Microsoft Deploys Windows Update To Help Undo Intel's Troubled Spectre Patch

Microsoft is aiming to wipe out buggy Intel patches for the Spectre processor vulnerability with a new update for Windows 10, Windows 8.1 and Windows 7.

"We've been pleased to see Microsoft taking an aggressive approach to both the deployment of patches, as well as to reactions based on customers in the field," said Reed Wiedower, CTO of New Signature, a Washington, D.C.-based Microsoft partner.

Intel disclosed on Jan. 22 that its latest microcode patches related to Spectre had created reboot issues as well as "other unpredictable system behavior."

[Related: Dell, HP And Lenovo Work Toward Rolling Back Firmware Versions After Intel Nixes Spectre Patch]

id
unit-1659132512259
type
Sponsored post

IT vendors including Dell, HP and Lenovo have disclosed plans to return users to previous BIOS firmware versions to help eliminate the Intel microcode.

Now, Microsoft also is offering a Windows operating system update for servers and client devices to address the problems caused by the Intel patches.

"Our own experience is that system instability can in some circumstances cause data loss or corruption," Microsoft said in its disclosure of the update.

Microsoft, Redmond, Wash., said the update will roll back the Intel mitigation related to Spectre variant 2, also known as the "branch target injection" vulnerability.

"While Intel tests, updates and deploys new microcode, we are making available an out-of-band update today, KB4078130, that specifically disables only the mitigation against CVE-2017-5715 – 'Branch target injection vulnerability.' In our testing this update has been found to prevent the behavior described," Microsoft said in disclosing the update.

The update can be downloaded from Microsoft's Update Catalog site. Microsoft also said it's providing a way for advanced users to manually address the issue using changes to registry settings (details here).

Wiedower said Microsoft's response "drives home the key differentiator for partners in the Microsoft ecosystem."

"The very best partners have helped their customers to adopt both a quick and properly governed patching process that allows patches to be validated in a test environment, then deployed to ever increasingly large rings of devices, with the ability to capture real-time telemetry on the success or failure of the patches themselves," New Signature's Wiedower said.

Patches can be deployed in minutes thanks to modern patch management, though implications such as reduced performance and potential data loss could cause customers to slow down their rollout, Wiedower said.

"We think the best partners are insisting that customers deploy real-time telemetry to stamp out any sorts of bugs, but to not slow down their patch deployment out of fear," he said.

Microsoft reiterated that it has no information suggesting that Spectre variant 2 has been exploited as part of a cyberattack so far.

Spectre and the related Meltdown processor exploit were revealed at the beginning of January. The vulnerabilities affect chips from multiple vendors, including AMD and ARM.

The flaws account for three variants of a side-channel analysis security issue in server and PC processors, and could potentially enable hackers to access protected data.

While Intel continues to work on software mitigations for the vulnerabilities, the company has acknowledged that it will ultimately take a hardware fix to fully solve the issue for its processors.

Last Thursday, Intel CEO Brian Krzanich said the company is now "working to incorporate silicon-based changes to future products that will directly address the Spectre and Meltdown threats in hardware." On Friday, Intel CFO Bob Swan said the hardware fixes should be available "in the latter part of this year."