PhotoWindows users received an emergency update over the weekend as Microsoft raced to address yet another issue in the Meltdown/Spectre malware saga.

In this case, Microsoft's action was specifically designed to disable a fix that Intel issued to neutralize the Spectre Variant 2 attack. Unfortunately, that fix reportedly caused machines to reboot unexpectedly. Microsoft additionally claimed the Intel fix could, in come cases, cause a loss of data or file corruption.

To prevent users from losing data, the Windows update disables Intel's fix that addresses CVE-2017-5715, otherwise known as the Variant 2 Spectre attack.

The issue arose in early January as reports began to surface of a design flaw in some Intel processors. Intel responded that the issue affected all processors, including those made by other manufacturers.

Initial concerns focused on performance, with some reports claiming that Intel's fix could significantly slowed a computer's speed. Intel denied this, saying performance would vary depending on workloads.

Not exactly a smooth process

But addressing the security flaw has not exactly been a smooth process. Three weeks ago, Microsoft briefly suspended its Windows update for AMD processors after it heard from some customers who said their machines would not boot up after the update.

"After investigating, Microsoft has determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown," the company said at the time.

Those updates have now resumed without incident. Intel, meanwhile, told customers last week to refrain from installing current firmware updates designed to counter the threats until further instructions.

Meanwhile, The Wall Street Journal reports Intel informed some of its customers in China about the security flaw before it told the U.S. government about it.

The Journal quotes an Intel spokesman as saying it intended to inform government agencies about the newly discovered flaw, but the news became public before it could act.


Share your Comments