When the processor boots, it has versioning to make sure it is utilizing the latest microcode updates regardless of where it may be coming from. Is there a problem if I update my System Firmware/BIOS with one version of a microcode update and allow Windows to install a different version of a microcode update?.Work with your OEM to help make this decision or simply take the updates from Microsoft Update. Technically speaking you could but as mentioned earlier, often Microsoft Update may have the microcode updates to address issues much sooner. Can I skip taking updates delivered via Windows and only take updates from my OEM via System Firmware/BIOS Update?.Microcode updates delivered via the Windows OS are not new as far back as 2007 some updates were made available to address performance and reliability concerns. The answer is simply that Windows offers the broadest coverage and quickest turnaround time to address these vulnerabilities. Why is Microsoft collaborating with Intel and AMD and publishing Microcode Updates via Microsoft Update?.If you were to remove the processor from one computer and install in a computer with an older System Firmware/BIOS and an un-updated OS, you will be back to being vulnerable. However, as stated earlier, neither is updating the microcode in the processors ROM. These volatile updates can be applied to the processor one of two ways – System Firmware/BIOS via OEM and by the Operating System (OS). However, as soon as the processor is rebooted, it reverts back to the microcode baked into their ROM. Modern processors do have the ability at initialization to apply volatile updates to move the processor to a newer microcode level. This microcode is immutable and cannot be changed after the processor is built. When processors are manufactured, they have a baseline microcode baked into their ROM.To start the discussion, we need to lay down a key fact:
The purpose of this blog is to help answer why Microsoft is collaborating with our partners Intel and AMD on these microcode updates and a little background on how these updates work. The security implications of why you should update the microcode on your processors are already covered in the below documentation from us and our partners (Spectre/SBB/etc.): Hello, my name is Steve Mathias, Microsoft Premier Field Engineer (PFE) and I wanted to spend a moment to discuss the “mechanics” of the Intel Microcode Updates that you may see coming down from Microsoft Update or the Windows Catalog.
0 kommentar(er)
