SynopsisThe remote Windows host is missing a microcode update.
DescriptionThe remote Windows host is missing a security update. It is, therefore, missing microcode updates to address the following vulnerabilities:
- Spectre Variant 3a (CVE-2018-3640: Rogue System Register Read (RSRE)).
- Spectre Variant 4 (CVE-2018-3639: Speculative Store Bypass (SSB))
- L1TF (CVE-2018-3620, CVE-2018-3646: L1 Terminal Fault)
Note that Nessus did not actually test for these flaws nor checked the target processor architecture but instead, has relied on the version of mcupdate_GenuineIntel.dll to be latest for supported Windows release.
SolutionMicrosoft has released security updates for Windows 10, Server 2016 and Server 2019.