Microsoft Releases Meltdown and Spectre Patch for Surface Devices

This week, two new security CPU vulnerabilities have been all over the news. The new vulnerabilities, called Meltdown and Spectre, gives apps unauthorized read access to a computer’s kernel memory on chips from Intel, AMD, and ARM due to a flaw in the processor design. Most companies–including Microsoft–have already released patches for the vulnerabilities across all their products and cloud services.

Today, Microsoft is releasing a new UEFI update for its Surface line of devices to protect users against Meltdown and Spectre. The updates to the Surface UEFI are rolling out to users with the following Surface devices:

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

  • Surface Pro 3
  • Surface Pro 4
  • Surface Book
  • Surface Studio
  • Surface Pro Model 1796
  • Surface Laptop
  • Surface Pro with LTE Advanced
  • Surface Book 2

Microsoft mentions the danger posed by the vulnerabilities are “significantly reduced” on the Surface Hub, which comes with a different version of Windows (Windows 10 Team), but Redmond will continue to closely monitor to the Surface Hub and release patches if needed. “The Surface team is focused on ensuring our users have a secure and reliable experience and will continue to monitor and update devices as needed to address this vulnerability,” the company stated.

Microsoft continues to closely monitor all of its other products, Windows, and its cloud services, along with working with OEMs and chip makers to protect users against Meltdown and Spectre. “Microsoft has not received any information to indicate that these vulnerabilities have been used to attack customers at this time. Microsoft continues to work closely with industry partners including chip makers, hardware OEMs, and app vendors to protect customers,” the software maker noted on a security support page.

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 22 comments

  • Vladimir Carli

    Premium Member
    04 January, 2018 - 7:07 pm

    <p>how do we benchmark this before and after the update?</p><p>V.</p>

    • SRLRacing

      04 January, 2018 - 9:53 pm

      <blockquote><a href="#235221"><em>In reply to Vladimir:</em></a></blockquote><p>There is a Techspot article where they did some back to back comparisons and other than 4k reads from storage it was all within margin of error. </p>

  • jimchamplin

    Premium Member
    04 January, 2018 - 7:30 pm

    <p>This is happening at the firmware level? Not the OS level?</p>

    • nbates66

      04 January, 2018 - 8:10 pm

      <blockquote><a href="#235224"><em>In reply to jimchamplin:</em></a></blockquote><p>there are OS and firmware level(motherboard/system board/BIOS/UEFI) updates getting released to help cover the holes, not sure if the firmware level updates have a performance impact like the OS ones do. Also willing to bet I won't see a UEFI update for my 4 year old Gigabyte motherboard to cover for this. &gt;.&gt;</p>

      • jimchamplin

        Premium Member
        05 January, 2018 - 1:35 pm

        <blockquote><a href="#235232"><em>In reply to nbates66:</em></a></blockquote><p>Ill be surprised if anyone even remembers my machine. Thinkstation S20. I think it’s from 2009. </p><p><br></p><p>So I can be sure that it’s OS update only for me?</p>

  • JimP

    04 January, 2018 - 9:07 pm

    <p>What about non-Microsoft hardware? I have an HP Spectre 360 with the latest Windows Updates and my system is still vulnerable according to Intel's detection tool (downloadcenter.intel.com/download/27150).</p>

    • kenosando

      Premium Member
      04 January, 2018 - 11:55 pm

      <blockquote><a href="#235239"><em>In reply to JimP:</em></a></blockquote><p>The UEFI is a vendor-controlled piece of the underlying PC software, so Microsoft wouldn't have the ability to patch third-party PCs in the same fashion.</p>

    • TomKer

      Premium Member
      05 January, 2018 - 8:05 am

      <blockquote><a href="#235239"><em>In reply to JimP:</em></a></blockquote><p>HP has stated they should have their BIOS/UEFI patches ready around 1/9.</p>

      • JimP

        05 January, 2018 - 9:28 am

        <blockquote><a href="#235327"><em>In reply to TomKer:</em></a></blockquote><p><br></p><p>So how many places does this need to be fixed? We now have fixes for:</p><p><br></p><p>1) Web browsers</p><p>2) The OS</p><p>3) BIOS/UEFI</p><p><br></p><p>Does this make sense to anyone?</p><p><br></p>

        • Waethorn

          05 January, 2018 - 1:20 pm

          <blockquote><a href="#235353"><em>In reply to JimP:</em></a></blockquote><p>I think the list qualifies how severe this is, considering that many OEM's will not update firmware on outdated systems.</p>

  • pmeinl

    Premium Member
    05 January, 2018 - 5:38 am

    <p>Strangely the related OS update KB4056892 did install on my custom built desktop and my very old Thinkpad X61 yesterday but is still not available on my Surface Pro 3. </p><p><br></p><p>Did run the Win update troubleshooter, which found some problems (which is always does on every machine each time run) and let it apply its fixes. Still no OS update?!</p>

  • TomKer

    Premium Member
    05 January, 2018 - 8:08 am

    <p>I see current downloads for Surface Pro 3 running Windows 10, but not Windows 8.1. Any word on that update?</p>

  • Peter Vassiliou

    05 January, 2018 - 10:26 am

    <p>I don't see the firmware update on the MS download centre, or Windows Update. I have a Surface Book 2…</p>

  • Dale

    Premium Member
    05 January, 2018 - 12:31 pm

    <p>I got the update on my surface pro 4 this morning and now it is in a loop of trying to restart with a note at the bottom of the screen that says "preparing automatic repair" it is just sitting there right now doing nothing. Just prior to this screen it showed a green screen with a note that said that windows 10 had an error and needed to restart. Now it won't do anything. Anyone else having this problem?????</p>

    • jimchamplin

      Premium Member
      05 January, 2018 - 1:39 pm

      <blockquote><a href="#235395"><em>In reply to [email protected]:</em></a></blockquote><p>Green screen? So you’re on an Insider build. I hope that isn’t the cause of the issue. </p>

  • Peter Vassiliou

    05 January, 2018 - 2:03 pm

    <p>The title of this article is wrong. Microsoft only announced that they will be releasing firmware updates. They haven't released them yet, or said anything about their availability.</p>

    • mbsnl

      06 January, 2018 - 11:46 am

      <blockquote><a href="#235424"><em>In reply to petvas:</em></a></blockquote><p>Correct</p>

  • madthinus

    Premium Member
    06 January, 2018 - 3:08 pm

    <p>I did not get these updates :-(</p>

  • JimP

    08 January, 2018 - 7:28 am

    <p>Microsoft just updated Windows Mobile. I checked and I have the update on my Lumia 950XL.</p><p><br></p><p>www.neowin.net/news/microsoft-pushes-update-for-windows-10-mobile-likely-aimed-at-spectre</p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC