Two days ago, Graz University of Technology published a paper https://spectreattack.com/ describing a pair of attacks on common microprocessors.
The underlying vulnerability affects Intel, AMD, and ARM processors. All contemporary microprocessors pre-execute instructions.
In other words, the vulnerability bypasses address space isolation. Address space isolation has been a foundation for processor integrity since the 1980s.
Microsoft yesterday released an emergency patch for Windows 10 to address this prior to Patch Tuesday, which incorporates KAISER in KB4056892. Other versions will receive the update on January 9 as scheduled.
Why do these vulnerabilities matter to me?
These vulnerabilities take advantage of a basic process used by all modern CPUs to help speed up requests. They take advantage of the timing of various instructions so they can see the information – whether that’s proprietary corporate data or sensitive personal information.
I’m trying to patch and can’t see the update??
Don’t worry, it’s not just you.
Microsoft has implemented a new requirement for a Registry Key that must be installed to enable automated Windows updates. The idea is to ensure installed endpoint security software is compatible with the patches.
This is not a Trend Micro bug and we are not “fixing” our product. We are providing instructions and tools to enable that compatibility check in a product update.
For users to install the key, Trend Micro recommends a few options:
What to expect when installing the patch
There’s been a lot of talk about the hit to performance when the ability to read information early is taken away. Don’t fret, most PCs and VMs will not see much degradation. Here’s what you need to know based on your environment:
This is not just a Microsoft problem, however. All other operating system vendors will be issuing patches that install as usual.
For everyone – whether you’re a system administrator for a very large enterprise, or you have a single home computer – install this patch as soon as it’s available from your vendor. For consumers, enabling auto update ensures that patches install as soon as they’re available to your computer.
Please add your thoughts in the comments below or follow me on Twitter; @WilliamMalikTM.