Microsoft updates for Intel processor vulnerabilities


Microsoft has released new updates to address vulnerabilities in Intel processors. Updates KB4558130 and KB4497165 are now available for Windows 10 in 2004, 1909 and 1903.

The updates were released on September 1st and relate to the following Intel products:

  • Amber Lake Y
  • Amber Lake-Y / 22
  • Avoton
  • Broadwell DE A1
  • Broadwell DE V1
  • Broadwell DE V2, V3
  • Broadwell DE Y0
  • Broadwell H 43e
  • Broadwell Server E, EP, EP4S
  • Broadwell Server EX
  • Broadwell U
  • Broadwell Y
  • Broadwell Xeon E
  • Cascade Lake
  • Cascade Lake Server
  • Cascade Lake-W
  • Coffee Lake H (6 + 2)
  • Coffee Lake S (6 + 2)
  • Coffee Lake U43e
  • Coffee Lake H (8 + 2)
  • Coffee Lake S (4 + 2)
  • Coffee Lake S (4 + 2) x / KBP
  • Coffee Lake S (4 + 2) Xeon E
  • Coffee Lake S (4 + 2) Xeon E (U0)
  • Coffee Lake S (6 + 2) x / KBP
  • Coffee Lake S (6 + 2) Xeon E
  • Coffee Lake S (6 + 2) Xeon E (U0)
  • Coffee Lake S (8 + 2)
  • Coffee Lake S (8 + 2) x / KBP
  • Coffee Lake S (8 + 2) Xeon E (R0)
  • Coffee Lake S / H (8 + 2) [R0]
  • Comet Lake U42
  • Comet Lake U62
  • Haswell Desktop
  • Haswell H / Haswell Perf Halo
  • Haswell Server EX
  • Haswell U
  • Haswell Xeon E3
  • Kaby Lake G
  • Kaby Lake H
  • Kaby Lake Refresh U 4 + 2
  • Kaby Lake S
  • Kaby Lake U
  • Kaby Lake U23e
  • Kaby Lake X
  • Kaby Lake Xeon E3
  • Kaby Lake Y
  • Skylake H
  • Skylake S
  • Skylake Server
  • Skylake U
  • Skylake U23e
  • Skylake Xeon E3
  • Skylake Y
  • Valley View / Baytail
  • Whiskey Lake-U42

What vulnerabilities have been fixed?

CVE-2018-12126

Microarchitectural Store Buffer Data Sampling (MSBDS): The storage buffer on some microprocessors may allow an authenticated user to allow information to be revealed through a local access side channel.

CVE-2018-12127

Microarchitectural Load Port Data Sampling (MLPDS): Loading ports on some microprocessors may allow a certified user to allow information to be revealed through a local access side channel.

CVE-2018-12130

Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors may allow an authenticated user to allow information to be revealed through a local access side channel.

CVE-2019-11091

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Unsaved memory on some microprocessors may allow a validated user to disclose information through a local access side channel.

Updates KB4558130 for Windows 10 version 2004 and KB4497165 for Windows 10 versions 1909 and 1903 include microcode updates that fix the above bugs.

Packages can be downloaded from the site Microsoft Update Catalog. For some selected products (CPU) they are also available through Windows Update.

Registration in iGuRu.gr via Email

Enter your email to subscribe to the email notification service for new posts.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news