Windows 10: New Intel Microcode for Spectre V3a, V4 & L1TF Gets Released
Microsoft began rolling out Intel's new countermeasure code against the Spectre V3a, Spectre V4 and L1TF vulnerabilities through Windows Update. It starts with a patch for the latest version of Windows 10, version 1809 October 2018 Update, and Windows Server 2019.
Patch for Broadwell-E to Coffee Lake-S
The patch with the identifier KB4465065 addressed for the time being only CPUs based on Skylake (-Y, -U, -H, -S, -D, -SP) Kaby Lake (Y, -U), a coffee Lake (-H, -S) and Broadwell (-E, -EP, -EX). Also for other versions of Windows 10 or older generations of Windows, the update is not yet available.
After the installation, countermeasures for the Specter V3a and L1TF vulnerabilities are automatically active, but not for Specter V4 - here, users have to be activated by manual intervention in the registry in order to activate this protection as well. The reason for this decision is likely to be the expected loss of performance: Intel calls for two to eight percent less performance in SYSmark 2014 SE and SPEC's integer test.
New microcode via Windows Update instead of BIOS
As a result of serious security vulnerabilities in CPUs, Microsoft first distributed updates with new microcode in April against the Spectre V2 for Windows 10 vulnerabilities. Owners of motherboards, for which the manufacturers had not yet provided a BIOS update with a new microcode, were thus able to secure their system. Previous manual attempts to manually load the new microcode already released by Intel into Windows 10 failed.
Details of Specter V3a, V4, and L1TF
Spectre variant 3a as a new version of "Meltdown" (variant 3) was discovered independently of Google's Project Zero and Microsoft Security Response Center and published in detail by ARM in May ( white paper as PDF ). Affected are Cortex-A15, -A57 and -A72 ARM cores, with ARM classifying the risk that attackers are taking advantage of the gap as so low that countermeasures are not currently considered necessary. As with Meltdown, all of Intel's CPU architectures since the 1st generation core have been affected by this manufacturer.
Spectre Variant 4 ( white paper ) got discovered at Google's Project Zero. Like Specter Variant 1, this vulnerability can be plugged into customization in applications, with Specter V1's existing measures benefiting Specter V4 as well. However, to prevent the gap from being exploited through other means, Intel and Partners have decided to re-adjust the CPU microcode as well. It also contains countermeasures against variant 3a, which cost no performance. Variation 4 affects AMD, ARM, IBM and Intel.
L1 Terminal Fault (L1TF) again comprises three vulnerabilities that represent especially for virtual machines and cloud services at high risk because they allow attackers to leave the own instance and access data from another virtual machine.
Sponsored: Get a Windows 10 Pro Oem Key for $12.60 - 11/23/2018 03:41 PM
This content is an advertorial for SCDKey , but that doesn't mean we can't fire off a nice discount at you. Get a genuine Windows 10 Pro OEM Key for a price as low as 12.60$ with a Guru3D coupon. H...
Microsoft blocks Windows 10 October 2018 Update (Again) - 11/23/2018 10:00 AM
This time there is a flaw detected with Intel display drivers, Microsoft has decided to halt the Windows 10 October 2018 Update on computers with specific Intel display drivers. On systems with thes...
Windows 10 October Update Version 1809 re-released - 11/14/2018 10:10 AM
Microsoft's Windows 10 October 2018 Update has seen a bit of a difficult start, users started upgrading and found that their files were being deleted. Just four days later, the firm pulled the update...
New Microsoft Bug Invalidates Windows 10 Pro Licenses - 11/09/2018 10:35 AM
A new week, a new Windows 10 bug. As it seems there is an issue specific towards Windows 10 Pro license holders, for a number of people the license deactivates itself rendering the Windows 10 build u...
Windows 10 to use telemetry data to troubleshoot and automatically fix issues - 10/23/2018 08:34 AM
Microsoft shared word that it will start using Windows 10 telemetry data to help users with computer problems. Users with problems currently have to find the right troubleshooter to try to solve their...
Senior Member
Posts: 11808
Joined: 2012-07-20
It is that time of the year again... It's Bench Time!
Senior Member
Posts: 853
Joined: 2015-05-19
Intel has released updates for L1TF and Spectre v3a all the way back to Nehalem. Microsoft usually rolls those out in waves however, since older systems may require more validation.
You can always inquire with your motherboard vendor about a new BIOS with new Microcode if you need it in a more timely manner.
Senior Member
Posts: 4920
Joined: 2008-12-09
Better hope it doesn't wipe C:\
Senior Member
Posts: 3118
Joined: 2016-08-01
Any eta about the rollback before they get it right ? :p
Senior Member
Posts: 14643
Joined: 2014-07-21
Supporting Broadwell but not Haswell? F U Intel, F U so much.