Microsoft Disables Spectre Variant 2 Patch Via Unscheduled Update

Microsoft Disables Spectre Variant 2 Patch Via Unscheduled Update

Microsoft Disables Spectre Variant 2 Patch Via Unscheduled Update

It would seem that Intel failed to take into account the cyberwarfare impact of their early notifications.

Engadget reports that CPU manufacturer Intel warned a number of customers including Chinese firms such as Alibaba and Lenovo about the "Meltdown" bug that left millions of CPU's vulnerable worldwide before they warned the USA government.

Microsoft's latest security update has blocked Intel's patches for the Spectre and Meltdown chip vulnerabilities, on the basis that Intel itself has acknowledged flaws in the software updates.

Intel has been making headlines as a chipset flaw named as Meltdown and Spectre have been creating major security issues on all computer platforms including Windows, Linux, and macOS.

Now, with KB4078130, Microsoft has provided a way to disable the Specter update and fix the reboot issue.

"Our own experience is that system instability [caused by the Intel patch] can in some circumstances cause data loss or corruption", a Microsoft support note explains. This is being fixed but in the meantime, Microsoft has pushed out its own Windows patch that disables Intel's prior buggy fix.

Microsoft is today rolling out a small update for all versions of Windows including the old Windows 7 operating system with a fix for performance issue.

In other developments related to Spectre and Meltdown, which also affect many CPUs made by ARM and AMD, The Wall Street Journal reported yesterday that Intel's initial disclosures about the vulnerabilities were made to "a small group of customers, including Chinese technology companies, but left out the USA government". This update will only disable mitigation against CVE-2017-5715, while keeping the fixes for Meltdown and Spectre variant 1 in place.

After chip-maker Intel confirmed a potential security flaw in its chips, Microsoft has been quick to issue emergency updates to its Windows OS. "I apologize for any disruption this change in guidance may cause", said Navin Shenoy, an Intel executive vice president who leads the company's Data Center Group, in that note.

In such a situation, it is OK for a company to reach out to customers first so that they're able to develop patches and mitigate security concerns as quickly as possible before the news goes public.

A five-page guide from Intel, most recently updated Thursday, details which firmware should be avoided and for which specific processors.

Related news