Microsoft issued an out-of-band patch over the weekend to disable Intel's own buggy fixes for the Spectre flaw. The patch is intended to help resolve an issue causing unwanted reboots on some PCs while Intel works on a fix of its own (via The Verge).
Intel last week confirmed that it had found the root cause of an issue causing PCs to randomly reboot after applying its Spectre fix. The chipmaker says it is working on a fix, but has recommended that PC manufacturers and customers stop installing the firmware update. In the meantime, Microsoft has released an update for systems that have already installed Intel's fix. From Microsoft:
While Intel tests, updates and deploys new microcode, we are making available an out of band update today, KB4078130, that specifically disables only the mitigation against CVE-2017-5715 – "Branch target injection vulnerability." In our testing this update has been found to prevent the behavior described.
The patch is only available as a manual update from the Windows Update Catalog, and it covers Windows 7, Windows 8.1, and Windows 10 machines. Once installed, the patch should prevent random reboots from occurring, but you'll no longer be protected against Spectre variant 2.
Intel has stated that the root cause of the reboot issue has been identified for Haswell and Broadwell systems, but it's unclear where others stand. Other affected platforms include Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake CPUs, Intel previously revealed.
Although Intel's patches have been a cause for concern, other companies were quick to respond to the Meltdown and SPectre disclosure with their own fixes as well. Microsoft quickly outed an emergency patch for Windows systems, with a dedicated firmware update for Surface devices not long after. AMD also revealed optional patches, despite claiming the exploits pose a "non-zero" risk to its hardware. NVIDIA also responded with software patches for its GPU drivers.
