Microsoft spectre patch - Free Download
This article will be updated as additional information becomes available. Please check back here regularly for updates and new FAQ. On January 3, , Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities known as Spectre and Meltdown involving speculative execution side channels that affect AMD, ARM, and Intel processors to varying degrees.
This class of vulnerabilities are based on a common chip architecture that was originally designed to speed up computers. You can learn more about these vulnerabilities at Google Project Zero. The customer risk from both disclosures is low. We recommend that you install all of the latest updates from Windows Update before you install any microcode updates. You may have to update both your firmware microcode and your software to address these vulnerabilities.
Please refer to the Microsoft Security Advisories for recommended actions. This includes applicable firmware microcode updates from device manufacturers and, in some cases, updates to your antivirus software. We encourage you to keep your devices up-to-date by installing the monthly security updates. To receive all available protections, follow these steps to get the latest updates for both software and hardware. Check your antivirus software manufacturer's website for their latest compatibility information.
Customers should install the latest Windows operating system security updates from Microsoft to take advantage of available protections. Antivirus software updates should be installed first. Operating system and firmware updates should follow. We advise customers who are running these operating systems to seek guidance from those vendors. We also released updates to secure our cloud services. We continue working closely with industry partners, including chip makers, hardware OEMs, and app vendors, to protect customers against this class of vulnerability.
We encourage you to always install the monthly updates to keep your devices up-to-date and secure. We will update this documentation when new mitigations become available, and we recommend you check back here regularly.
This release completes the additional protections on all supported Windows system versions through Windows Update. Windows Server SP2 now follows the standard Windows servicing rollup model.
For more information about these changes, please see our blog Windows Server SP2 servicing changes. Customers running Windows Server should install either or in addition to Security Update , which was released on August 14, Customers should also ensure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles.
Microsoft has released additional operating system protections for customers using bit ARM processors. These new speculative execution side-channel vulnerabilities can be used to read the content of memory across a trusted boundary and, if exploited, can lead to information disclosure.
There are multiple vectors by which an attacker could trigger the vulnerabilities depending on the configured environment. For more information about this vulnerability, affected products, and recommended actions, see the following Security Advisory: KB lists specific Knowledge Base articles by Windows version. The updates require corresponding firmware microcode and registry updates for functionality.
For more information about these vulnerabilities, see the following resources: The microcode update is also available directly from Catalog if it was not installed on the device prior to upgrading the OS.
For more information and download instructions, see KB We will offer additional microcode updates from Intel for the Windows operating system as they become available to Microsoft. Windows 10, version Mitigating Meltdown on Windows. March 14, Security Tech Center: Update on Spectre and Meltdown security updates for Windows devices.
Starting in March , Microsoft released security updates to provide mitigations for devices running the following xbased Windows operating systems.
Customers should install latest Windows operating system security updates to take advantage of available protections. We are working to provide protections for other supported Windows versions but do not have a release schedule at this time. Please check back here for updates. For more information, see the related Knowledge Base article for technical details and the " FAQ " section. Windows Analytics now helps assess Spectre and Meltdown protections. Microsoft recommends customers install the update as soon as available.
We continue to work to provide protections for other supported Windows versions but do not have a release schedule at this time. If you have installed earlier updates, only the new portions will be downloaded and installed on your device.
Starting in January , Microsoft released security updates to provide mitigations for devices running the following xbased Windows operating systems. Depending on your role, the following support articles can help you identify and mitigate client and server environments that are affected by the Spectre and Meltdown vulnerabilities. Security Research and Defense: Analysis and mitigation of speculative store bypass CVE Windows for Business blog: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer.
Securing Azure customers from CPU vulnerability. Additional guidance to mitigate speculative execution side-channel vulnerabilities. Protecting your device against chip-related security vulnerabilities.
Windows security updates released January 3, , and antivirus software. Windows operating system security update block for some AMD based devices. Update to Disable Mitigation against Spectre, Variant 2: Intel has identified reboot issues with microcode on some older processors. Surface Guidance to protect against speculative execution side-channel vulnerabilities. Verify the status of speculative execution side channel mitigations: Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities.
Windows Server guidance to protect against speculative execution side-channel vulnerabilities. Server Guidance for L1 Terminal Fault: Windows Server guidance to protect against L1 terminal fault. Developer Guidance for Speculative Store Bypass. Azure stack guidance to protect against the speculative execution side-channel vulnerabilities. SQL Server Guidance to protect against speculative execution side-channel vulnerabilities.
Use the following links to check with your device manufacturer for applicable firmware microcode updates. Use the following links to check with your device manufacturer for firmware microcode updates. You will have to install both operating system and firmware microcode updates for all available protections. You will have to check with your device manufacturer for firmware microcode updates.
If your device manufacturer is not listed in the table, contact your OEM directly. Updates for Microsoft Surface devices are available to customers through Windows Update.
For a list of available Surface device firmware microcode updates, see KB If your device is not from Microsoft, apply firmware updates from the device manufacturer. Contact your device manufacturer for more information. Addressing a hardware vulnerability by using a software update presents significant challenges and mitigations for older operating systems and can require extensive architectural changes. Speculative execution side-channel attacks exploit CPU behavior and functionality. CPU manufacturers must first determine which processors may be at risk, and then notify Microsoft.
In many cases, corresponding operating system updates will also be required to provide customers more comprehensive protection. We recommend that security-conscious Windows CE vendors work with their chip manufacturer to understand the vulnerabilities and applicable mitigations.
Windows operating systems that are currently out of support or those entering end of service EOS in We recommend that security-conscious customers upgrade to a newer supported operating system to keep pace with the changing security threat landscape and benefit from the more robust protections that newer operating systems provide.
After applying the February Windows Security Update , HoloLens customers do not have to take any additional action to update their device firmware. These mitigations will also be included in all future releases of Windows 10 for HoloLens.
For your device to be fully protected, you should install the latest Windows operating system security updates for your device and applicable firmware microcode updates from your device manufacturer.
These updates should be available on your device manufacturer's website. Operating system and firmware updates can be installed in either order. You will have to update both your hardware and your software to address this vulnerability.
You will also have to install applicable firmware microcode updates from your device manufacturer for more comprehensive protection. In each Windows 10 feature update, we build the latest security technology deep into the operating system, providing defense-in-depth features that prevent entire classes of malware from impacting your device. Feature update releases are targeted twice a year. In each monthly quality update, we add another layer of security that tracks emerging and changing trends in malware to make up-to-date systems safer in the face of changing and evolving threats.
Microsoft has lifted the AV compatibility check for Windows security updates for supported versions of Windows 10, Windows 8. To help avoid adversely affecting customer devices, the Windows security updates released in January or February have not been offered to all customers.
Windows emergency patch: Microsoft's new update kills off Intel's Spectre fix
Contact your OEM for more information. I have only an Intel Processor installed - several years old. Microsoft's new update, released Saturday, comes on the heels of Intel's quarterly financial disclosures. You can follow the question or vote as helpful, but you cannot reply to this thread. January Windows operating system updates. Where can I find Microsoft HoloLens operating system and firmware microcode updates? The update leaves in place fixes for the other two vulnerabilities that make up Meltdown and Spectre. Until then, Intel had only mentioned its update was causing unexpected reboots and unpredictable system behavior. We recommend installing these Security Only updates in the order of release.
Microsoft Releases Emergency Updates to Fix Meltdown and Spectre CPU Flaws
Customers can also take advantage of built-in antivirus protection: Surface Guidance to protect against speculative execution side-channel vulnerabilities. This class of vulnerabilities are based on a common chip architecture that was originally designed to speed up computers. Hmmm, here is my take on all this. In reply to DaveM's post on January 25, The recommendations are conflicted. However, it has been criticized by security experts over its lack of forthrightness about the scope of the problem. Am I fully protected if I install only Windows security updates? July Windows operating system updates. The update can be downloaded from the Microsoft Update Catalog website.
Protect your Windows devices against Spectre and Meltdown
Nation-state and non-state political entities top the list of suspects; but don't rule out industrial espionage as a motive. Microsoft does not guarantee the accuracy of third-party contact information. According to a Microsoft security advisories [ 1 , 2 ], these are the Windows security updates that address the Meltdown and Spectre flaws for various Windows distributions. Meanwhile, Intel has promised to release new patches for Spectre and Meltdown soon, and said chips invulnerable to the problem are coming later this year. Microsoft said that its internal testing shows the patch will stop the rebooting until Intel gets a new update together. Is it generally though best to remove those Windows Updates or leave them in place? Hope others will post what works, and doesn't with their systems. Intel's patch for the Spectre flaw is causing its own problems on computers, so Microsoft has released an update that disables it. Intel CEO Brian Krzanich said at last week's earning update the company will "restore confidence in data security with customer-first urgency, transparent, and timely communication". We recommend that security-conscious Windows CE vendors work with their chip manufacturer to understand the vulnerabilities and applicable mitigations. At best it's an oversight, at worst it's placing user security and privacy at serious risk. Not only was Intel's fix for the Spectre attack causing reboots and stability issues, but Microsoft also found it resulted in the worse scenario of data loss or corruption in some circumstances. We encourage you to always install the monthly updates to keep your devices up-to-date and secure. This is what I was talking about: