ZOMBIELOAD: Intel microcode for Windows v1809 / v1803 is available

Protection against Microarchitectural Data Sampling like Zombieload: If you are still using Windows 10 or Windows Server in an older version on an Intel processor, you will now receive microcode that matches the system directly against the operating system in order to harden the system against side channel attacks.

1
681
ZOMBIELOAD: Intel microcode for Windows v1809 / v1803 is available

Microsoft has released dedicated security patches for the Windows 10 and Windows Server v1803 and v1809: The KB4494451 update and the KB4494174 update include microcode for Intel chips and close several vulnerabilities known as Microarchitectural Data Sampling. For the current Windows v1903 and all other older versions, the patches already exist, as well as for v1809 and v1803 as part of cumulative updates already since mid-May 2019.

Microsoft Hyper-V Server 2019 released

Microarchitectural Data Sampling includes Zombieload for Microarchitectural Fill Buffer Data Sampling (MFBDS), Microarchitectural Store Buffer Data Sampling MSBDS (CVE-2018-12126) and Rogue In-Flight Data Load (RIDL) for MDSUM (Microarchitectural Data Sampling Uncacheable Memory, CVE-2019-11091) and Microarchitectural Load Port Data Sampling (CVP-2018-12127). All these side channel attacks work on Intel CPUs that have not been patched and do not have the current stepping, such as the R0 revision on the desktop processors.

The author of the GandCrab ransomware is retiring

As with Specter and Meltdown, MDS attacks are most effective when hyperthreading is used, meaning that code runs via speculative execution of two processes on the same physical CPU core. Zombieload can then read data from the buffers / caches, if not targeted. However, if the information is collected for a sufficiently long time, Zombieload can break the isolation of storage in a virtual machine or in Intel’s SGX.

The new bug that affects computers that update to the latest version of Windows 10

The microcode patches are suitable for all Intel CPUs from the Ivy Bridge generation of 2012, including models such as the Core i5-3427U, the Core i5-3470 or the Xeon E5-2690 v2 or later. Therefore affected are also Haswell, Broadwell, Skylake, Kaby Lake as well as partly Coffee Lake and partly Whiskey Lake (depending on stepping).

Example chip production CPU cores + graphics iGPU μArch Launch
Arrandale Core i5-520UM 32 nm 2 + GT2 Gen5.75 2010
Sandy Bridge Core i5-2537M 32 nm 2 + GT2 Gen6 2011
Ivy Bridge Core i5-3427U 22 nm 2 + GT2 Gen7 2012
Haswell ULT Core i5-4300U 22 nm 2 + GT2, 2 + GT3 Gen7.5 2013
Broadwell U Core i5-5300U 14 nm 2 + GT2, 2 + GT3 Gen8 2014
Skylake U Core i5-6300U 14 nm 2 + GT2, 2 + GT3e Gen9 2015
Kaby Lake U Core i5-7300U 14+ nm 2 + GT2, 2 + GT3e Gen9.5 2016
Kaby Lake Refresh Core i5-8350U 14 ++ nm 4 + GT2, 4 + GT3e Gen9.5 2017
Cannon Lake U Core i3-8121U 10 nm 2 + GT2 (deactivated) GEN10 2018
Whiskey Lake U Core i5-8265U 14 ++ nm 4 + GT2 Gen9.5 2018
Comet Lake U Core i5-10xxxU (?) 14 ++ nm 2 + GT2, 4 + GT2, 6 + GT2 Gen9.5 2019
Ice Lake U Core i5-1035U G1 10+ nm 2 + GT2, 4 + GT2 Gen11 2019
Rocket Lake U Core i5-11xxxU (?) 14 ++ nm, 10+ nm 4 + ?, 6 +? Gen11 (?) 2020
Tiger Lake U Core i5-12xxxU (?) 10+ nm 4 + GT2 Xe 2020
An Overview of Intel Core (Client Mobile) Generations
Example chip production CPU cores base RAM channels PCIe Launch
Nehalem EP Xeon W5590 45 nm 4 LGA 1366 3x DDR3 Gen2 2009
Westmere EP Xeon X5690 32 nm 6 LGA 1366 3x DDR3 Gen2 2010
Sandy Bridge EP Xeon E5-2690 32 nm 8th LGA 2011 4x DDR3 Gen2 2012
IvyBridge EP Xeon E5-2690 v2 22 nm 10 LGA 2011 4x DDR3 Gen3 2013
Haswell EP Xeon E5-2699 v3 22 nm 18 LGA 2011-3 4x DDR4 Gen3 2014
Broadwell EP Xeon E5-2699 v4 14 nm 22 LGA 2011-3 4x DDR4 Gen3 2016
Skylake SP Xeon Platinum 8180M 14+ nm 28 LGA 3647 6x DDR4 Gen3 2017
Cascade Lake SP Xeon Platinum 8280M 14 ++ nm 28 LGA 3647 6x DDR4, Optane Gen3 2019
Cooper Lake SP (?) 14 ++ nm 48 Whitley 8x DDR4, Optane Gen3 2020
Ice Lake SP (?) 10+ nm 26 Whitley 8x DDR4, Optane Gen4 2020
Sapphire Rapids SP (?) 10 ++ nm (?) Eagle stream 8x DDR5, Optane gen5 2021
Granite Rapids SP (?) 7 nm (?) (?) Eagle stream 8x DDR5, Optane gen5 2022
Intel Xeon generations (dual sockets) at a glance

LEAVE A REPLY