Microsoft has introduced new microcode updates (KB4497165) for Windows 10 Version 1903/Windows Server 2019 Version 1903 today. This microcode update is mainly used to mitigate speculative execution vulnerabilities such as the Meltdown of Intel series processors. It is theoretically recommended that all users install this update. Speculative execution is a high-risk security vulnerability in Intel’s modern processors, but this vulnerability is a design-level issue and cannot be fixed directly by software. These microcode updates can mainly mitigate vulnerabilities and increase the difficulty of exploiting the vulnerabilities and improve security through software as much as possible if the hardware cannot be repaired.
The past microcode updates are usually aimed at Intel’s 5th to 8th generation processors. Recently, Microsoft’s synchronous Intel microcode update has been supported to the third generation. It should be noted that these microcode updates are not only for the Core series processors but also for the Pentium, Celeron, Atom and Xeon series processors. It is estimated that there are very few users who still use Intel’s 2nd generation and previous processors, so these updates from Microsoft are only for from the 3rd generation. Microsoft said that this microcode update mainly addresses the recently discovered sampling attacks, and sampling attacks are also high-risk security holes.
In fact, the most important microcode update is to disable Intel Hyper-Threading Technology and to ensure data security in the kernel with software-level isolation. It is also true that users who install such microcode updates will have a performance impact, which is why many users are reluctant to enable microcode updates. However, based on security considerations, users are advised to deploy microcode updates. After all, such vulnerabilities may be exploited at some point to reveal user data.