As Intel has rolled out fixes for Spectre and Meltdown, it’s worked closely with Microsoft to make the required microcode updates available to as wide a group of hardware as possible. Newer motherboards might receive an update, but older systems, including the Ivy Bridge rig of this author, aren’t exactly getting UEFI updates these days. Luckily, those of you running Windows can get the required updates via Windows Update.
Intel recently announced that it had completed microcode updates for CPUs stretching back into the Sandy Bridge era, and Microsoft has made those updates available via an expanded version of the same KB4090007 it’s been using for this purpose to-date. We’ve checked the Microsoft Update Catalog to confirm — the version of the patch we linked in our earlier story was dated 2/28, while this new flavor is dated 3/13. Microsoft’s notification, however, only mentions more recent chips like Skylake, Kaby Lake, and Coffee Lake. This implies there may be a longer lag time between when Intel finishes its updates and when they’re incorporated into the KB patch.
At the least, installing KB4090007 should patch up sixth-generation and later Intel CPUs, with the Sandy, Ivy, and Haswell KB update arriving later. Intel is still working on microcode updates for Nehalem and certain chips in the Core 2 Duo family. To the best of ET’s knowledge, there’s no plan to extend any patches to systems earlier than Core 2 Duo.
The other major news is that Microsoft has resumed offering security updates to customers who use certain AV products. Yes, we know that’s vague. The explanation behind this is that MS had paused its security updates for certain customers after identifying compatibility issues between said applications and Windows 10. The company’s initial disclosure read:
The compatibility issue arises when antivirus applications make unsupported calls into Windows kernel memory. These calls may cause stop errors (also known as blue screen errors) that make the device unable to boot. To help prevent these stop errors, Microsoft is currently only offering the January and February 2018 Windows security updates to devices that are running antivirus software that is from antivirus software vendors who have confirmed that their antivirus software is compatible by setting a required registry key.
MS has apparently reached out to the companies in question and has resolved the issue. Updates for these systems will now be pushed out normally. Those of you still on the Windows 10 Anniversary Update should be advised that security updates for your version of Windows end on April 10. It’s all part of Microsoft’s new Windows-as-a-service model, in which specific versions of Windows are supported for much smaller amounts of time.
Intel, Microsoft Plan to Offload Antivirus Scanning to the GPU
Intel has a new idea for improving system performance during anti-virus scans — offload the entire workload to the GPU.
Android Antivirus Apps Are Useless — Here’s What to Do Instead
It's still on you to be aware of threats to stay safe, but Android is by its very nature more secure than a desktop computer. Still, you've probably already got what you need.
Avast’s Free Antivirus Harvests All Your Clicks, Sells Them to Third-Parties
Despite claims that Avast data is fully anonymized, an investigation by PCMag and Motherboard shows how easy it is to unmask individual users.