Windows Client Guidance against speculative execution vulnerabilities

Caledon Ken said:

To cover CVE-2018-3659 is it necessary to install latest UEFI or is there a Windows update that covers. I fail in the Speculative Store Bypass tests.

Attachment 196637

Thanks

I can confirm the July MCU is required and the MS MCU patch does not hold anything newer than April MCUs

Caledon Ken said:

I'm at 17134.165 and was before the check. I assume this means UEFI required.

Yes. All Spectre variant 3a and 4 mitigation requires the July MCU. The July MCUs are not in any of the Cumulatives, nor are they in the standalone for supported versions of W10.

The current standalone Microsoft MCU are sufficient for Spectre variant 2 mitigation. They do not cover ALL the vulnerable hardware that has a MCU available from Intel. Seek support from your OEM.

winactive said:

Yes. All Spectre variant 3a and 4 mitigation requires the July MCU. The July MCUs are not in any of the Cumulatives, nor are they in the standalone for supported versions of W10.

The current standalone Microsoft MCU are sufficient for Spectre variant 2 mitigation. They do not cover ALL the vulnerable hardware that has a MCU available from Intel. Seek support from your OEM.

What is the July MCU and where do I find it?

Steve C said:

What is the July MCU and where do I find it?

It is the July MicroCode Update, if you have to ask what it is, you do not need to find it!

Basically, it contains the raw code updates per CPU to your system BIOS/UEFI best integrated by your OEM, although it is possible in some circumstances using command line tools to edit some images and flash them yourself.

Can anyone confirm that if they did not have KB4100347 before today's update that it has been installed alongside today's cumulative build 17134.191?

KB4100347 Intel microcode updates for Windows 10 v1803 - July 24 - Windows 10 Forums

There is a new speculative execution side-channel vulnerability that comes in 3 varieties. Fortunately, a new CPU microcode update is not needed. But for people using virtual machines in a could environment, additional steps might need to be taken.

On August 14, 2018, Intel and industry partners shared more details and mitigation information about a recently identified speculative execution side-channel method called L1 Terminal Fault (L1TF).

L1TF is a speculative execution side channel cache timing vulnerability. In this regard, it is similar to previously reported variants. There are three varieties of L1TF that have been identified. Each variety of L1TF could potentially allow unauthorized disclosure of information residing in the L1 data cache, a small pool of memory within each processor core designed to store information about what the processor core is most likely to do next.

The microcode updates released earlier this year when coupled with operating system and hypervisor software available from our industry partners, ensure consumers, IT professionals and cloud service providers have access to the protections they need. Intel recommends people keep their systems up to date to protect against the evolving threat landscape.

Intel Side Channel Vulnerability L1TF

Q3 2018 Intel Speculative Execution Side Channel Update

The rather worrying gap that is developing is the ability to check that these patches are applied.

InSpectre was a ready reckoner but hasn't been updated to check for variant 3a & 4 plus the NG threats (of which I believe we've seen 5 of 8 initially hinted at but not disclosed)

Lazy FP, BCBS and these three variants of L1TF (ForeShadow)

Also, RSB and NetSpectre have been disclosed in addition to the NG threats.

I'm afraid I'm not as up to date with the AMD situation but I don't have AMD CPUs.

The Powershell script has been updated to 1.0.9, advice on install is here but it's not for the novice and certainly not one-click

https://support.microsoft.com/en-us/...erabilities-in