Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Issues Windows Out-of-Band Update That Disables Spectre Mitigations (bleepingcomputer.com)

Posted by EditorDavid on from the complete-and-utter-garbage dept.

An anonymous reader quotes BleepingComputer: Microsoft has issued on Saturday an emergency out-of-band Windows update that disables patches for the Spectre Variant 2 bug (CVE-2017-5715). The update -- KB4078130 -- targets Windows 7 (SP1), Windows 8.1, all versions of Windows 10, and all supported Windows Server distributions. Microsoft shipped mitigations for the Meltdown and Spectre bugs on January 3. The company said it decided to disable mitigations for the Spectre Variant 2 bug after Intel publicly admitted that the microcode updates it developed for this bug caused "higher than expected reboots and other unpredictable system behavior" that led to "data loss or corruption."

HP, Dell, and Red Hat took previous steps during the past week.
"We are also offering a new option -- available for advanced users on impacted devices -- to manually disable and enable the mitigation against Spectre Variant 2 (CVE 2017-5715) independently via registry setting changes..." Microsoft writes.

"We recommend Windows customers, when appropriate, reenable the mitigation against CVE-2017-5715 when Intel reports that this unpredictable system behavior has been resolved for your device. "

3 of 90 comments (clear)

  1. New processor for everyone! by mspohr · · Score: 3, Insightful

    If it's so easy to disable the protection in a Microsoft patch, I'm sure that anyone who wants to exploit the microcode bug could also disable the protection.
    This is a fundamental flaw with the microcode and the only fix is a new processor.
    Intel needs to give everyone a new processor or motherboard... (and a pony).

    --
    I don't read your sig. Why are you reading mine?
    1. Re:New processor for everyone! by user32.ExitWindowsEx · · Score: 4, Insightful

      WTF?
      If you can climb all the way to registry-editing admin, why would you waste that trying to disable an update that prevents you from merely reading memory?
      You *ALREADY* owned the box to the point where you could load a custom kernel driver and simply sniff everyone's memory through that at full speed.

      --
      "Evil will always triumph because good is dumb." -- Dark Helmet
  2. So, how is this forced update thing working out? by CptLoRes · · Score: 4, Insightful

    Being on Windows 7 I am still given the choice when to apply any updates. And so I made a decision to not install ANY Meltdown or Spectre related updates until the dust settles. So far it seem to have been the right choice.