Windows 10: KB4100347: Intel microcode updates

  1.    1 Week Ago #1

    KB4100347: Intel microcode updates


    KB4100347: Intel microcode updates
    Applies to: Windows Server version 1803Windows 10 version 1803



    Summary

    Intel recently announced that they have completed their validations and started to release microcode for recent CPU platforms related to Spectre Variant 2 (CVE 2017-5715 [“Branch Target Injection”]). This update includes microcode updates from Intel for the following CPUs: https://support.microsoft.com/en-gb/...windows-server

    http://www.catalog.update.microsoft....aspx?q=4100347
      My ComputerSystem Spec


  2. Posts : 110
    Windows10 Home v. 1803 bld. 17134.48
       1 Week Ago #2

    Thanks for the heads up. I'll be watching WU for this one. I wonder if it will precede the v. 1803 update, or will be part of the delivery?
      My ComputerSystem Spec

  3.    1 Week Ago #3

    Not sure, did not show via windows update (probably to soon) so manually updated on one machine (already on 1803) no noticeable difference other than showing as patched now.

    will wait and see on the others.. (all 1803)
      My ComputerSystem Spec


  4. Posts : 29,427
    64-bit Windows 10 Pro build 17672
       1 Week Ago #4
      My ComputersSystem Spec


  5. Posts : 110
    Windows10 Home v. 1803 bld. 17134.48
       1 Week Ago #5

    FWIW, V.1803 just updated on my system without this KB for the processor being downloaded or installed. Could it have been part of the Feature Update? Don't know, but the system works fine (so far).
      My ComputerSystem Spec


  6. Posts : 192
    Windows 7 Home Premium x64
       4 Days Ago #6

    no, jamis. the KB4100347 update was released a few weeks after v1803 first came out on April 30 so it's not originally included in the 1803 feature update.

    that KB4100347 patch for v1803 updates the mcupdate_GenuineIntel.dll file found in the Windows\System32 folder.
      My ComputerSystem Spec

  7.    2 Days Ago #7

    If someone more technically minded could explain how the patch works compared to having the microcode in firmware I'd be extremely grateful.

    Concerns are;

    1. if software patch can be bypassed readily (InSpectre easily disables the Spectre patching to soft patched machines.)

    2. if there is a performance penalty with an unnecessarily patched .dll as well as the firmware patch.

    I have had firmware patches applied to my machines as soon as they were available. KB4100347 installs whether or not the system is patched in firmware. It may also install where it is not applicable.

    I know there are users with Arrandale/Clarkdale that the microcode is in production but it is not in the v1.000 patch for v1803, nor the v3.000 of KB4090007 for v1709.
      My ComputersSystem Spec

  •    12 Hours Ago #8

    winactive said: View Post
    If someone more technically minded could explain how the patch works compared to having the microcode in firmware I'd be extremely grateful.

    Concerns are;

    1. if software patch can be bypassed readily (InSpectre easily disables the Spectre patching to soft patched machines.)

    2. if there is a performance penalty with an unnecessarily patched .dll as well as the firmware patch.

    I have had firmware patches applied to my machines as soon as they were available. KB4100347 installs whether or not the system is patched in firmware. It may also install where it is not applicable.

    I know there are users with Arrandale/Clarkdale that the microcode is in production but it is not in the v1.000 patch for v1803, nor the v3.000 of KB4090007 for v1709.
    I can confirm that InSpectre removes the Spectre mitigations for firmware microcode updates (i.e. updated BIOS).

    Upon re-reading the advisory, it does seem to be a combination of microcode updates and OS registry settings that enable the mitigation.

    So a BIOS microcode update is not sufficent to enable mitigation alone, which also explains the delivery of KB4100347 to machines that already have the microcode.

    mcupdate_GenuineIntel.dll can be removed or renamed with a permissions change; it's used by overclockers.

    So pretty much I think this mitigation is a chocolate fireguard. That's my take.
      My ComputersSystem Spec

  •    10 Hours Ago #9

    Well it does seem odd.. I have a dual 17134 and 14393 setup.. with latest bios update... on the former I'm protected but not on oldie (according to InSpectre) - I do run oldie with limited priviledges tho'(if that makes a difference)
      My ComputerSystem Spec


  •  

    Related Threads
    Source: https://support.microsoft.com/en-us/help/4091666/kb4091666-intel-microcode-updates See also: KB 4093836 Summary of Intel microcode updates KB4100347 Intel microcode updates for Windows 10 v1803 - Windows 10 Forums KB4090007 Intel...
    Source: https://support.microsoft.com/en-us/help/4091664/kb4091664-intel-microcode-updates See also: KB 4093836 Summary of Intel microcode updates KB4100347 Intel microcode updates for Windows 10 v1803 - Windows 10 Forums KB4090007 Intel...
    Source: https://support.microsoft.com/en-us/help/4091663/kb4091663-intel-microcode-updates See also: KB 4093836 Summary of Intel microcode updates KB4100347 Intel microcode updates for Windows 10 v1803 - Windows 10 Forums KB4090007 Intel...
    Source: https://support.microsoft.com/en-us/help/4100347/intel-microcode-updates-for-windows-10-version-1803-and-windows-server See also: KB 4093836 Summary of Intel microcode updates KB4090007 Intel microcode Cumulative Update for Windows...
    Solved Intel microcode updates for 1803? in Drivers and Hardware
    Is this available for download?
    Our Sites
    Site Links
    About Us
    Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

    © Designer Media Ltd
    All times are GMT -5. The time now is 14:56.
    Find Us