Microsoft, Intel release security update for MMIO vulnerability on Windows 10, Server 2016

Back in June of 2022, Intel and Microsoft issued a warning about security vulnerabilities related to the CPU"s memory-mapped I/O (MMIO), which are called "MMIO Stale Data Vulnerabilities" collectively. A threat actor, upon successful exploitation of a vulnerable system, can read privileged information on such a machine.

Last month, updated mitigations were released for several versions of Windows 10 and Windows 11. A few days back, Microsoft and Intel have now updated the files for Windows 10 version 1507 (which is the original release) as well as for Windows Server 2016. Microsoft on its support document described the vulnerability:

Summary

Intel has released “Intel Processors MMIO Stale Data Advisory”. This security advisory states that potential security vulnerabilities exist in Memory Mapped I/O (MMIO) for some Intel processors which might allow information disclosure.

Improvements

Intel Platform Update (IPU) 2022.1 that is dated June 2022 contains fixes for security vulnerabilities including Memory-Mapped I/O (MMIO) Side-Channel Attack.

The updates can be manually downloaded from Microsoft Update Catalog website at the links below:

In case you are wondering, these will download the necessary updated DLL files on your system. For Windows 10 1507 (x86), the file name and versions are mcupdate_GenuineIntel.dll and 10.0.10240.19807. Meanwhile for x64, the file name and versions are

Likewise, for Windows Server 2016, the file name and versions are mcupdate_GenuineIntel.dll and 10.0.14393.5793 for x86, and for x64, they are mcupdate_GenuineIntel.dll and 10.0.14393.5793.

Report a problem with article
Next Article

WhatsApp users can now save disappearing messages, but there is a twist

Previous Article

DOTA 2 now has a drastically expanded map as Valve delivers titanic changes