[German]Microsoft has released several updates to close Spectre and Meltdown vulnerabilities. Now the information page, that informs about that mitigation, has been updated again.
The web site Windows client guidance for IT Pros to protect against speculative execution side-channel vulnerabilities may be applied for:
- Windows Server 2016 Version 1709
- Windows Server 2012 R2 Standard
- Windows Server 2012 Standard
- Windows Server 2008 R2 Service Pack 1
- Windows Server 2008 R2 Standard
- Windows Server 2008 Service Pack 2
- Windows Server 2008 Foundation
- Windows Server 2008 for Itanium-Based Systems
- Windows Server 2008 Enterprise without Hyper-V
- Windows Server 2008 Enterprise
- Windows Server 2008 Datacenter without Hyper-V
- Windows Server 2008 DatacenterServers
- Windows Server 2016 Datacenter
- Windows Server 2016 Essentials
- Windows Server 2016 Standard
- Windows Server 2016
- Windows Server 2008 R2
- Windows Server 2008 R2 Datacenter
- Windows Server 2008 R2 Enterprise
- Windows Server 2008 R2 for Itanium-Based Systems
- Windows Server 2008 R2 Foundation
- Windows Web Server 2008 R2
- Windows 10, version 1803
- Windows 10, version 1709
- Windows 10, version 1703
- Windows 10, version 1607
- Windows 10
- Windows 7 Service Pack 1
and has been updated November 15, 2018. The registry settings for AMD CPUs have been added to enable/disable Meltdown and Spectre protection:
CVE | Requires CPU microcode/firmware? | Mitigation Default status |
CVE-2018-3639 | Intel: Yes AMD: No ARM: Yes |
Intel and AMD: Disabled by default. See ADV180012 for more information and this KB article for applicable registry key settings.
ARM: Enabled by default without option to disable. |
In ADV180012 you will find the update of November 13, 2018. So far only the manual registry settings were available for Intel CPUs. Now Microsoft have added details for AMD processors as well as AMD and ARM CPUs to enable full risk mitigation for CVE-2017-5715 (Spectre variant 2) and full risk mitigation for CVE-2017-5715 (Spectre variant 2) and CVE 2018-3639 (Speculative Store Bypass).