Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Microsoft Releases Intel Microcode Patches for Foreshadow Flaws

Microsoft this week made available another round of microcode updates created by Intel for mitigating the recently disclosed speculative execution vulnerabilities tracked as Foreshadow and L1 Terminal Fault (L1TF).

Microsoft this week made available another round of microcode updates created by Intel for mitigating the recently disclosed speculative execution vulnerabilities tracked as Foreshadow and L1 Terminal Fault (L1TF).

The Foreshadow/L1TF vulnerabilities are CVE-2018-3615, which impacts Intel’s Software Guard Extensions (SGX); CVE-2018-3620, which impacts operating systems and System Management Mode (SMM); and CVE-2018-3646, which affects virtualization software and Virtual Machine Monitors (VMM).

A piece of malware installed on a vulnerable system can exploit the flaws to gain access to potentially sensitive data stored in supposedly protected memory. The security holes affect Intel’s Xeon and Core processors.

Intel and other major tech firms have released mitigations which, in combination with the patches released previously for Meltdown, Spectre and other speculative execution vulnerabilities, should prevent attacks.

Microsoft this week released five new updates: KB4346084, KB4346085, KB4346086, KB4346087 and KB4346088. They deliver Intel’s microcode patches for Windows 10 Release To Market (RTM), Windows 10 version 1709 (Fall Creators Update), Windows Server 2016 version 1709 (Server Core), Windows 10 Version 1703 (Creators Update), Windows 10 version 1607 (Anniversary Update), Windows Server 2016, Windows 10 version 1803 (April 2018 Update), and Windows Server version 1803 (Server Core).

The microcode updates are for devices with Skylake, Kaby Lake and Coffee Lake processors, and they resolve Spectre Variant 3a (CVE-2018-3640), Spectre Variant 4 (CVE-2018-3639), and the Foreshadow flaws (CVE-2018-3615, CVE-2018-3620, CVE-2018-3646).

The mitigations for the Foreshadow vulnerabilities should not have a noticeable performance impact on consumer PCs, but performance degradation may be seen on some data center workloads.

According to Microsoft, patching the Foreshadow vulnerabilities may require both software and firmware (microcode) updates, depending on how the system is configured. However, the company says most devices running Windows client operating systems will only need software updates for protection.

Related: Microsoft Releases Mitigations for Spectre-Like ‘Variant 4’ Attack

Related: Industry Reactions to Foreshadow Flaws

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.