Microsoft Distributing Spectre, Meltdown, Antivirus Updates
As Intel has rolled out fixes for Spectre and Meltdown, it’s worked closely with Microsoft to make the required microcode updates available to as wide a group of hardware as possible. Newer motherboards might receive an update, but older systems, including the Ivy Bridge rig of this author, aren’t exactly getting UEFI updates these days. Luckily, those of you running Windows can get the required updates via Windows Update.
Intel recently announced that it had completed microcode updates for CPUs stretching back into the Sandy Bridge era, and Microsoft has made those updates available via an expanded version of the same KB4090007 it’s been using for this purpose to-date. We’ve checked the Microsoft Update Catalog to confirm — the version of the patch we linked in our earlier story was dated 2/28, while this new flavor is dated 3/13. Microsoft’s notification, however, only mentions more recent chips like Skylake, Kaby Lake, and Coffee Lake. This implies there may be a longer lag time between when Intel finishes its updates and when they’re incorporated into the KB patch.
At the least, installing KB4090007 should patch up sixth-generation and later Intel CPUs, with the Sandy, Ivy, and Haswell KB update arriving later. Intel is still working on microcode updates for Nehalem and certain chips in the Core 2 Duo family. To the best of ET’s knowledge, there’s no plan to extend any patches to systems earlier than Core 2 Duo.
The other major news is that Microsoft has resumed offering security updates to customers who use certain AV products. Yes, we know that’s vague. The explanation behind this is that MS had paused its security updates for certain customers after identifying compatibility issues between said applications and Windows 10. The company’s initial disclosure read:
The compatibility issue arises when antivirus applications make unsupported calls into Windows kernel memory. These calls may cause stop errors (also known as blue screen errors) that make the device unable to boot. To help prevent these stop errors, Microsoft is currently only offering the January and February 2018 Windows security updates to devices that are running antivirus software that is from antivirus software vendors who have confirmed that their antivirus software is compatible by setting a required registry key.
MS has apparently reached out to the companies in question and has resolved the issue. Updates for these systems will now be pushed out normally. Those of you still on the Windows 10 Anniversary Update should be advised that security updates for your version of Windows end on April 10. It’s all part of Microsoft’s new Windows-as-a-service model, in which specific versions of Windows are supported for much smaller amounts of time.
Continue reading
Time to Update: Google Patches 2 Severe Zero-Day Chrome Vulnerabilities
Unlike the last few zero-days, Google didn't find these security holes itself. Instead, it was tipped by anonymous third-parties, and the problems are severe enough that it hasn't released full details. Suffice it to say, you should stop putting off that update.
Samsung Starts Rolling Out Galaxy S20 Android 11 Update on Verizon
Not only does this include the Googley Android 11 enhancements, but it also has numerous Samsung-specific changes as part of the One UI 3.0 revamp.
Apple Urges Immediate iPhone Update to Block Active Online Hacks
There's a new version of Apple's iOS software for iPhone and iPad devices, and as usual, Apple is going to start pestering users to update. This time, the nagging for iOS 14.4 comes with a little more urgency.
Samsung Promises to Update Its Android Phones Even Longer Than Google
Smartphone updates have been a mess for as long as the modern smartphone has existed, but Samsung just took a big step in the right direction: The company has decided to extend security update support to a full four years.