image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1image1
author_avatar_image
by Hatteland Technology
7 Jan 2018
Security vulnerability discovered in modern CPU's.


Intel and AMD has released public information, please review links below.
Microsoft has also provided information regarding security updates for a number of Operating Systems. 


Hatteland Display uses the following Windows 10:
Windows 10 Version 1607 / Windows Server 2016 Monthly quality x86/x64 (KB4056890)


To summarize and adding the KB numbers (useful to search on support.microsoft.com and on the catalog website for download):

Windows 7 / Windows Embedded Standard 7 / Windows Server 2008 R2
• Monthly quality x86/x64 (KB4056894)
• Security only x86/x64 (KB4056897)

Windows 8.1 / Windows Server 2012 R2
• Security only x86/x64 (KB4056898)

Windows Embedded 8 Standard / Windows Server 2012
• Monthly quality x86/x64 (KB4056896)
• Security only x86/x64 (KB4056899)

Windows 10 Version 1507 Monthly quality x86/x64 (KB4056893)
Windows 10 Version 1511 Monthly quality x86/x64 (KB4056888)
Windows 10 Version 1607 / Windows Server 2016 Monthly quality x86/x64 (KB4056890)
Windows 10 Version 1703 Monthly quality x86/x64 (KB4056891)
Windows 10 Version 1709 / Windows Server 2016 (1709) Monthly quality x86/x64 (KB4056892)

Additionally, there's an out of band update for W10 1709: Windows 10 Version 1709 Critical out of band x86/x64 (KB4058702).


POSReady 7 is the same bits as Windows 7 & Windows Embedded Standard 7 so
• Monthly quality x86/x64 (KB4056894)
• Security only x86/x64 (KB4056897)

CE & XP:
For CE&XP based systems, unfortunately there is no fix at this time. 

My Operating system (OS) is not listed. When can I expect a fix to be released?
Addressing a hardware vulnerability with a software update presents significant challenges and mitigations for older operating systems require extensive architectural changes. Microsoft is continuing to work with affected chip manufacturers and to investigate the best way to provide mitigations, which may be provided in a future update.

Although both WES2009 & POSReady 2009 are still under extended support (until mid-2019). 

Resources:
See links below for more resources and information from Microsoft. 

f_meltdown_spectre


Please review these links for more:
Intel PR Response to Security Research Findings 
Intel Investor Relations Call Replay - 1/3 Investor call regarding security research findings 
Intel Microsite - Facts about Side-Channel Analysis and Intel Products 
Intel Product Security Center - IPSC SA-00088 information 
An Update on AMD Processor Security 
www.catalog.update.microsoft.com 
Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities 
Windows Server guidance to protect against speculative execution side-channel vulnerabilities 
Important: Windows security updates released January 3, 2018, and antivirus software 
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 
Securing Azure customers from CPU vulnerability 
Microsoft cloud protections against speculative execution side-channel vulnerabilities 
 

--- Vennlig hilsen ---

Trond K. Johannessen
President & CEO
Hatteland Display AS & EMBRON Group AS

Monica Myklebust Øyen
CEO
Elektronix AS 

You May Also Like