: basstechintl)

Microsoft's Meltdown and Spectre security updates have been bricking AMD machines 01/09/2018

Andy Rubin's Essential Phone gets January 2018 Spectre and Meltdown fix

Essential Phone gets Spectre and Meltdown fix 01/08/2018

Apple devices are already protected against Meltdown without any hit to performance 01/05/2018

Microsoft's foldable phone dock shows notifications even in an undocked state. (Source: USPTO)

Microsoft patents a foldable phone dock 01/01/2018

Project Andromeda app listing spotted in the Microsoft Store 12/30/2017

The 'Surface Phone' is rumored to be foldable device like the Microsoft Courier. (Source: All About Windows Phone)

Microsoft India chief keeps the possibility of a 'Surface Phone' open 12/27/2017

Apple is contemplating on an unified app development model similar to Microsoft's UWP. (Source: Microsoft)

Apple mulling at unified app development a la Microsoft's UWP 12/21/2017

The Chrome installer can now be downloaded from the Microsoft Store. (Source: MSPoweruser)

Google throws a bone at the Microsoft Store, offers download of Chrome installer 12/20/2017

Read all 1 comments / answer

Loading Comments

Comment on this article

ThinkPad L380 & L380 Yoga, ThinkPad...

LG presents world's first 88-inch 8...

Bogdan Solca - Senior Tech Writer - 2121 articles published on Notebookcheck since 2017

I first stepped into the wondrous IT&C world when I was around seven years old. I was instantly fascinated by computerized graphics, whether they were from games or 3D applications like 3D Max. I'm also an avid reader of science fiction, an astrophysics aficionado, and a crypto geek. I started writing PC-related articles for Softpedia and a few blogs back in 2006. I joined the Notebookcheck team in the summer of 2017 and am currently a senior tech writer mostly covering processor, GPU, and laptop news.

contact me via: Facebook

Please share our article, every link counts!

> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2018 01 > Microsoft releases emergency patches to address Meltdown and Spectre vulnerabilities affecting most current processors

Bogdan Solca, 2018-01- 4 (Update: 2018-01- 4)

Microsoft releases emergency patches to address Meltdown and Spectre vulnerabilities affecting most current processors

Source(s)

Related Articles