Microsoft will host Intel's Spectre and Meltdown patches on its own site Credit: Google/Natascha Eibl
Security

Microsoft will host Intel's Spectre and Meltdown patches on its own site

If you've been worried about receiving Spectre and Meltdown BIOS patches for the PC you built yourself, there may be a solution: Microsoft has begun supplying them itself via an archive on its site.

Typically, patching Spectre and Meltdown mitigations have followed a traditional pattern: Microsoft patches Windows via Windows Update, antivirus companies like AVG have patched their antivirus software, and so on. Intel, too, authors patches, as it recently did for Haswell and Broadwell CPUs. But unlike Microsoft, Intel doesn't directly ship those patches to end users—it uses its network of PC makers and motherboard vendors to distribute them, after the appropriate testing by each vendor.

Microsoft falls into an area somewhere between the two. It has been responsible for patching Windows for Meltdown and Spectre, and it distributes Intel-authored patches to its various Surface products. Now Microsoft will archive both its own patches, and Intel's, too.

Currently, the microcode being archived is just a fraction of Intel's available patches (which so far cover the Skylake H-, S-, U-, and Y-series microprocessors). The microcode is available as part of a patch for Windows 10 version 1709 (the Fall Creators Update): KB4090007, which will be stored as part of Microsoft's Update Catalog. It's a standalone update, meaning it won't be part of a subsequent "rollup" update.

What isn't clear is whether Microsoft will also push out Intel's microcode via Windows Update, its usual distribution mechanism for supplying patches. Historically, Windows Update has offered a checkbox to allow users to receive patches for other hardware inside or connected to their PC, and not just Windows. It seems that Intel is piggybacking on Microsoft's distribution network to push Spectre patches where they need to be, and fast. 

Though neither Microsoft nor Intel clarified exactly why Microsoft is providing Intel's microcode, the likely reason is to support smaller PC makers, and especially motherboard makers, who either lack the distribution network or the incentive to distribute patches as quickly as Intel and Microsoft would like. Microsoft is also using KB4090007 as a sort of catchall: For now, Microsoft is only saying that "some" Skylake devices will be supported by the patch, and more will be added as Microsoft works with Intel, chipset, and device makers to supply more mitigations.

What this means to you: If you've built a PC using parts from a smaller vendor, patches and other firmware updates might be slow to arrive. Normally, this might be an acceptable risk. Intel rightly feels that it has an obligation to push those Spectre patches out as quickly as possible. 

IDG Insider

PREVIOUS ARTICLE

«Dropbox and Google Cloud Partner to Deliver Cross-Platform Integrations

NEXT ARTICLE

Into the Breach review: Chess meets Starship Troopers in brilliant, bite-sized battles»
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

Recommended for You

keri-allan

Latin America’s push towards digital transformation

Keri Allan looks at the latest trends and technologies

martin-veitch-thumbnail

Meeting Owl brings new wisdom to conferencing

Martin Veitch's inside track on today’s tech trends

phil-muncaster

A rare glimpse inside the Chinese cybercrime underground

Phil Muncaster reports on China and beyond

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should the government regulate Artificial Intelligence?