The Meltdown and Spectre flaw has been arguably the tech news story of the year. Disclosed by Google in January, There were three variants of the flaw, which affected Intel CPUs at a kernel level. Two variants were quickly patched, but Spectre variant 2 was more problematic. Today, Microsoft has rolled out Windows updates to address the troublesome vulnerability.
Microsoft Update Catalog shows software releases KB4078407 and KB4091666 for Windows 10 and Windows Server 2016. Alongside the updates is another that is for hardware running Intel chips. This features Intel's microcode patch for Spectre variant 2.
Microsoft has released new Windows updates that include Intel hardware fixes to address the Spectre variant 2 CPU flaw.
Intel issued its patch for the flaw at the end of February. It was the second attempt after the first patch update largely failed. Spectre variant 2 patches resulted in problems for users.
The company's patches to fix the problem caused rebooting problems across many older systems. Intel believed the patch bug affected only Broadwell and Haswell chips. However, internal testing later found the vulnerability also affects machines powered by Skylake and Kaby Lake chips.
Once the finalized and working patch landed, Intel left it to manufacturers to release it. Microsoft started releasing the variant 2 fix in early March, initially bringing it to Windows 10 Fall Creators Update. This was for hardware running 6th Generation Intel Core and Core m processors.
KB4078407 is now patching Windows Server 2016. However, Microsoft says users should check with device manufacturers before the install. As for KB4091666, the update is delivering Intel's microcode to wider Intel CPU groups, such as Intel Core, Pentium, Celeron, and Xeon processors from Skylake, Broadwell, and Haswell CPUs.
“Applying this update will enable the Spectre Variant 2 mitigation CVE-2017-5715 – Branch target injection vulnerability.'” Microsoft noted in a support document.