Microsoft out-of-band update reverses troubled Spectre updates

Posted on Monday, January 29 2018 @ 13:42 CET by Thomas De Maesschalck
MSFT logo
This is interesting. Over the weekend, Microsoft rolled out an emergency update that reverses shoddy updates for the Spectre variant 2 vulnerability. The reason is that the initial CPU microcode updates from Intel were so bad that they caused reboot issues. Initially, the chip giant downplayed the issue but it later emerged that the reboot issues were more widespread than expected. As such, Microsoft saw itself forced to push out an out-of-band update to resolve this mess for Windows-based systems.
“Our own experience is that system instability can in some circumstances cause data loss or corruption,” Microsoft wrote, adding “We understand that Intel is continuing to investigate the potential impact of the current microcode version and encourage customers to review their guidance on an ongoing basis to inform their decisions.”

This applies only to the Spectre patch, Microsoft emphasised: “Application of this payload specifically disables only the mitigation against CVE-2017-5715 – 'Branch target injection vulnerability.'”
At the moment, there are no known attacks for Spectre variant 2.

Via: The Register


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments