Intel’s first attempt at mitigating two major vulnerabilities in its microprocessors led to PC reboot and behavior problems, so Microsoft has come out with Windows patches to fix Intel’s fixes.
Microsoft’s updates are aimed at Windows Server users as well as consumers with Windows 7, 8.1 and 10. Designed to prevent problems related to Intel’s flawed patches for the Spectre vulnerability, the Microsoft fixes must be downloaded manually from the company’s Windows Update catalog. They do not apply to Meltdown, the other major Intel chip bug.
Following reports of issues with its initial fixes, Intel last week advised hardware and software vendors and partners to stop rolling out those patches to customers. Microsoft’s patches are designed to resolve problems in machines that have already received the Intel patch and to prevent unpatched devices from installing Intel’s patch.
While year-end financial results released last week show Intel enjoyed record earnings in 2017, the company could yet see long-term fallout from the Spectre and Meltdown hardware bugs. Further fallout could likely be in relation to reports that Intel CEO Brian Krzanich sold millions of dollars’ worth of personal stock before the public was made aware of the vulnerabilities, and that Intel notified a select group of customers, including Chinese tech firms, about the bugs before informing U.S. officials.
Software and Firmware Updates Required
Upon announcing its patches on Friday and Saturday, Microsoft said affected customers will also need to deploy processor microcode, or firmware, updates through their device manufacturers. Microsoft added that it was also working on mitigations to prevent Intel-related problems with its Internet Explorer and Edge Web browsers.
“While Intel tests, updates, and deploys new microcode, we are making available an out of band update today, KB4078130, that specifically disables only the mitigation against CVE-2017-5715 — ‘Branch target injection vulnerability,’” Microsoft said…