Microsoft is issuing a rare out-of-band security update for the supported versions of Windows today. The software update is part of a series of solutions that will protect against a newly discovered processor error in the Intel, AMD and ARM chipsets. Sources familiar with Microsoft's plans tell The Verge that the company will issue a Windows update that will automatically apply to Windows 10 machines at 5PM ET / 2PM PT today.
The update will also be available for earlier and compatible versions of Windows today, but systems running operating systems such as Windows 7 or Windows 8 will not be updated automatically through Windows Update until next Tuesday. Windows 10 will update automatically today.
While Microsoft is quickly fixing problems, the fixes will also be based on firmware updates from Intel, AMD or other vendors that are being deployed. Some antivirus vendors will also need to update their software to work correctly with the new patches, since the changes are related to Kernel level access.
Firmware updates and software patches can cause some systems to run more slowly. Sources familiar with the situation tell The Verge that Intel processors based on Skylake or a newer architecture will not see significant performance degradation. However, older processors could slow down more significantly due to firmware and software updates.
Intel says any slowdown will be "dependent on the workload," but the company has not expanded on how this will affect older machines. Microsoft also plans to update its cloud-based servers with the latest firmware and software patches, and these updates are now being implemented.
The Verge understands that Google is planning to document and disclose the security flaws in the processors at 5 p.m. ET this day. The exact error seems to be related to the way in which applications and common programs can discover the content of kernel memory protected areas. The kernels in the operating systems have complete control over the entire system and connect the applications to the processor, memory and other hardware within a computer. There seems to be a flaw in modern processors that allow attackers to circumvent kernel access protections so that regular applications can read the contents of kernel memory.
Software vendors such as Microsoft and other Linux programmers are protecting this by separating kernel memory from user processes in what is called "Kernel page table isolation." Linux patches have been implemented during the last month and now Windows patches are being made. available today.
Microsoft has confirmed the Windows update in a declaration:
- We are aware of this problem throughout the industry and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of implementing mitigations for cloud services and we have also released security updates to protect Windows clients against vulnerabilities that affect compatible hardware chips from Intel, ARM and AMD. We have not received any information indicating that these vulnerabilities have been used to attack our customers.
