Windows 10 users who are using the latest Intel Processors will soon receive Intel’s microcode updates that address the Spectre variant 2 attack. The “speculative execution side-channel attacks” which are broadly known as Meltdown and Spectre aren’t regular security vulnerabilities we are accustomed to.
Normally, a straightforward security update is sufficient to remove system vulnerabilities, however, repairing the flaws associated with Spectre requires a combination of hardware and software updates along with coordination for developers of security software. Incompatibilities within these updates can result in crashes and might even lead to data loss.
Now Intel has released some microcode updates that gives operating systems greater control and protection from this speculative execution. These updates mainly come via two distribution channels - one relying on the system firmware and the other through the operating system. For some reason, Microsoft and Windows had neglected to offer the latest Intel microcode updates through its drivers, but that changes now.
Microsoft will now list the Intel firmware updates in its Microsoft Update Catalog so that IT admins can distribute it to respective systems. Initially, Microsoft is only providing updates for Skylake systems, but more system firmware updates will be provided as they become available.
Furthermore, the company has stated that all future Windows updates will require the system to have compatible and updated antivirus software. The updates that deal with the Meltdown and Spectre flaws change the operating system in such a manner that certain incompatibilities may rise with some anti-viruses.
To avoid instances where the patch gets applied to a system with an incompatible antivirus program, the update and all subsequent ones will require a special registry key. This registry key created by the antivirus program will indicate its compatibility with the Meltdown and Spectre Fixes.
Now Windows 8.1, as well as Windows 10 systems, comes with an integrated antivirus which will set the key and enable the updates automatically. However, Windows 7 users will have to browse for suitable antivirus software to avail these patches. Furthermore, Microsoft has stated that incompatible antivirus programs, as well as systems devoid of any antivirus programs, will not be eligible for further Windows updates.