Microsoft has released a number of new Intel microcode updates for the company’s Windows 10 operating system that address recently discovered security flaws in Intel processors. Microcode updates are released by Intel to provide Microsoft with patches that either fix security flaws outright or at least mitigate them if fixing is not possible.
The latest vulnerability in Intel processors was discovered by researchers from the University of Graz and the University of Birmingham. The researchers named the vulnerability PLATYPUS, an acronym for Power Leakage Attacks: Targeting Your Protected User Secrets.
The attack uses Intel’s RAPL interface — Running Average Power Limit — to monitor energy consumption on a device. The researchers managed to “reconstruct entire cryptographic keys” by exploiting the vulnerability.
We demonstrate this by recovering AES keys from the side-channel resilient AES-NI implementation, as well as RSA keys from an Intel SGX enclave. In addition, we distinguish different Hamming weights of operands or memory loads, threatening constant-time implementations of cryptographic algorithms.
Microsoft released the updates for Windows 10 version 1507 and newer, and Windows Server 2016 and newer. The updates are available on Windows Updates and also as direct downloads from the Microsoft Update Catalog website.
The new microcode updates add support for the following processors: Avoton, Sandy Bridge E, EN, EP, EP4S, Sandy Bridge E, EP, Valley View / Baytrail.
Note: it is recommended that you verify that the processor that is installed on a device is compatible with the updates. You can check the support pages to find out if the installed processor is listed on the site as compatible.
Any word on the performance impact? Personally, I’ve even disabled the previous mitigations (with grc inspectre) since these attacks are quite esoteric and I don’t run any suspicious warez any way.
that ms page is totally confusing. i have a 6600… so what do i do? look up 6600.. .and it says latest microcode is 0xcc
so i tried to look it up on cpuz / hwinfo / speccy (… cpuz and speccy just says revision: r0.. which doesn’t mean much) forgot what hwinfo said, but it wasn’t 0xcc… so i installed the update.. .and it says e2… which got me totally scratching my head and i went and installed intel processor id util from intel’s site… and it says e2… so i took the cpuid listed under intel’s thing 506e3 and did a search on that ms article… and found.. 4 listings.. 3 of them say 0xcc and 1 says 0xe2.. the one that says 0xE2 doesn’t list model numbers (like 6600) but just says something generic… long story short. update is installed, but fuck knows if it’s the latest.
I don’t know if it works with your CPU, but at least 9th Gen after a specific Intel Management Engine Driver we can now see the Firmware version on the Tab in Device Manager.
For you Skylake CPU your latest version should be 126.96.36.19981 and you can find it here:
Do a manual installation within Command Prompt. Navigate to the downloaded folder and execute the command xxxx.exe -f firwarenameversion.bin. You’ll see it installing % and you’ll be good.
Forgot to show you the screenshot, here’s mine for 9th Gen the latest version is 188.8.131.521
Never anything goes wrong updating this firmware. Don’t worry, it’s not like BIOS, although many BIOSes updates currently include the latest Management Engine Firmware, likewise.
Save my name, email, and website in this browser for the next time I comment.
Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.
Central processing unit, Intel, Microcode
World news – US – Windows 10 microcode updates to fix new Intel CPU security issues – gHacks Tech News