Alarmingly, Microsoft was forced to issue an emergency out-of-band Windows update last Saturday which is designed to disable patches already issued for the Spectre Variant 2 bug (CVE-2017-5715).
The update —KB4078130— targets Windows 7 (SP1), Windows 8.1, all versions of Windows 10, and all supported Windows Server distributions.
The original mitigations were first shipped on January 3 and were designed to combat the threat posed by the Meltdown and Spectre bugs.
This latest move was made after Intel publicly admitted that the microcode updates it developed for this bug caused “higher than expected reboots and other unpredictable system behaviour” that led to “data loss or corruption.”
As there have been no reported breaches due to Spectre, Microsoft made the unprecedented step of disabling the Variant 2 mitigations until Intel has found a more appropriate solution and stable fix.
Microsoft is aware that some of the updates might not be rolled out right away and have issued a set of instructions on how to manually disable the Spectre Variant 2 using the registry keys.
Separate instructions are available for Windows desktop and server users.
Microsoft are following in the footsteps of Dell, who were the first company to advised customers to “revert back to a previous BIOS versions” that did not include Spectre patches.
HP and Red Hat Enterprises have also taken action since the admission was made by Intel although HP’s advice, to date at least, does not cover the Variant 2 patch. Red Hat actually took action prior to Intel’s announcement.
AMD processors could also be affected by the Spectre Variant 2 patching meaning that Intel is not alone with the issue. In fact, Microsoft actually rolled of Windows updates aimed solely at the AMD processors. Microsoft resumed these updates, but only after AMD worked with Microsoft to correct reported BSOD errors.
Via: The Verge