Windows Client Guidance for IT Pros

Occasional Contributor

Hi all,

 

Microsoft is aware of a new publicly disclosed class of vulnerabilities that are called “speculative execution side-channel attacks” that affect many modern processors and operating systems, including Intel, AMD, and ARM.

Note This issue also affects other operating systems, such as Android, Chrome, iOS, and MacOS. Therefore, we advise customers to seek guidance from those vendors.

Microsoft has released several updates to help mitigate these vulnerabilities. We have also taken action to secure our cloud services. See the following sections for more details.

Microsoft has yet not received any information to indicate that these vulnerabilities have been used to attack customers. Microsoft is working closely with industry partners including chip makers, hardware OEMs, and app vendors to protect customers. To get all available protections, hardware/firmware and software updates are required. This includes microcode from device OEMs and, in some cases, updates to antivirus software as well.

The following sections will help you identify and mitigate client environments that are affected by the vulnerabilities that are identified in Microsoft Security Advisory ADV180002.

Windows Update will also provide Internet Explorer and Edge mitigations. And we will continue to improve these mitigations against this class of vulnerabilities.....

 

https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-...

 

0 Replies