Microsoft rolling out Surface firmware updates with Meltdown, Spectre mitigations

Best Cases For Surface Pro
Best Cases For Surface Pro

Just after the recent Meltdown and Spectre processor vulnerabilities were disclosed last week, Microsoft revealed that it would issue a set of Surface firmware updates to mitigate against the attacks, in addition to its general emergency update for all Windows users. Those firmware updates are now ready and rolling out over Windows Update for a range of surface devices.

Dated January 10, the updates are now rolling out to the Surface Book 2, Surface Laptop, Surface Studio, Surface Book, and Surface Pro 4, according to the Surface Update History (opens in new tab) tracker. Each round of updates includes a firmware tweak to "resolve potential security vulnerabilities, including Microsoft security advisory 180002 (opens in new tab)," which addresses the Spectre and Meltdown vulnerabilities.

In addition to that particular security issue, the original Surface Book has received an extended range of firmware updates. Here's a look at what's included:

  • Intel(R) HD Graphics 520 – Display adapters - improves Direct X 12 and power performance.
  • Surface Management Engine – Firmware - improves reliability and resolves potential security vulnerabilities, including Microsoft security advisory 170012 (opens in new tab).
  • Surface System Aggregator – Firmware - 90.1837.256.0 improves reliability and resolves potential security vulnerabilities, including Microsoft security advisory 170012 (opens in new tab).
  • Surface dTPM (IFX) – Firmware - 5.62.3126.2 improves reliability and resolves potential security vulnerabilities, including Microsoft security advisory 170012 (opens in new tab).
  • Surface UEFI – Firmware - 91.1926.768.0 improves reliability and resolves potential security vulnerabilities, including Microsoft security advisories 170012 (opens in new tab) & 180002 (opens in new tab).
  • Intel(R) Display Audio – Sound, video and game controller - improves audio stability.
  • Intel(R) Management Engine Interface - System - improves system stability.

Microsoft's advisory stated that the Surface Pro 3, new Surface Pro, and Surface Pro with LTE Advanced would receive updates as well. They're not currently documented on the Surface Update History page, but they'll presumably be updated soon as well.

Dan Thorp-Lancaster

Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl

  • These vulnerabilities have been around how long? 5 years? Until last week no one was aware of them nor had there been any reported exploits of systems. Had it not made the news, everyone would still carry on as before, and still probably would never get attacked.
  • These vulnerabilities actually date back to 1995 when branch prediction and out of order execution were first implemented in consumer CPU's.  Whether an exploit makes the news or not has nothing to do with whether or not bad actors are utilizing them.
  • Has there ever been a single reported case?
  • The NSA doesn't usually tell the public about those.
  • You could be a victim of the exploit right now, guess what? - you wouldn't even know about it as you cant detect if exploited as it's above the OS level.
  • I think those already rolled out a couple of days ago, because I had a bunch of firmware updates that showed up right after Microsoft announced they were addressing it.  I'm not seeing any new firmware updates available at the moment.  
  • If you're an Insider then you already have this firmware.
  • Mine ran last night, patch Wednesday?
  • wen in indiana?
  • It all depends on if you believe in the The Central Time Coalition or not.
  • Lol
  • when I run the intel checker Intel-SA-00086-GUI after the firmware updates it still shows my machine surface book is not protected. but when I run the checker on my ASUS G11CD after I ran their bios patch that machine shows protected.
  • Unless chip manufacturers patch the microcode then machines are still vulnerable and the only real way to fix this is to buy a new processor, which is impossible for mobile devices
  • Surface Book 1/Base and Surface Studio with Skylake get updated GPU drivers. Surface Pro 4 does not. It still has drivers dating PRE-Creators Update. What's taking so long, damn it.
  • As far as I can see the SP4 GPU is working prefectly fine. Hence no need for an update.
  • hello guys,have you ever wondered what your spouse is doing behind you?i was able to get proof that my ex husband was cheating on me through the help of a good samaritan which was referred to me by Mrs Jane.i messaged him and to my greatest suprise he's real and he got me result in less minutes,he's a great professional ,applause for him always as i told him i will let the world know him,do you have any problem spying on someone,track a cheating spouse,hack into text messages and phone calls,bank statement hacks and criminal records erased also you can boost your school grade,hack into whats' app,facebook,viber,emails,gmail and whatsoever related to hacking or your trying to get into a phone without the owner's consent,he's an expert and won't ever fail you.  contact hackdigg at g mail dot com or text his number +15186284630 ,also you can text him on whats app or call him with this number on what's app +15185049376 and let him know i referred you.for sure he will help you.
    Email:hackdigg at gmail dot  com
    Text num:+15186284630
    what's app num:+15185049376
    tell him Roseline referred you.
  • My SP3 (Insider builds) keeps rebooting since the firmware upgrade with the ":(" green screen of the death... It was perfectly stable before that and now it almost not usable. So other in the same situation here?
  • Surface Pro (2017) now bricked! Was using it this evening when all of a sudden the frown face, blue screen of death appeard. Would not collect the usual information and restart. After a forced restart (power button for 15-30 seconds) only shows the UEFI screen after a lengthy restart process. Upper right corner of UEFI screen presents a logo of a hard drive with an "x" in the middle. Also unable to download a recovery image from Microsoft: "Internal Server Error: The server encountered an internal error and was unable to complete your request. Please refresh the page or try again later."
  • Surface Book bluescreens, reboots, freezing up and goes black. All started after the January updates, though I can't for sure attribute it to the updates. It even bluescreened trying to post this comment. No anti-virus from other vendors running - just Defender. Even tried reinstalling everything from scratch; same problem.
  • When does surface pro 2 get the update......