[German]Microsoft has updated a bunch of microcode updates various Windows 10 versions. However, the corresponding documentation is still missing. Intel has also released information about 17 vulnerabilities (for Q4 2018) in the Management Engine (ME) firmware that require BIOS updates.
Windows 10: Microcode Updates (March 13, 2019)
This Microsoft website, dated Nov. 2018, contains an overview of the available updates. However, the KB articles linked below have not yet been updated, but show the revision status of January 2019.
- KB4100347 for Windows 10 V1803
- KB4090007 for Windows 10 V1709
- KB4091663 for Windows 10 V1703
- KB4091664 for Windows 10 V1607
- KB4091666 for Windows 10 V1507
However, if you search the Microsoft Update Catalog for the KB numbers, the updates will be offered with the date 13 March 2019. Since the documentation has not yet been updated, it is unclear what has changed. And I got a German comment, that the downloads offered via Update Catalog hasn’t been changed. (via deskmodder.de).
Intel BIOS Updates March 2019
Intel has also released security vulnerabilities for the fourth quarter of 2018. German magazine heise.de writes in this article, that 17 security vulnerabilities within the firmware of the Management Engine (ME) has been published. Some vulnerabilities exist in subsystems such as Trusted Execution Engine (TXE) and Active Management Technology (AMT).
Some of these vulnerabilities, which are distributed across different processors, are categorized as ‘high’ in the risk class. Details to CVE numbers CVE-2018-12185, CVE-2018-12187, CVE-2018-12188, CVE-2018-12189, CVE-2018-12190, CVE-2018-12191, CVE-2018-12192, CVE-2018-12196, CVE-2018-12198, CVE-2018-12199, CVE-2018-12200, CVE-2018-12201, CVE-2018-12202, CVE-2018-12203, CVE-2018-12204, CVE-2018-12205 und CVE-2018-12208 may be read within the Intel Security Advisories Intel-SA-00185 and Intel-SA-00191.