Important 2018-05 archive

Executive Summary

On January 3, 2018, Microsoft released an advisory and security updates related to a newly discovered class of hardware vulnerabilities (known as Spectre and Meltdown) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. On May 21, 2018, Intel announced the Rogue System Registry Read vulnerability and assigned CVE-2018-3640. An attacker who has successfully exploited this vulnerability could then bypass Kernel Address Space Layout Randomization (KASLR) protections. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The mitigation for this vulnerability is exclusively through a microcode/firmware update, and there is no additional Microsoft Windows operating system update. To protect your system from this vulnerability, Microsoft recommends that you take the following actions: See the following links for further information related to CVE-2018-3640: 1. When will the firmware updates be available? If you have a non-Microsoft device, we suggest contacting your OEM for ths information. For Microsoft devices, we will amend this advisory when microcode/firmware updates become available. Additionally, we will notify customers via security notification service email. To sign up for this notification email see Microsoft Technical Security Notifications . 2. Will there be updates for Windows operating systems? There is no software mitigation needed. The mitigation for this issue is exclusively a processor microcode/firmware update. Affected users should contact their hardware vendor for these updates. 3. Where can I find information regarding the Speculative Store Bypass (SSB) vulnerability CVE-2018-3639? For information about CVE-2018-3639, see ADV180012 | Microsoft Guidance for Speculative Store Bypass . 4. Where can I finder further information on Microsoft guidance for Spectre and Meltdown vulnerabilities? See ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities .

Overview

Important
MS Severity
Not Exploited
MS Exploit Status
Less Likely
MS Exploit Likelihood
Category Security Feature Bypass
Released May 8 2018
Last Updated May 8 2018
Publicly Disclosed No
CISA KEV Not Listed
Known Exploits None Known

EPSS Score

No EPSS score available for this CVE.

View on FIRST.org

Affected Products

8 affected products
Product KB Article Severity Impact Restart Required
Microsoft Surface Book 4073065 (Update history) Important Security Feature Bypass Yes
Microsoft Surface Book 2 4073065 (Update history) Important Security Feature Bypass Yes
Microsoft Surface Laptop 4073065 (Update history) Important Security Feature Bypass Yes
Microsoft Surface Pro 3 4073065 (Update history) Important Security Feature Bypass Yes
Microsoft Surface Pro 4 4073065 (Update history) Important Security Feature Bypass Yes
Microsoft Surface Studio 4073065 (Update history) Important Security Feature Bypass Yes
Surface Pro Model 1796 4073065 (Update history) Important Security Feature Bypass Yes
Surface Pro with Advanced LTE Model 1807 4073065 (Update history) Important Security Feature Bypass Yes

Patches

1 patch
Article Type Restart
4073065 Update history Yes

Known Exploits

Acknowledgments

None