Spectre

The Intel Microcode Boot Loader creates a bootable USB flash drive that automatically applies the latest Intel microcodes to your identified CPU so that you are protected from the speculative execution side-channel attacks called Spectre.

Spectre is vulnerability found in Intel & AMD CPUs that allow a malicious process to steal information from another running process on the computer. To fix these vulnerabilities, Intel released updated microcodes that patch Intel CPUs so that they become protected from the vulnerability.

For Windows 10 and Windows Server 2016 users, Microsoft distributed these updated microcodes automatically as a Windows update. Unfortunately, older operating systems and thus the CPUs that run them, would not be receiving the patches and would not be protected. This is where the Intel Microcode Boot Loader comes into play.

Created by Eran "Regeneration" Badit, this tool will use the Intel BIOS Implementation Test Suite (BITS) and the Syslinux bootloader to automatically detect and apply the most current microcodes for an Intel processor.  This allows computer using old processors to become protected.

"Microsoft issued a fixed microcode update for Spectre via KB4090007 only for Windows 10 and 2nd generation i7s (Sandy Bridge) and newer," Badit told BleepingComputer via email. "Motherboard vendors released BIOS/UEFI updates only to their recent products. Plenty of users were left in the dark. Users with modern CPUs and Windows 8/7/Vista/XP, users with Nehalem and Westmere (like myself)."To use 

Intel Microcode Boot Loader
Intel Microcode Boot Loader

In order to use the tool you need a USB flash drive with at least 25MB of storage and a motherboard whose BIOS supports the booting of USB flash drives. You can then perform the following instructions:

  1. Format a USB flash drive with FAT32 filesystem.
  2. Extract the archive to the USB flash drive and run install.exe to make it bootable.
  3. Enter the BIOS/UEFI, assign the USB flash drive as the 1st boot device and enable legacy boot mode.
  4. The boot loader will regularly update the microcode and load the OS.

When the install.exe is run it will extract a batch file to the %Temp% folder and execute it.

Intel Microcode Boot Loader batch file
Installing the Intel Microcode Boot Loader

This batch file will use Syslinux.exe to make the USB drive bootable and then identifies your CPU ID using the command "wmic cpu get processorid ". It then copies the appropriate microcodes for your CPU to the directory used by BITS to update your microcodes when the computer boots.

Batch File
Batch File

When you boot up with the bootable USB drive, the bootloader will start, apply the included microcodes for the identified CPU, and then boot the operating system.  A demonstration video showing this in practice is displayed below.

According to Badit, this release contains the microcodes for 392 Intel CPUs produced from 1996 to 2018. These microcodes are found in the \boot\mcudb folder and can be updated with newer ones if they are released in the future.

It should be noted that in order to utilize this tool, users must always boot up using this flash drive as the patches are applied at run time. 

Finally, while BleepingComputer analyzed the contents of the program to make sure no malicious activity was occurring, 2/68 security products did detect this program as a threat. These are most likely false positives, but users should only use this program if they feel comfortable with how the tool works.

Related Articles:

Microsoft pulls Windows 11 KB5039302 update causing reboot loops

Get certified this summer with $369 off this Microsoft training bundle

Windows 11 KB5039302 update released with 9 changes or fixes

Windows 10 KB5039299 update released with 10 changes or fixes

New attack uses MSC files and Windows XSS flaw to breach networks