Windows 10: Surface updates for recent chip-related security vulnerability Surface

  1. Brink's Avatar
    Posts : 33,017
    64-bit Windows 10 Pro build 18252
       04 Jan 2018 #1

    Surface updates for recent chip-related security vulnerability


    Introduction

    This article discusses the impact of the following security issue on Surface Devices:
    https://portal.msrc.microsoft.com/en...sory/ADV180002

    Summary

    Microsoft is aware of a new publicly disclosed class of vulnerabilities referred to as “speculative execution side-channel attacks” that affects many modern processors and operating systems including Intel, AMD, and ARM.

    Note This issue will affect other systems such as Android, Chrome, iOS, MacOS, so we advise customers to seek out guidance from those vendors.

    Microsoft has released several updates to help mitigate these vulnerabilities. We have also taken action to secure our cloud services. See below for more details.

    Microsoft has not received any information to indicate that these vulnerabilities have been used to attack customers at this time. Microsoft continues to work closely with industry partners including chip makers, hardware OEMs, and app vendors to protect customers. To get all available protections, hardware/firmware and software updates are required. This includes microcode from device OEMs and in some cases updates to AV software as well.

    Microsoft will provide UEFI updates for the following devices:

    • Surface Pro 3
    • Surface Pro 4
    • Surface Book
    • Surface Studio
    • Surface Pro Model 1796
    • Surface Laptop
    • Surface Pro with LTE Advanced
    • Surface Book 2

    The updates will be available for the above devices running Windows 10 Creators Update (OS version 15063) and Windows 10 Fall Creators Update (OS version 16299). You will be able to receive these updates through Windows Update or by visiting the Microsoft Download Center.

    Note Surface hub has implemented defense in depth strategies. For more information, go to the following topic on the Microsoft website:

    Differences between Surface Hub and Windows 10 Enterprise

    Because of this, we believe exploits using this vulnerability are significantly reduced on Surface Hub. We care deeply about ensuring that Surface Hub is reliable and secure. We will continue to monitor and update Surface Hub as needed to address this vulnerability.

    More Information

    The Surface team is focused on ensuring our users have a secure and reliable experience and will continue to monitor and update devices as needed to address this vulnerability.


    Source: Surface Guidance for Customers and Partners: Protect your devices against the recent chip-related security vulnerability
      My ComputersSystem Spec

  2. dencal's Avatar
    Posts : 2,824
    W10 Pro + W10 Preview
       05 Jan 2018 #1

    Thanks for info Brink.
      My ComputersSystem Spec

  3. dencal's Avatar
    Posts : 2,824
    W10 Pro + W10 Preview
       05 Jan 2018 #2

    So much for the so called extra security inbuilt in Microsoft Surface....latest available firmware installed released in December 2017.
    Attached Thumbnails Attached Thumbnails risk assess.JPG   winver.JPG  
      My ComputersSystem Spec


 

Related Threads
Source: Intel Management Engine Vulnerability and Surface Devices Surface
Source: CVE-2017-8584 | HoloLens Remote Code Execution Vulnerability - Microsoft Security TechCenter
Source: Intel AMT Vulnerability and Surface Devices Surface
Intel chip vulnerability lets hackers easily hijack fleets of PCs | ZDNet
Source: September Updates for Surface Pro 4, Surface Book, and Surface 3 Surface
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 18:36.
Find Us