In order to provide protection against the new Spectre and Foreshadow CPU attacks, Microsoft has release out-of-bounds patches for Windows 10. These updates, made available late Monday, contain Intel’s latest microcode fixes for the recently discovered Spectre variant 3a and 4 vulnerabilities, which have been found affecting many modern vendor computer processors.
These vulnerabilities were detailed by us back in May. What Spectre variant 4 allows for is a Bypass attack, which lets a malicious script manipulate a program into revealing data handled by the program that the script shouldn’t have access to, for example, letting a script run and read across browser tabs.
What CPU has this affected?
- and certain ARM processors.
Meanwhile, the 3a variant of Spectre can allow ordinary programs to view system information, such as status flags, that should only be visible to low-level system software, such as device drivers or the operating system kernel. Whereas the Foreshadow CPU attacks affect a range of SGX-enabled Intel Core processors and allow malicious programs to bypass protections and read data from the L1 cache, fast memory available to each processor core.
These new Microsoft updates are applicable for every version of Windows 10, from the first build, 1507, through to 1803, also known as the April 2018 Update.
How can I update and what should I update?
For some, the updates can appear automatically for those managing machines using Windows Server Update Services (WSUS). However, they are also available to download directly via the Microsoft Update Catalog which can be found here, see the updates added on 20/8/2018. Also if you are using Windows Update you can go to Settings>Update & Security > Windows Update and then select Check for updates to trigger the update. Otherwise contact us, for a free assessment (Australia Only).
Spectre and Meltdown are vulnerabilities in modern chip design that could allow attackers to bypass system protections on nearly every recent PC, server and smartphone – allowing hackers to read all your sensitive information.
Both Intel and AMD who are the firms whose chips are found inside most PCs and servers say they are working on mitigating the risk posed by Spectre and vulnerabilities in future processors. Intel’s CEO stated in the 2017 Q4 earnings conference that Intel plans to release chips that offer built-in protections against Meltdown and Spectre attacks later in 2018. Advanced Micro Devices (AMD) CEO Lisa Su also stated that “Longer term, we have included changes in our future processor cores, starting with our Zen 2 design, to further address potential Spectre like exploits,” she continued; “We continue to collaborate closely with the industry on these vulnerabilities and are committed to protecting AMD users fro these and other security threats as they arise.”.
These changes remain unseen and we are yet to find out if AMD and Intel will actually be able to redesign their processors to nullify the risk from Spectre without having a significant impact on performance. Until then make sure that you are patched and if you don’t know what to do, you can contact us, for a free assessment (Australia Only).