Video: Fake Meltdown-Spectre patch emails hiding Smoke Loader malware
Microsoft has released new updates for Windows 10 that resolve an issue in its Meltdown and Spectre patches that caused some AMD systems to become unbootable.
If you’ve got an AMD PC and couldn’t install the most recent Windows 10 security update, it is now possible to do so without causing your PC boot problems.
Microsoft last week halted security updates for multiple releases of Windows 10 running on AMD PCs. AMD last week confirmed that the issue affected AMD Opteron, Athlon, and AMD Turion X2 Ultra CPUs, and that it was working with Microsoft on a fix.
These issues have been addressed in a round of new updates for multiple versions of Windows 10 released yesterday.
A sparse release note states: “An update is available to fix the following issue that occurs after you install January 3, 2018–KB4056892 (OS Build 16299.192): AMD devices fall into an unbootable state.”
AMD users should get the fixed patch through Windows Update and WSUS, as Microsoft’s previously outlined in the original update.
Microsoft has also released Windows 10 builds 1506.877 and 14393.2034, respectively for the Creators Update (version 1703) and the Anniversary Update (version 1607). People with AMD PCs on these versions of Windows 10 should be able to safely install these updates, too.
Both builds’ release notes state that the update “addresses issue where some customers with AMD devices get into an unbootable state”.
Both updates list as known issues that some non-Microsoft antivirus isn’t compatible with Windows fixes for Meltdown and Spectre.
As ZDNet reported last week, the update will only install if the antivirus vendor has updated its product with a special Windows registry key that confirms compatibility with the Windows patches for Meltdown-Spectre. The patch contained kernel mitigations that clashed with techniques used by some antivirus, resulting in BSOD errors.
While it’s been hard to miss the news about the Meltdown and Spectre attacks, the antivirus compatibility issue apparently has gone under the radar for a lot of IT admins, according to Boston-based security firm Barkly.
The firm says a failure by Microsoft and antivirus firms to proactively notify customers about this compatibility issue has resulted in a large number not having received the January Windows update yet. The update is important as it contains fixes for other bugs besides Meltdown and Spectre.
Barkly ran a small survey with 75 IT pros and found that 46 percent aren’t aware that Microsoft required their AV vendor to set a registry key. It also found that only 42 percent of respondents have been told by their AV vendor whether its product is compatible with the Windows security update.
While most antivirus vendors have now set the registry, only a quarter of respondents said their AV had done so for them, while 20 percent report that their AV vendor has recommended the customer set it themselves. However, most customers that have been told to set the registry key manually fear doing so due to the impact it may have on systems.
The end result is that a significant number of machines haven’t been patched. According to Barkly, 26 percent of respondents said no machines they are managing had received the update one week after it was available. A further quarter of respondents said less than 25 percent of their PCs have been updated.
Previous and related coverage
Intel’s firmware fix for Spectre is also causing higher reboots on Kaby Lake and Skylake CPUs.
The enterprise software giant is working on Spectre fixes for Solaris on Sparc V9.
Criminals have yet to exploit Meltdown and Spectre, but they’re playing on users’ uncertainties about the CPU flaws in their malware and phishing schemes.
Now Linux distributions get hit by Meltdown patch issues.
Roughly a week after the update was released, many machines still lack the fix for the critical CPU vulnerabilities.
Our devices may never truly be secure, says the CEO of the company that designs the heart of most mobile chips.