Microsoft's latest Windows patch toggles off Spectre protections after Intel warns of reboots

If you own a Windows PC that seems buggier than usual after the recent round of Spectre patches, you might want to download this.

If you’ve noticed any unexpected reboots or PC instability as a result of the recent Spectre patches, there’s a solution: Microsoft has issued a patch that rolls back the recent Spectre mitigations.

Confused? It’s a bit complicated. After the intial Spectre and Meltdown vulnerabilites were disclosed, both Intel and Microsoft hustled out patches to mitigate the problem. Unfortunately, Intel’s latest microcode updates—and the BIOS updates from PC makers based upon them—were themselves buggy, causing instability and reboots in some PCs.

The solution? Turn off the recent patches. Microsoft's latest patch (KB4078130allows those with affected systems to download the patch via the Microsoft Update Catalog, which disables the mitigations for the “Spectre variant 2”.

Note that the patch notes specifically state that oyou should run this patch “if you are running an impacted device” (emphasis ours). In other words, if your system is working normally, don’t bother downloading this patch. This is what Microsoft calls an “out of band” patch, and it doesn’t appear that it will be made available via Windows Update, either.

Why should you consider it? Intel has warned previously that the faulty patch can sometimes cause data loss and corruption, and Microsoft is saying the same: “Our own experience is that system instability can in some circumstances cause data loss or corruption,” the patch notes state. As of January 25, Microsoft adds, there have been no reports to indicate that the Spectre 2 variant has been known to attack customers.

There’s another wrinkle, though. As part of the patch, Microsoft is allowing users to edit the Windows registry to toggle the mitigations on or off. (Instructions are here.) It’s possible to toggle Microsoft’s patch off, and then, when Intel solves its own patching problem, re-enable it. That scenario is actually what Microsoft recommends—again, ony if you’ve noticed system instability and want to take action against it.

Toggling the mitigations on and off is also a feature of the latest InSpectre utility.

As Bleeping Computer noted, system makers such as Dell and HP also advise rolling back their own BIOS patches to an earlier version, which they’re redeployed. It’s all horrendously confusing for consumers and IT organizations alike. Fortunately, at least, there haven’t been any public cases of these vulnerabilities being exploited.

What should you do? There’s no one-size-fits-all answer to this question. But we can tell you what we’re doing: if a PC is working as expected, we’re leaving it patched and in place. If you’re backing up your data (to the cloud or an external drive) chances are your data wil be saved in case your system goes down unexpectedly. But there’s no perfect solution—if you’re more paranoid than we are, feel free to deploy the patch. Good luck!

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags MicrosoftHPDell

More about DellHPIntelMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mark Hachman

Latest Videos

More videos

Blog Posts

Market Place