Quietly provided Windows update

• update
• processor
• spectra
• windows
• windows-10
• permalink

 Facebook |  X/Twitter |  LinkedIn |  Reddit |  Email |  Link

Took them a whole year, but better late than never.

Took them a whole year, but better late than never.

Last month, Microsoft quietly released a Windows update that finally addresses the serious vulnerability of Intel processors. This includes hardware dating back to 2012.

Creates a side-channel
The vulnerability is widely discussed - but ultimately, the Ars Technica security company discovered a serious hole in all Intel processors introduced in recent years with the introduction of the Ivy Bridge series in 2012. Bitdefender reported the failure to Intel, where malicious can open a paging channel that leaks everything from encrypted content and passwords to private messages and other things that would normally not be shared by the one in question.

Early in 2018, it was speculated that the bug affects all CPUs and not just Intel, but Bitdefender could point out that they had tried to exploit the vulnerability with two different AMD processors where they failed to recreate the attack in any of the cases.

Delivered an update in silence
Microsoft says that the bug fix meant changing how the processor accesses the memory. Apparently, no need for micro node updates from machine manufacturers has arisen. In a statement, the company states that they have long been aware of the industry-wide problem and that they have worked closely with chip manufacturers who are influenced to develop and test ways they can protect customers.

The security update in question should be available in July, according to Microsoft itself. Those who have Windows Update enabled and who have kept up to date with security updates should have nothing to worry about, they write in the post.

Comments: