Microsoft has released a number of new Intel microcode updates for the company’s Windows 10 operating system that address recently discovered security flaws in Intel processors. Microcode updates are released by Intel to provide Microsoft with patches that either fix security flaws outright or at least mitigate them if fixing is not possible.
The latest vulnerability in Intel processors was discovered by researchers from the University of Graz and the University of Birmingham. The researchers named the vulnerability PLATYPUS, an acronym for Power Leakage Attacks: Targeting Your Protected User Secrets.
The attack uses Intel’s RAPL interface — Running Average Power Limit — to monitor energy consumption on a device. The researchers managed to “reconstruct entire cryptographic keys” by exploiting the vulnerability.
We demonstrate this by recovering AES keys from the side-channel resilient AES-NI implementation, as well as RSA keys from an Intel SGX enclave. In addition, we distinguish different Hamming weights of operands or memory loads, threatening constant-time implementations of cryptographic algorithms.
Microsoft released the updates for Windows 10 version 1507 and newer, and Windows Server 2016 and newer. The updates are available on Windows Updates and also as direct downloads from the Microsoft Update Catalog website.
The new microcode updates add support for the following processors: Avoton, Sandy Bridge E, EN, EP, EP4S, Sandy Bridge E, EP, Valley View / Baytrail.
Here are the support page links:
- KB4589212 — Windows 10 version 2004 and 20H2, Windows Server version 2004 and 20H2
- KB4589211 — Windows 10 version 1903 and 1909, Windows Server version 1903 and 1909
- KB4589208 — Windows 10 version 1809, Windows Server 2019
- KB4589206 — Windows 10 version 1803
- KB4589210 — Windows 10 version 1607, Windows Server 2016
- KB4589198 — Windows 10 version 1507
The following links point to the Microsoft Update Catalog website:
- KB4589212 — Windows 10 version 2004 and 20H2, Windows Server version 2004 and 20H2
- KB4589211 — Windows 10 version 1903 and 1909, Windows Server version 1903 and 1909
- KB4589208 — Windows 10 version 1809, Windows Server 2019
- KB4589206 — Windows 10 version 1803
- KB4589210 — Windows 10 version 1607, Windows Server 2016
- KB4589198 — Windows 10 version 1507
Note: it is recommended that you verify that the processor that is installed on a device is compatible with the updates. You can check the support pages to find out if the installed processor is listed on the site as compatible.
Do the following if you don’t know the exact processor model:
- Use the keyboard shortcut Windows-Pause to open the System Control Panel applet / Settings page.
- There you find listed the processor, e.g. Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz 4.01 GHz
- Copy the information, in this case i7-6700K, and search on Microsoft’s support page for the term. If you get a hit, the processor is supported.
(via Bleeping Computer)