Microsoft has been working really hard with its industry partners to address the Spectre and Meltdown hardware-based vulnerabilities. The company’s top priority was to ‘Help protect the safety and security of our customers’ devices and data.’
In its official blog, Microsoft states,
“Today, I’d like to provide an update on some of that work, including Windows security update availability for additional devices, our role in helping distribute available Intel firmware (microcode), and progress driving anti-virus compatibility.”
Additional steps being taken to address Spectre and Meltdown vulnerabilities
Microsoft informs that the Windows devices require both software as well as firmware, so as to protect them against the new vulnerabilities. However, the company has recently gone on to add software coverage for x86 editions for Windows 10, and currently, works are going on so as to provide updates for other supported version of Windows. For more information check Windows customer guidance article. Microsoft updates this documentation whenever any new mitigation is made available.
The firmware (microcode) security updates are not available broadly, however, Intel has currently announced that they have gone on to complete their validation, and has started to release microcode for the latest CPU platforms.
The company on its official blog states,
“Today, Microsoft will make available Intel microcode updates, initially for some Skylake devices running the most broadly installed version of Windows 10 — the Windows 10 Fall Creators Update — through the Microsoft Update Catalog, KB4090007. We will offer additional microcode updates from Intel as they become available to Microsoft. We will continue to work with chipset and device makers as they offer more vulnerability mitigations.”
However, for commercial customers, Terry Myerson announced that Windows Analytics will now be able to help IT professionals assess Meltdown and Spectre update status by providing device-level insights at scale.
Antivirus (AV) Software Compatibility
Microsoft has also been working closely with anti-virus (AV) partners on compatibility with Windows updates, resulting in the vast majority of Windows devices now having compatible AV software installed. The company has focused on working with our AV partners and customers in managing the risk of compatibility issues, especially those that result from AV software that makes unsupported calls into Windows kernel memory. Due to this particular risk, the AV software is required to be updated and made compatible.
“We will continue to require that an AV compatibility check is made before delivering the latest Windows security updates via Windows Update until we have a sufficient level of AV software compatibility. We recommend users check with their AV provider on the compatibility of their installed AV software products.”