Microsoft is releasing a second out-of-band security update for its operating systems this month. The update is a fix to the issues that came into light after Intel’s Spectre security patch were applied to various systems.
Last week, Intel warned users to not install its Spectre security patch, and confirmed that the updates have been buggy leading to spontaneous reboot of systems. The Santa Clara-based chipmaker then confirmed that the security update could even lead to data loss or corruption while revealing its financial results.
Intel has been suggesting PC makers and customers to not apply the security patch. Now, Microsoft is taking the adverse step of issuing a software update to prevent the software update released by Intel. In simple terms, Microsoft has released an update to fix the flaws found on Intel’s security fix.
The update is available for Windows 7, Windows 8.1 and Windows 10 systems, and it blocks Intel’s protection against Spectre variant 2. The update is being released as part of Windows Update catalog, and Windows users will need to manually download the update. Microsoft says that the update has been found to prevent reboots that have been occurring after patching systems with Intel’s update.
The Meltdown and Spectre vulnerabilities affecting chipsets designed by Intel, AMD and ARM Holdings and web browsers supporting WebKit were first revealed early this month. Intel later clarified that it has worked with security experts and operating system developers to patch all the systems against the bug. However, the process of patching for Spectre variant 2 hasn’t been that smooth after all.
The updates meant to patch the vulnerability have been buggy, and even made it impossible to boot some AMD machines. The release of two emergency Windows updates in a month, the critical nature of these updates, and the fact that these tech companies have been scrambling to issue fix since the vulnerability was made public.
Intel has also confirmed that it has identified the cause for these unexpected reboots on systems using Broadwell and Haswell processors, and is working on a revised update that will address the exploit without causing random reboot. Intel says it is also working on solutions for machines powered by Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake processors.
In addition to this out-of-band security patch, Microsoft has also released a new registry key setting allowing IT admins to manually disable or enable the Spectre variant 2 protections. As more updates get released in the coming weeks, one can only hope for it being free from any bug.