Skip to main content

Grab this Microsoft update now if your PC was affected by the Spectre fixes

Microsoft
Image used with permission by copyright holder
The last few weeks have been rough for technology manufacturers and users alike, with the Meltdown and Spectre exploits making headlines and requiring fixes that can slow down our gadgets. Intel issued microcode fixes for its own CPUs meant to address the issue and then quickly retracted them due to system reboots and instability. Now, Microsoft has concluded that fixes meant to address the Spectre Variant 2 exploit are bad enough to cause data loss, and its issued its own fix.

For now, this fix comes via a support bulletin that it issued the following statement:

“Intel has reported issues with recently released microcode meant to address Spectre Variant 2 (CVE 2017-5715 Branch Target Injection) — specifically Intel noted that this microcode can cause “higher than expected reboots and other unpredictable system behavior” and then noted that situations like this may result in “data loss or corruption.” Our own experience is that system instability can in some circumstances cause data loss or corruption. On January 22, Intel recommended that customers stop deploying the current microcode version on impacted processors while they perform additional testing on the updated solution. We understand that Intel is continuing to investigate the potential impact of the current microcode version and encourage customers to review their guidance on an ongoing basis to inform their decisions.”

Microsoft’s response, for now at least, is to simply turn off the mitigation against Spectre Variant 2. It provided an update that users can run at the Microsoft Update Catalog site, along with steps to manually disable and enable the mitigation by modifying the registry. The registry is a finicky thing, though, and so be careful if you choose the latter route.

While it’s usually a bad idea to turn off security measures meant to protect against known exploits, in this case, the damage that Intel’s bad microcode can cause clearly outweighs what Microsoft considers to be a negligible potential for harm. According to the company, there have been no known attacks based on Spectre Variant 2, at least as of Thursday, January 25.

Microsoft will likely issue a more widely available update once its official Patch Tuesday update rolls around next month. This emergency out-of-band update might be worth running in the meantime, though, particularly if any of your PCs have been acting a bit crazy since being updated with the Spectre fixes.

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Microsoft’s DirectStorage can now boost your game loading times by 200%
Person using a gaming monitor.

Microsoft's DirectStorage 1.1 update is here, and it's definitely one that gamers won't want to miss.

With the new version of the API, Microsoft promises up to 200% faster game load times -- all thanks to GPU decompression. Here's how you can try it out for yourself.

Read more
Microsoft Edge now warns when your typos can lead to being phished
Microsoft Defender SmartScreen helps protect users against websites that engage in phishing and malware campaigns.

Microsoft has detailed its latest effort to protect against various types of fraud that can happen via a method as simple as spelling a website URL incorrectly.

The company has announced as of Monday that it is adding website typo protection to its Microsoft Defender SmartScreen service, to aid against web threats such as “typosquatters.” These types of cybercrime can include phishing, malware, and other scams.

Read more