What you need to know
- The latest batch of monthly "Patch Tuesday" updates is now available for Windows 10 PCs.
- The updates address a serious security flaw recently found in Intel processors.
- The usual batch of cumulative update fixes are included as well.
It's the second Tuesday of May, which means it's time for another round of "Patch Tuesday" Windows 10 updates from Microsoft. While this month's releases pack the usual array of bug fixes, they also contain a patch for a serious security flaw in Intel processors that was just disclosed today.
Here's a look at the release notes for the October 2018 Update, which ticks the build number up to 17763.503:
- Enables "Retpoline" by default if Spectre Variant 2 (CVE-2017-5715) is enabled. Make sure previous OS protections against the Spectre Variant 2 vulnerability are enabled using the registry settings described in the Windows Client and Windows Server articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions). For more information about "Retpoline", see Mitigating Spectre variant 2 with Retpoline on Windows.
- Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 64-Bit (x64) versions of Windows (CVE-2018-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130). Use the registry settings as described in the Windows Client and Windows Server articles. (These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions).
- Adds "uk.gov" into the HTTP Strict Transport Security Top Level Domains (HSTS TLD) for Internet Explorer and Microsoft Edge. Addresses an issue that may cause "Error 1309" while installing or uninstalling certain types of .msi and .msp files on a virtual drive.
- Addresses an issue that prevents the Microsoft Visual Studio Simulator from starting.
- Addresses an issue that may cause zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) to fail.
- Addresses an issue that causes Simple Network Management Protocol (SNMP) Management Information Base registration to fail when the Windows Management Instrumentation (WMI) provider uses the Windows tool SMI2SMIR.exe.
- Addresses an issue that may cause the text, layout, or cell size to become narrower or wider than expected in Microsoft Excel when using the MS UI Gothic or MS PGothic fonts.
- Security updates to Microsoft Edge, Internet Explorer, Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Graphics, Windows Storage and Filesystems, Windows Cryptography, the Microsoft JET Database Engine, Windows Kernel, Windows Virtualization, and Windows Server.
A similar set of fixes is rolling out to prior supported versions of Windows 10 as well. For the full rundown, you can check out Microsoft's release notes. Otherwise, today's cumulative updates should be available now via Windows Update.
Cheap PC accessories we love
Take a gander at these awesome PC accessories, all of which will enhance your Windows experience.
Anker 4 port USB 3.0 hub ($10 at Amazon)
Whether on a desktop or laptop PC, you always need more ports to connect things to. This hub gives you an additional four USB 3.0 Type A ports.
Ikea Fixa Cable Management System ($11 at Amazon)
This IKEA cable management kit is your ticket to a clean setup. It's simple and functional.
NZXT Puck ($20 at Amazon)
This clever little accessory has powerful magnets on the rear to make it stick to any of the metal panels on your PC case or anything else. It's great for hanging accessories like headsets.
