Microsoft security update trumps Intel's Meltdown and Spectre fix

null

An emergency Windows update has been released by Microsoft that disables Intel's problematic microcode fix for Spectre Variant 2 that was known to lead to frequent reboots and stability issues

The company discovered that the chipmaker's fix for the Spectre attack not only caused reboots and stability issues but could also lead to data loss or corruption in certain circumstances. 

Microsoft justified its actions by pointing out the fact that Intel had mentioned its microcode fixes could lead to data loss or corruption in a press release to investors, saying: 

“Security vulnerabilities and/or mitigation techniques, including software and firmware updates, may result in adverse performance, reboots, system instability, data loss or corruption, unpredictable system behavior, or the misappropriation of data by third parties.” 

Before that time, the chipmaker had only informed users that its update could cause unexpected reboots and unpredictable behaviour on systems utilising its latest processors

Microsoft offered further details on its decision to disable Intel's microcode fix, saying: 

“Our own experience is that system instability can in some circumstances cause data loss or corruption.  We understand that Intel is continuing to investigate the potential impact of the current microcode version and encourage customers to review their guidance on an ongoing basis to inform their decisions.” 

In an effort to prevent data loss from Intel's Spectre updates, Microsoft released an out-of-band update which disables Intel's fix for the Variant 2 Spectre attack.

The company's update that removes the problematic patch is available for Windows 7 SP1, Windows 8.1 and all of the client and server versions of Windows 10.  The update is currently available from the Microsoft Update Catalog website and while it disables Intel's microcode fixes it does leave the fixes for the other two Meltdown and Spectre vulnerabilities intact. 

Image Credit: StockStudio / Shutterstock