Microsoft updates for Intel processor vulnerabilities

Microsoft released new updates to fix vulnerabilities in Intel processors. Updates KB4558130 and KB4497165 are now available for the of the 2004, 1909 and 1903 editions.

The updates were released on September 1st and relate to the following Intel products:

  • Amber Lake Y
  • Amber Lake-Y / 22
  • Avoton
  • Broadwell DE A1
  • Broadwell DE V1
  • Broadwell DE V2, V3
  • Broadwell DE Y0
  • Broadwell H 43e
  • Broadwell Server E, EP, EP4S
  • Broadwell Server EX
  • Broadwell U
  • Broadwell Y
  • Broadwell Xeon E
  • Cascade Lake
  • Cascade Lake Server
  • Cascade Lake-W
  • Coffee Lake H (6 + 2)
  • Coffee Lake S (6 + 2)
  • Coffee Lake U43e
  • Coffee Lake H (8 + 2)
  • Coffee Lake S (4 + 2)
  • Coffee Lake S (4 + 2) x / KBP
  • Coffee Lake S (4 + 2) Xeon E
  • Coffee Lake S (4 + 2) Xeon E (U0)
  • Coffee Lake S (6 + 2) x / KBP
  • Coffee Lake S (6 + 2) Xeon E
  • Coffee Lake S (6 + 2) Xeon E (U0)
  • Coffee Lake S (8 + 2)
  • Coffee Lake S (8 + 2) x / KBP
  • Coffee Lake S (8 + 2) Xeon E (R0)
  • Coffee Lake S / H (8 + 2) [R0]
  • U42
  • Comet Lake U62
  • Haswell Desktop
  • Haswell H / Haswell Perf Halo
  • Haswell Server EX
  • Haswell U
  • Haswell Xeon E3
  • Kaby Lake G
  • Kaby Lake H
  • Kaby Lake Refresh U 4 + 2
  • Kaby Lake S
  • Kaby Lake U
  • Kaby Lake U23e
  • Kaby Lake X
  • Kaby Lake Xeon E3
  • Kaby Lake Y
  • H
  • Skylake S
  • Skylake Server
  • Skylake U
  • Skylake U23e
  • Skylake Xeon E3
  • Skylake Y
  • View / Baytail
  • Whiskey Lake-U42

What vulnerabilities have been fixed?

Contents hide
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2019-11091

CVE-2018-12126

Microarchitectural Store Buffer Data Sampling (MSBDS): The storage buffer on some microprocessors may allow an authenticated user to allow information to be revealed through a local access side channel.

CVE-2018-12127

Microarchitectural Load Port Data Sampling (MLPDS): Loading ports on some microprocessors may allow a certified user to allow information to be revealed through a local access side channel.

CVE-2018-12130

Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors may allow an authenticated user to allow information to be revealed through a local access side channel.

CVE-2019-11091

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): The uncacheable on some microprocessors it may allow an authenticated user to allow disclosure of information through a locally accessed side channel.

Updates KB4558130 for Windows 10 version 2004 and KB4497165 for Windows 10 versions 1909 and 1903 include microcode updates that fix the above bugs.

Packages can be downloaded from the site Microsoft Update Catalog. For some selected products (CPU) they are also available through Windows Update.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.082 registrants.

intelWindows 10

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).