Microsoft releases update to roll back problematic Specter patch

Spread the love

Over the weekend, outside of its usual monthly patch round, Microsoft released an update that allows users who experience reboot issues after installing the Specter patch to roll it out.

Microsoft writes: “As Intel tests, updates and releases new microcode, we are making an update available outside the normal schedule that disables protection against the second variant of Specter.” With that, Microsoft is responding to the warning Intel published a week ago asking users not to apply the patch for the Specter variant, because it causes reboot problems on certain systems. It published a list of processors showing issues after the update.

People with a system on that list who are experiencing issues can run the update, according to Microsoft. It has the designation KB4078130 and applies to Windows 7 SP1, 8.1 and 10. This disables protection for the second variant of Specter, also known as branch target injection. Microsoft writes that it is not aware of attacks that exploit this vulnerability. It recommends that affected users reinstall the patch as soon as Intel releases stable code.

In addition, Microsoft offers users the option to manually disable protection against this variant by performing a registry modification. The company has made manuals available for ‘IT Pros’ and server administrators. Microsoft isn’t the only company giving users the option to roll back the patches after Intel’s warning. HPE and Dell, among others, did the same.

The Wall Street Journal published an article over the weekend in which the paper reported citing sources that Intel had notified a number of Chinese companies, including Lenovo, of the Meltdown and Specter leaks before notifying the US government. Some other major companies were also aware of the leaks and, after their publication, were able to inform their customers that measures had already been taken. Smaller companies are still taking measures, the newspaper said.

You might also like