Microsoft pushing out emergency fix for newly disclosed processor exploit

By Dan Thorp-Lancaster
published

Outside of its normal Patch Tuesday cadence, Microsoft is issuing an emergency update to address a recently discovered processor exploit.

Updated 7PM ET: Microsoft is now pushing out KB4056892 (OS Build 16299.192) (opens in new tab) as the official fix.

Following up on the disclosure of exploits that affect Intel, AMD, and ARM processors, Microsoft is rolling out an emergency update for Windows users. In a statement to The Verge, Microsoft also confirmed that it is deploying fixes to its cloud services.

From Microsoft:

We're aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, ARM, and AMD. We have not received any information to indicate that these vulnerabilities had been used to attack our customers.

According to The Verge, Windows 10 users will be automatically updated with the patch today through Windows Update. And while the patch will be available from Microsoft for Windows 7 and 8 users today, they will have to wait until Patch Tuesday to receive it automatically via Windows Update.

The changelog for KB4056892 (opens in new tab) includes:

  • Addresses issue where event logs stop receiving events when a maximum file size policy is applied to the channel.
  • Addresses issue where printing an Office Online document in Microsoft Edge fails.
  • Addresses issue where the touch keyboard doesn't support the standard layout for 109 keyboards.
  • Addresses video playback issues in applications such as Microsoft Edge that affect some devices when playing back video on a monitor and a secondary, duplicated display.
  • Addresses issue where Microsoft Edge stops responding for up to 3 seconds while displaying content from a software rendering path.
  • Addresses issue where only 4 TB of memory is shown as available in Task Manager in Windows Server version 1709 when more memory is actually installed, configured, and available.
  • Security updates to Windows SMB Server, the Windows Subsystem for Linux, Windows Kernel, Windows Datacenter Networking, Windows Graphics, Microsoft Edge, Internet Explorer, and the Microsoft Scripting Engine.

The update follows a whirlwind of developments, starting with initial reports that Intel processors were impacted by a new security vulnerability. Researchers later disclosed virtually all modern processors are affected by two new exploits, dubbed Meltdown and Spectre, that can act as vectors for attackers to access things like passwords, photos, emails, and other sensitive information.

Meltdown is the easier to exploit of the two, according to researchers, and only appears to impact Intel processors. Patches for Meltdown are also already available, including those for Linux, macOS, and today's Windows update. Spectre, on the other hand, impacts a much wider array of processors, including those from Intel, AMD, and ARM. While it's more difficult to exploit, it is also much harder to fix.

Microsoft is also noting what could be a fairly severe "known issue" with this release, which is likely due to the rushed nature of the situation.

Update installation may stop at 99% and may show elevated CPU or disk utilization if a device was reset using the Reset this PC functionality after installing KB4054022.

Microsoft provides instructions (opens in new tab) on how to fix this situation if it should occur.

Dan Thorp-Lancaster
Dan Thorp-Lancaster

Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl

46 Comments
  • Will Windows 10 Mobile devices also have a possible problem and receive an update with the fix?
  • Nothing yet! I'm up to date with my Lumia 950 on Version 1709 build 10.0.15254.124
  • I ran an update check last night and received an update. My factory-unlocked 950 XL is now at 1709/10.0.15254.158. Had to go elsewhere for info on what it includes... https://www.windowslatest.com/2018/01/06/windows-10-mobile-build-15254-1...
     
  • "all modern processors are affected by two new exploits, dubbed Meltdown and Spectre" "Meltdown . . . only appears to impact Intel processors." ???
  • You're splitting hairs. All modern processors have a vulnerability, be that Intel, AMD or ARM. Not all apply to all.
  • Well maybe do better reporting? Lot of missinformation in this post. Sounds like Intels PR Dept. 
  • Well I am not concerned personally. If someone wants my nudy pics they just have to ask. I'm kidding, I have no nudy pics.
  • Pssst.   Hey buddy, do you want some?  The first one is free!
  • Actually, there is a newer patch that was just released with the severity of Critical Updates KB4058702.  http://www.catalog.update.microsoft.com/Search.aspx?q=kb4058702 It is so fresh that as of this posting, there is no info when you go to the link.  I suspect this is the patch that actually addresses the CPU flaws.
  • According to Windows this is already on PC and won't install
  • are you on an insider build?
  • No on build 16299
  • "This update is not applicable to your computer"
  • Oh goody, my work issued Lenovo will get the patch in June or something. The IT department is a joke (HUGE multi-national company). So slow (we use IE)...
  • Did you ask them? We to hold back on updates until they are proven, but we still have the ability to push critical updates should we want to.
  • Actually, the update trashed a lot of Asus tools which hundres of thousands of users are using on an every day. While June sounds ridiculous it´s certainly a good idea to hold off and until compatibility has been verified for critical applications. 
  • You sure about that? My huge company holds off on the major updates like the Fall Creators Update, but anything security related is fast tracked and is deployed within days. Someone has to vet the effects of a major update before all the end users throughout the company get it, to make sure all the business-critical applications are unaffected. Our last OS update was issued the last week of December, and I expect an update for this issue to rollout any day now. BTW, you are probably running Windows 10 Enterprise, which means no Edge/IE-only. It's not like you are really missing anything without Edge.
  • UPDATE KB4056892 applied to ASUS motherboards where the user has installed ASUS AISuite resulted in crashing of AISuite rendering it useless. Tested on 5 AMD ASUS Motherboards - all resulted on ASUS software crashes.
  • I have the same issue. It's only the AI Suite and my GPU software. I can live without both until they patch it. No big deal.
  • AI Suite is horribly unstable anyway though, and causes issues with many other common bits of software. Uninstalling that stuff is a great move and worth doing anyway.
  • So about my phone.....
  • Might get some attention as an after thought. Best to avoid installing new app releases until then in case they use the exploit. Frankly, any new apps released at this point for Windows phone are going to have a suspicious objective anyway though, right? I doubt you'll have many queuing up for your attention.
  • Has anyone who installed this update experienced any perfomance drops?
  • I have been update and it's not effect for performance.
  • Hopefull i get update for my Lumia 930 Windows 10 too!
  • I tried the patch. It installed successfully but still on 16299.125, I checked installed updates no errors. Will have to wait for next update.
  • It appears that if you have MalwareBytes installed the PC will not download or install the update.  
  • I just got the update on my Surface pro. ( came thru Windows update) went fast and painlessly.
    My version is now 16299.192 .
    No slow down or anything...all good
  • On 2 laptops this night update KB4056892 (OS Build 16299.192) downloaded and installed. On my Lumia 950 still nothing changed!?!
  • Patch Tuesday for mobile
  • Receive it in the Netherlands Saturday night around midnight. Is Tuesday more too expect? Now 15254.158
  • How is the change in performance for ur laptops? And what configs do they have?
  • I'm not seeing any patch as of 01/04/2018, and I think it's weird. I'm not on Insider.
  • I had to upgrade to the fall creators update to get the KB4056892 patch.... T_T. 
  • Really? Where is the emergency update for the December update that has poor pc's and tablets sitting in a never ending "Windows is getting ready" loop????
  • Nutella
  • Can anyone confirm the post-patch performance on a mid range pc with 4th gen i5 and probably a gtx 970 or a 1060? Thats the pc i have and benchmarks allover internet are on extremely powerful pcs which i think isn't ideal to judge the current situation. Can anyone help?
  • Forums would be the best place for that question.
  • Just downloading build # 15254.158 for my Lumia 950 now
  • Hi! On my old Lumia 640 successfully updated the patch😀 my 6 year old amd powered desktop pc received the fix and works fine after all no slow down. 
  • Yes I also have recieved and installed on my Lumia 950 in the Netherlands
  • WARNING: Do NOT install KB4056892 on old AMD processor systems, like Athlon 64 X2. !!!!! This will lock down your PC to an unrecoverable situation. My old PC (with AMD Athlon 64 X2 3800+) did not reboot after the update. I had a blue Windows logo with no activity whatsoever. I attempted a system restore (I had a system restore point) and windows actually did NOT restore and DESTROYED my restore point, that is no longer available. The system doesn't boot anymore and there is no way to restore. Reverting to previous OS version doesn't work and no other solution is availble. The system is completely dead and it is probably necessary to reinstall Windows from scratch. Damn it! This very serius bug is being reported on sereral forums, but nobody has found a solution yet. Microsoft has not acknowledged it yet and somebody is speculating they will eventually put old microprocessors out of support for Windows 10. I hope this is not the case. Microsoft quality assurance is becoming worse and worse.
  • @t4103168 So sorry to hear that. What kind of system are you running? My sister's Windows 10 laptop, which is a Dell Inspiron 15R, installed the update just fine last night. It has 8GB of memory, an Intel i5 processor, and a 1TB hard drive. Ever since the Fall Creators Update, it appears that Windows 10 has been more stable for her as of late. Aside from privacy, the biggest gripe that I have had with this OS since it forced the free update from Windows 7 to 10 is the updates. Microsoft has been treating their users like a bunch of test monkeys ever since the launch of Windows 10 and it drives me up the wall more often than not. Back when it first launched, I had nothing but problems trying to install the lousy updates and most of them would always either revert the changes or get stuck on a black screen with the dotted circle spinning around. Very annoying and inconvenient in my opinion but as I previously mentioned, things do at least seem to be improving now. My only hope is that things will remain more stable from here on out.
  • Hi, it looks very odd for me. I am using a PC with intel core i5 - 3550 CPU and a gigabyte motherboard and I an in Insider Preview build 17063, but I don't find any fix ( update) for my PC. My Surface Pro 4 has already been updated for this new threat but nothing for PC yet, am I missing something?
  • Got some 1709 updates 3 days ago and my i7 5820k pc is constantly rebooting per hour, sluggish response even to simple programs like taskmaster indicating NO RESPONSE.   Have never had a problem with a zippy fast pc, now the situation is a disaster.  
  • This update bricked my laptop stuck at 99% then it got stuck saying do not turn off. On debuting the MBR is lost the only way is to get it in to safe mode and uninstall but remove all network connections as it will try and re download I have managed to block this update but it now says my pc is out dated. This laptop is a medical one linked to a hart monitor and yes it' a older Amd chip but it works on windows 10. Clearly this update has not been checked it should not of been rolled out to older chips or we need the feature not to install back instead of forcing updates so yo all with older Amd chips dont install this