Microsoft is currently pushing an update to roll back the problematic Spectre v2 patch (CVE-2017-5715)

[captain_to_fire]

Sources: Bleeping Computer, Microsoft

 

Quote

Microsoft has issued on Saturday an emergency out-of-band Windows update that disables patches for the Spectre Variant 2 bug (CVE-2017-5715). The update —KB4078130— targets Windows 7 (SP1), Windows 8.1, all versions of Windows 10, and all supported Windows Server distributions.

Even though my PC is not experiencing anything wrong with the patch, looks like I'm one of the lucky ones but many are experiencing problems like bricking their PCs or random restarts. Microsoft says:

Quote

While Intel tests, updates and deploys new microcode, we are making available an out of band update today, KB4078130, that specifically disables only the mitigation against CVE-2017-5715 – “Branch target injection vulnerability.” In our testing this update has been found to prevent the behavior described. For the full list of devices, see Intel’s microcode revision guidance. This update covers Windows 7 (SP1), Windows 8.1, and all versions of Windows 10, for client and server. If you are running an impacted device, this update can be applied by downloading it from the Microsoft Update Catalog website. Application of this payload specifically disables only the mitigation against CVE-2017-5715 – “Branch target injection vulnerability.”

PC OEMs also has followed not to release the BIOS update to fix the CVE like Dell and HP. Now for IT personnel and CISOs/CSOs of their respective enterprises, Microsoft has released two knowledge bases in order to avert any attack that exploits the Spectre v2 vulnerability within the Group Policy and Registry while Intel comes up with another patch that doesn't brick computers. 

• KB4073119: Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
• KB4072698: Windows Server guidance to protect against speculative execution side-channel vulnerabilities

It makes me think if ARM and Apple would follow the roll back as these updates do have some performance hits. No recommendation from Microsoft for home users so I guess what everyone can do is wait for the proper Intel fix. I wonder if the roll back update will cause more problems like anti-virus incompatibilities? I hope not.

 

Edited January 29, 2018 by hey_yo_

[ItsMitch]

It's not like they had 6 months to sort it out, nah nah nah, it's ok Microsoft.

[Himommies]

this reminded me of how great XKCD is

excuse me as I take a 4hr break

[Hiitchy]

What is going on at the Intel Headquarters right now? 

[captain_to_fire]

3 minutes ago, SC2Mitch said:

It's not like they had 6 months to sort it out, nah nah nah, it's ok Microsoft.

I mean it's not exactly Microsoft's fault but Intel's fault.

[ItsMitch]

2 minutes ago, hey_yo_ said:

I mean it's not exactly Microsoft's fault but Intel's fault.

Potatoes and patatos, both companies knew of the problems they should of both worked this out by now tho.

[captain_to_fire]

3 minutes ago, SC2Mitch said:

Potatoes and patatos, both companies knew of the problems they should of both worked this out by now tho.

Well at least for the security conscious enthusiast, their hope is to halt that upgrade and wait for the 9th gen Intel processors with the hardware fixes but probably at the expense of a new socket so goodbye LGA 1151.

[ItsMitch]

2 minutes ago, hey_yo_ said:

Well at least for the security conscious enthusiast, their hope is to halt that upgrade and wait for the 9th gen Intel processors with the hardware fixes but probably at the expense of a new socket so goodbye LGA 1151.

Love spending money on new products that'll probably be priced very high me!

[Ryujin2003]

3 minutes ago, hey_yo_ said:

Well at least for the security conscious enthusiast, their hope is to halt that upgrade and wait for the 9th gen Intel processors with the hardware fixes but probably at the expense of a new socket so goodbye LGA 1151.

Shhhhh.. Don't mention sockets.. You'll upset the locals:

 

Well, I'm glad the rollbacks started AFTER I've had issues with my laptop. Thankfully, I had the previous BIOS, so I've rolled that back. And had to do a fresh install of W10 because things were all sorts of wonky... Now I guess I'll wait and hope the un-patch works properly too.

[Sauron]

19 minutes ago, SC2Mitch said:

It's not like they had 6 months to sort it out, nah nah nah, it's ok Microsoft.

It's not Microsoft's fault, Intel botched it. MS doesn't have the full documentation for the cpus.

[captain_to_fire]

8 minutes ago, SC2Mitch said:

Love spending money on new products that'll probably be priced very high me!

I'm fine with what I have now and I'll just wait for the un-botched Intel update. I'm cautious about security but I'm not paranoid and I don't see the need for most people to get rid of their existing CPUs just to get protected from Spectre and Meltdown because there will be more vulnerabilities and exploits waiting to be found as always so to upgrade to 9th gen just to get the hardware fix is just wasteful of money and unnecessary in my opinion.

5 minutes ago, Ryujin2003 said:

Well, I'm glad the rollbacks started AFTER I've had issues with my laptop. Thankfully, I had the previous BIOS, so I've rolled that back. And had to do a fresh install of W10 because things were all sorts of wonky... Now I guess I'll wait and hope the un-patch works properly too.

Microsoft will release the roll back update in waves so it's currently a waiting game for me. 

 

 

[bcredeur97]

why do the KB articles still say to install firmware updates? LOL, Microsoft

[Bouzoo]

Bump.

[Misanthrope]

Now if we could later rollback the rollback to the patch and then patch that rollback of the rollback.

 

Think about it you'd have a patch of the rollback to a rollback of a patch! It's operatic.

[captain_to_fire]

30 minutes ago, Misanthrope said:

Now if we could later rollback the rollback to the patch and then patch that rollback of the rollback.

 

Think about it you'd have a patch of the rollback to a rollback of a patch! It's operatic.

I think System Restore can do that 

39 minutes ago, bcredeur97 said:

why do the KB articles still say to install firmware updates? LOL, Microsoft

Not really as those are just for verification in Power Shell. 

[ignaloidas]

Linux: Fuck Intel, they are scums, but we worked, so here's the patch day after the release of vulnerability.

Windows: Oh, we have a problem you say? Lets try that, push to release. Oh, It didn't work? Let's try this, push to release. Oh, that didn't work as well? Well, I guess we wont fix it for now.