Last Updated on November 17, 2019 by Mathew Diekhake

Over the last few weeks, Intel has been hard at work to produce fixes for the Intel chips that are vulnerable to the security exploits disclosed by Google Project Zero. This includes the 6th, 7th, and 8th generation Intel core processors.

The updated microcode solutions have been tested by Intel customers and industry partners to ensure that the patches have worked before the update was released. With nothing but good news now, the microcode has started rolling out to the OEM customers, like yourselves. These microscodes will become available for OEM customers to install through new firmware updates when they become available, and that’s exactly what’s up for grabs here with the KB4090007 cumulative Update for Windows 10 version 1709.

You can view the full list of processors that this update affects from the Microsoft Intel microcode updates webpage. If your device has one of the processors mentioned in the table, then you should be installing the new KB4090007 update from the Microsoft Update Catalog.

The new KB4090007 update is only available to install by manually downloading the update at the moment; wait for it to roll out over the air as an automatic update isn’t going to happen. Whether or not that will change in the future is unknown. What is known though is that you’ll need to be running on either the Windows 10 version 1709 (Fall Creators Update) or Windows Server version 1709 (Server Core) before installing the update manually, as those are the versions of Windows 10 that this update is targeted for.

If you’ve installed the KB4090007 update on a computer that didn’t require it, it’s not the end of the world as it will just uninstall it by itself.

The KB4090007 firmware update is in the relation to the ongoing meltdown and spectre saga, and there are some disadvantages to installing this particular firmware build number that you might want to know about before installing it. When installing the update, the operating system copies the new microcode to the CPU during the boot process. After shutdown, the microcode will stay in the system partition and is no longer stored in the CPU. If the computer only has the one operating system—i.e., Windows OS—then it doesn’t matter because the microcode gets copied the next time to the computer is booted. However, if the computer is dual booting operating systems, and the bios and second operating system don’t have the microcodes, the second operating system is vulnerable still to the meltdown and spectre exploits that the firmware was meant to be patching. Thus, when the backup image doesn’t have the microchip installed, it will remain vulnerable to the exploit, unless the bios has been updated with the latest microcode.

There are not currently any known issues with the KB4090007 firmware from those who have installed the update.

Related Tutorials