Microsoft responds to AMD and Intel processor exploits, now rolling out emergency fix

A few short hours ago, we noted that Microsoft was planning on releasing an emergency Windows Update to address the ongoing security concerns with Intel and AMD processors. According to multiple media outlets, including Windows Central, said KB4056892 update (OS build 16299.192) is now rolling out to Windows 10 users (though we’re not seeing it just yet on any of our machines here at OnMSFT.)

As we previously noted, the security update is set to automatically roll out to all Windows 10 desktops today starting at 5 PM ET, and later to other Windows 7 and Windows 8 on January 16th via a Patch Tuesday update. We’re not finding this update on any of our machines just yet, but Microsoft has released a changelog for it and also made it available via the Microsoft Update Catalog as a manual download.

Here’s a look at the changelog:

• This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:
• Addresses issue where event logs stop receiving events when a maximum file size policy is applied to the channel.
• Addresses issue where printing an Office Online document in Microsoft Edge fails.
• Addresses issue where the touch keyboard doesn’t support the standard layout for 109 keyboards.
• Addresses video playback issues in applications such as Microsoft Edge that affect some devices when playing back video on a monitor and a secondary, duplicated display.
• Addresses issue where Microsoft Edge stops responding for up to 3 seconds while displaying content from a software rendering path.
• Addresses issue where only 4 TB of memory is shown as available in Task Manager in Windows Server version 1709 when more memory is actually installed, configured, and available.
• Security updates to Windows SMB Server, the Windows Subsystem for Linux, Windows Kernel, Windows
• Datacenter Networking, Windows Graphics, Microsoft Edge, Internet Explorer, and the Microsoft Scripting Engine.
• If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Importantly, this update carries a set of known issues and workarounds, relating to installation, and Antivirus software. Please see the known issues below. We invite you to check out Microsoft’s official changelog for more step by step details on how to resolve these issues, especially because the workarounds are rather technical.

• Update installation may stop at 99% and may show elevated CPU or disk utilization if a device was reset using the Reset this PC functionality after installing KB4054022.
• Windows Update History reports that KB4054517 failed to install because of Error 0x80070643.
• When calling CoInitializeSecurity, the call will fail if passing RPC_C_IMP_LEVEL_NONE under certain conditions.
• Due to an issue with some versions of Anti-Virus software, this fix is only being made applicable to the machines where the Anti virus ISV has updated the ALLOW REGKEY.

Noted by The Verge, Microsoft also issued a statement about the processor exploits. The company addressed how it is an industry-wide issue, and how it has worked with chip manufacturers to test mitigations:

We’re aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, ARM, and AMD. We have not received any information to indicate that these vulnerabilities had been used to attack our customers.

It’s really great to see Microsoft stepping up here and supporting their consumers and customers. This processor exploit is rather worrying for the average consumer, and true or not, it’s nice that Microsoft is here to assure customers that they’re not being attacked as a result of the vulnerabilities.