Microsoft will host Intel's Spectre and Meltdown patches on its own site

  • Microsoft will host Intel's Spectre and Meltdown patches on its own site

Microsoft will host Intel's Spectre and Meltdown patches on its own site

While Intel's microcode updates also cover Kaby Lake and Coffee Lake machines, along with Broadwell and Haswell processors, Microsoft is only hosting a fix for Skylake systems for now, with the promise that it will deliver "additional microcode updates from Intel as they become available to Microsoft".

Microsoft will be propagating Intel microcode updates to counteract the second variant of Spectre vulnerability to systems with the Windows 10 Fall Creators Update. Microsoft has announced that it will begin lending a helping hand with distributing the firmware updates, provided that users are running Windows 10. The patch applies to version 1709 of Windows 10 and the Datacenter and Standard editions of Windows Server. Microsoft says it is now distributing those updates via the Microsoft Update Catalog. "Due to this potential risk, we require that AV software is up to date and compatible", he noted.

"While firmware (microcode) security updates are not yet broadly available, Intel recently announced that they have completed their validations and started to release microcode for newer CPU platforms", wrote John Cable, director of Program Management, Windows Servicing and Delivery, at Microsoft in a March 1 blog post.

Those not covered by Windows updates for Spectre and Meltdown are in an unfortunate position where all they can do is wait. The company has yet to reveal why it has intervened, however, the most likely reason is to speed up the rather slow process on fixing the major security flaw, which has been public since January.

"Microsoft continues to work diligently with our industry partners to address the Spectre and Meltdown hardware-based vulnerabilities".

It's worth noting two things here: First, a savvy user could drop the registry key in themselves, which is a very poor idea. The company has been working with AV vendors, and says that the "vast majority" of Windows devices have compatible software, but compatibility issues arise when the AV software makes unsupported kernel calls. We recommend users check with their AV provider on compatibility of their installed AV software products.

In order to install the patch, Microsoft requires that you have the latest version of your anti-virus software. Windows 10 KB4090007 offline installer is also available and it can be used to mitigate the vulnerabilities. It looks like the many avoiding Microsoft's latest update ought to reconsider.