Posts Tagged ‘Security’

Summary:   Intel Processor(CPU) microcode update for Windows 10 Version 1809 addressing Spectre and Terminal Fault security vulnerabilities



    • This Intel Microcode update for Windows 10 Version 1809 address 3 security vulnerabilities
        • Two Spectre variants(3a and 4) and the L1 Terminal Fault(L1TF)
    • Windows 10 Version 1809 Intel microcode updates are stand-alone updates and currently only available in the Microsoft Catalog though in the future it may also be deployed through Windows Update
    • This Microcode updates include previous released microcode updates
    • Applicable to Windows 10 Version 1809 and noted in the Knowledge Base(KB) article section
    • Applicable to specific Intel CPU’s as noted in the Knowledge Base article
      • Note: Install the update for the applicable processor


Microsoft Knowledge Base(KB) article:


How to Obtain:


Additional information::


Apr  5 2019: Initial Draft Date

Apr  6 2019: Initial Publish Date

Apr  9 2019: Added pic(snapshot/graphic) of KB4465065 in Microsoft Catalog

Apr 10 2019: Added ‘Additional Information’ section

Summary:  Windows 10 Servicing Stack Updates


  • Servicing Stack Updates for Windows 10  (also known as SSU)
  • Servicing Stack Updates make improvements to the Windows 10 component that installs updates for Windows 10
  • Applicable to Windows 10 Versions 1809, 1803, 1709, 1703 and 1607 and 1507-LTSB
    • For 32 bit(x86), 64 bit(x64), and ARM(only 1709, 1803, 1809)
    • Servicing Stack Updates are deployed automatically via Windows Update
    • Servicing Stack Updates are also available via the Microsoft Catalog
    • Microsoft Comment (Editor Note: Important if manually installing cumulative updates and SSUs)
          • "Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). Installing servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft security fixes."



Mar 15 2019: Initial Draft and Publish Date

April 20 2019: Updated to reflect latest 1809 SSU


Intel Processor(CPU) microcode updates for Windows 10 addressing Spectre security vulnerabilities


  • Windows 10 Intel microcode updates are stand-alone updates available in the Microsoft Catalog
  • Windows 10 versions will also receive the microcode update via Windows Update
  • Microcode updates include previous released microcode updates
  • Applicable to Windows 10 versions listed below in the Knowledge Base(KB) article section
  • Each KB article provides the Intel supported CPU and listed in table form by Code Name, Product Collection, Product Name, CPUID, and Intel microcode update revision

Microsoft KB article:

Additional Information:




Sept 1 2018:  Initial Draft Date

Sept 7 2018: Initial Publish Date

Nov 27 2018: Updated – added comment – Microcode deployment/availability via Windows Update

Nov 28, 2018: Updated – added  information – Summary of Intel Microcode Updates; Editor Note

Summary:   How to Run Windows Defender Offline



  • Windows 10 Version 1607 includes a new feature(tool) for malware removal – ‘Windows Defender Offline’
  • Windows Defender Offline is integrated into Windows 10 Version 1607
  • Windows Defender Offline performs the scan prior to Windows startup (i.e. Offline)
  • Provides the ability to remove malware and viruses that may be difficult or not capable of being removed while Windows is running



Note: Save all work and close all applications prior to proceeding to run Windows Defender Offline

  • Steps to run Windows Defender Offline
    • Click on each in sequence
      • Start Button
      • Settings
      • Update and Security
      • Windows Defender (then scroll down to ‘Windows Defender Offline’)
      • Scan Offline


    • After clicking ‘Scan Online’ the Windows Defender Offline process will provide an alert that Windows will shutdown in about a minute.  Once the timeout occurs, Windows will Restart
    • After the required Restart, Windows Defender will briefly show a screen indicating the scan is about to begin
    • Once the scan begins the Windows Defender Offline graphical interface will appear with a progress bar
    • The scan typically takes about 15 minutes to complete
    • Once complete, if no malware is found, the system/device will reboot
      • If malware(an infection) is found, Windows Defender Offline will provide the ability to remove the malware/infection.
            • (Note: Windows Defender Offline, like all other Antivirus/Antimalware scanning software that runs resident and non-resident may not be able to remove all forms of malware)



August 3, 2016: Initial Draft Date

October 8, 2016: Initial Publish Date

March 15, 2017:  Updated ‘Comments’ and  itemized  ‘How-To’ steps in bullet form


Windows Updates in Windows 10 will have different deployment/distribution methods for Consumers, Business, Enterprise and Phone customers on personal and business devices


1.  The different distribution methods are:

  • Current Branch – Consumers will will regularly receive all new features, security updates and other fixes to the operating system. No choice will be available as to which updates they wish to receive or don’t receive. All updates will be deployed via Windows Updates but not on any given day (i.e. no Patch Tuesday). This method is also applicable to all Windows 10 Mobile devices personal and business.
  • Long Term Servicing Branch – Enterprise Customers will have an option to received security updates only without new features. The pace of the updates will be able to be controlled using existing mechanisms (e.g. WSUS, System Configuration Manager, Enterprise Mobility Suite)
  • Windows Update for Business – End users not running mission critical devices will be able to receive new features, security updates, and other fixes at a measured pace (Distribution Rings, Maintenance Windows, Peer to Peer Delivery, and Integration with existing System Management tools) for Windows 10 Pro and Windows 10 Enterprise devices. 

Additional Information:

2.  Windows Updates in Windows 10 was presented during Microsoft Ignite – Microsoft’s show for IT professionals.

3.  A video containing Windows 10 Update Approach can be viewed/downloaded on:


  • The Windows 10 Windows Update presentation starts at the 2 hour, 20 minute 20 sec. mark (2:20:20)
  • The presenter is Terry Myerson, Executive Vice President of Operating Systems, Microsoft Corporation.


4.  Windows 10 Windows Update ‘Approach’ and ‘Windows Update for Business’ slides from the Ignite show




5.  Windows Update for Business will be free for Windows Pro and Windows Enterprise

6.  Microsoft Windows Blog – Announcing Windows Update for Business


May 6, 2015: Original Draft Date

May 12, 2015: Original Publish Date

May 13, 2015:  Added ‘Additional Information, Item #6