Microsoft re-releases several updates to address RSRE, SSB and L1 Terminal Fault

Microsoft released a handful of new mitigation updates for Windows 10 Spectre variants. These updates address Spectre security vulnerabilities namely RSRE, SSB and L1 Terminal Fault.

The changelogs suggest that Microsoft decided to address the following three major vulnerabilities this time:

  • Spectre Variant 3a (CVE-2018-3640: “Rogue System Register Read (RSRE)”)
  • Spectre Variant 4 (CVE-2018-3639: “Speculative Store Bypass (SSB)”)
  • L1TF (CVE-2018-3620, CVE-2018-3646: “L1 Terminal Fault”)

It is worth mentioning that these updates have been released just for the Intel devices. The updates were initially rolled out to the users in August 2018, but the recent release includes some additional enhancements which can be viewed at:

KB4465065 – Windows 10 version 1809
KB4346084 – Windows 10 version 1803
KB4346085 – Windows 10 version 1709
KB4346086 – Windows 10 version 1703
KB4346087 – Windows 10 version 1607

What Are RSRE, SSB and L1 Terminal Fault?

Rogue System Register Read

It is another attack method that is also known as Variant 3a. The attacker alters the value of few system register state by using side channel cache and speculative execution methods. The kernel Address Space Randomization protections are bypassed by the attacker as a result of this vulnerability. Although the 3a variant method is not able to expose sensitive user data still it might allow the attacker to expose physical addresses for some data structures.

L1 Terminal Fault

L1 Terminal Fault is another type of hardware security vulnerability that extracts secret information from the CPU Level 1 Data Cache. Various Intel processors have been affected due to this vulnerability including the Centaur, AMD,  along with few other non-Intel vendors. The vulnerability allows malicious applications to alter the data values in the operating system memory or application data.

Speculative Store Bypass

Speculative Store Bypass is basically a hardware security vulnerability that works exactly the same way Meltdown and Spectre security vulnerabilities. According to Intel, there is a lower probability that the users can be affected by the vulnerability.  You can expect partial protection against variant 4 if you are using the web browsers that have the capability to mitigate Spectre Variants 1 and 2. Intel is all set to release a microcode patch (In the next few weeks) that is going to deal with Variant 4.

In order to ensure complete protection against the vulnerability, users need to enable Spectre mitigation for Windows client and Windows Server.

Are There Any Known Issues In The Updates?

Thankfully, Microsoft has not listed any known issues this time. Ideally, the users are not going to face any technical issues during the installation and the update is expected to install smoothly. These updates can be directly installed from the Microsoft Update Catalogue. While some exceptions might be expected for a few users. If you are one of them, please report these issues to Microsoft so that they can be fixed in the next releases.