14 DAY TRIAL // Fixing the Meltdown and Spectre hardware bugs disclosed in early 2018 is proving to be a more complex process than initially thought, and after several patches already shipped in the previous months, Microsoft is now rolling out a new set of updates for Windows users.
The two new microcode updates are KB4078407 and KB4091666, and they are both aimed at the Spectre Variant 2 vulnerability that was originally believed to be nearly impossible to exploit.
First and foremost, KB4078407 is an update that can be downloaded by Windows 10 users exclusively, but Microsoft notes that microcode patches from hardware vendors are also required. This update only protects systems on the software side, but for a full shield, additional mitigations from manufacturers are needed.
You can download KB4078407 manually from Microsoft’s Update Catalog.
Revised updates for all Windows versions
The second update is KB4091666 and this time the target is the original Windows 10 version. Microsoft lists this update as an Intel microcode update, which means that only Intel systems are getting it. Furthermore, the Update Catalog indicates the patch is exclusively aimed at machines running Windows 10 version 1507, which is the original RTM build that Microsoft released in July 2015.
“This update is a standalone update available through the Microsoft Update Catalog and targeted for Windows 10 Release To Market (RTM). This update also includes Intel microcode updates that were already released for these Operating Systems at the time of Release To Manufacturing (RTM),” Microsoft says in the KB page.
Just like the other update, you can download KB4091666 from the Microsoft Update Catalog as well.
Microsoft has also released revised microcode updates for other versions of Windows 10 as well, including KB4090007 for Windows 10 Fall Creators Update (originally published in March), KB4091663 for Windows 10 Creators Update (also published in March), and KB4091664 for Windows 10 Anniversary Update (previously dated March 2018 as well).
The new updates, as well as the revised versions, come with support for additional processors, as the previous packages only targeted the latest Intel chips. Broadwell DE A1, Broadwell DE V1, Broadwell DE V2,V3, Broadwell DE Y0, Broadwell H 43e, Broadwell U/Y, Broadwell Xeon E3, Haswell (including H, S), Xeon E3, Haswell Perf Halo, Haswell Server E, EP, EP4S, Haswell ULT processors are now being patched as well.