- Jul 22, 2014
- 2,525
Windows users running the latest version of Windows 10 on recent Intel processors will soon be receiving Intel's microcode updates to address the Spectre variant 2 attack.
Earlier this year, attacks that exploit the processor's speculative execution were published with the names Meltdown and Spectre, prompting a reaction from hardware and software companies. Intel released microcode updates for its processors to provide operating systems with greater control over certain aspects of this speculative execution; however, the company's initial releases were found to cause problems.
Intel has since fixed the microcode bugs, but until this point Microsoft has said that Windows users should turn to their system vendors to actually get the new microcode.
Microcode updates have two main distribution channels. The first is system firmware; the firmware can update the processor during system boot. The value this has is that it's independent of the operating system, and it ensures that the system is always using the current microcode when it's in use. The downside is that many vendors do not provide firmware updates for systems more than a few years old, and even when firmware updates are available, they typically need to be manually hunted down and installed.
The second route to distribution is through the operating system installing new microcode. Windows has microcode drivers for Intel and AMD processors and will update their microcode when it starts up. These drivers are periodically updated to include the latest microcodes. For reasons that aren't entirely clear, Microsoft hasn't been offering the latest Intel microcode updates through its driver, leaving the firmware the only option.
However, that changes today. Microsoft is offering a microcode update on the Windows Catalog. Initially, this only covers certain Skylake processors, but Microsoft says it will expand as more microcodes become available. The company doesn't yet appear to be committing to shipping this update through Windows Update; it must still be downloaded and installed manually from the Catalog.
...
...
Earlier this year, attacks that exploit the processor's speculative execution were published with the names Meltdown and Spectre, prompting a reaction from hardware and software companies. Intel released microcode updates for its processors to provide operating systems with greater control over certain aspects of this speculative execution; however, the company's initial releases were found to cause problems.
Intel has since fixed the microcode bugs, but until this point Microsoft has said that Windows users should turn to their system vendors to actually get the new microcode.
Microcode updates have two main distribution channels. The first is system firmware; the firmware can update the processor during system boot. The value this has is that it's independent of the operating system, and it ensures that the system is always using the current microcode when it's in use. The downside is that many vendors do not provide firmware updates for systems more than a few years old, and even when firmware updates are available, they typically need to be manually hunted down and installed.
The second route to distribution is through the operating system installing new microcode. Windows has microcode drivers for Intel and AMD processors and will update their microcode when it starts up. These drivers are periodically updated to include the latest microcodes. For reasons that aren't entirely clear, Microsoft hasn't been offering the latest Intel microcode updates through its driver, leaving the firmware the only option.
However, that changes today. Microsoft is offering a microcode update on the Windows Catalog. Initially, this only covers certain Skylake processors, but Microsoft says it will expand as more microcodes become available. The company doesn't yet appear to be committing to shipping this update through Windows Update; it must still be downloaded and installed manually from the Catalog.
...
...
