Microsoft began rolling out Intel’s new countermeasure code against the Spectre V3a, Spectre V4 and L1TF vulnerabilities through Windows Update. It starts with a patch for the latest version of Windows 10, version 1809 October 2018 Update, and Windows Server 2019.
Patch for Broadwell-E to Coffee Lake-S
The patch with the identifier KB4465065 addressed for the time being only CPUs based on Skylake (-Y, -U, -H, -S, -D, -SP) Kaby Lake (Y, -U), a coffee Lake (-H, -S) and Broadwell (-E, -EP, -EX). Also for other versions of Windows 10 or older generations of Windows, the update is not yet available.
After the installation, countermeasures for the Specter V3a and L1TF vulnerabilities are automatically active, but not for Specter V4 – here, users have to be activated by manual intervention in the registry in order to activate this protection as well. The reason for this decision is likely to be the expected loss of performance: Intel calls for two to eight percent less performance in SYSmark 2014 SE and SPEC’s integer test.
New microcode via Windows Update instead of BIOS
As a result of serious security vulnerabilities in CPUs, Microsoft first distributed updates with new microcode in April against the Spectre V2 for Windows 10 vulnerabilities. Owners of motherboards, for which the manufacturers had not yet provided a BIOS update with a new microcode, were thus able to secure their system. Previous manual attempts to manually load the new microcode already released by Intel into Windows 10 failed.
Details of Specter V3a, V4, and L1TF
Spectre variant 3a as a new version of “Meltdown” (variant 3) was discovered independently of Google’s Project Zero and Microsoft Security Response Center and published in detail by ARM in May ( white paper as PDF ). Affected are Cortex-A15, -A57 and -A72 ARM cores, with ARM classifying the risk that attackers are taking advantage of the gap as so low that countermeasures are not currently considered necessary. As with Meltdown, all of Intel’s CPU architectures since the 1st generation core have been affected by this manufacturer.
Spectre Variant 4 ( white paper ) got discovered at Google’s Project Zero. Like Specter Variant 1, this vulnerability can be plugged into customization in applications, with Specter V1’s existing measures benefiting Specter V4 as well. However, to prevent the gap from being exploited through other means, Intel and Partners have decided to re-adjust the CPU microcode as well. It also contains countermeasures against variant 3a, which cost no performance. Variation 4 affects AMD, ARM, IBM and Intel.
L1 Terminal Fault (L1TF) again comprises three vulnerabilities that represent especially for virtual machines and cloud services at high risk because they allow attackers to leave the own instance and access data from another virtual machine.