Tuesday, January 9th 2018

Microsoft Halts Meltdown-Spectre Patches to AMD PCs as Some Turn Unbootable

Microsoft late-Monday halted Meltdown and Spectre security patches to machines running AMD processors, as complaints of machines turning unbootable piled up. Apparently the latest KB4056892 (2018-01) Cumulative Update causes machines with AMD processors (well, chipsets) to refuse to boot. Microsoft has halted distributing patches to PCs running AMD processors, and issued a statement on the matter. In this statement, Microsoft blames AMD for not supplying its engineers with the right documentation to develop their patches (while absolving itself of any blame for not testing its patches on actual AMD-powered machines before releasing them).

"Microsoft has reports of customers with some AMD devices getting into an unbootable state after installing recent Windows operating system security updates," said Microsoft in its statement. "After investigating, Microsoft has determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown," it added. Microsoft is working with AMD to re-develop, test, and release security updates, on the double.

Update (09/01): AMD responded to this story, its statement posted verbatim is as follows.

AMD is aware of an issue with some older generation processors following installation of a Microsoft security update that was published over the weekend. AMD and Microsoft have been working on an update to resolve the issue and expect it to begin rolling out again for these impacted shortly.
Source: The Verge
Add your own comment

51 Comments on Microsoft Halts Meltdown-Spectre Patches to AMD PCs as Some Turn Unbootable

#1
R-T-B
I installed 4056892 with no issues. Wonder what I invited to happen...
Posted on Reply
#2
dj-electric
What a huge collateral mess this whole thing is. If only Microsoft could intrude us a bit less with the horrendous combination of UEFI and their lack of proper QA
Posted on Reply
#4
VulkanBros
Do not know who to blame most....Intel or Intel :slap:
Posted on Reply
#7
JB_Gamer
Why the Ryzen image???

btarunr - pls remove it!!!
Posted on Reply
#8
_JP_
Found this by digging the links:
Based on other reports, this is effecting Windows 10, Windows 7, Windows Server 2008 R2, 32-bit and 64-bit installs for all older AMD CPUs. It is not related to the anti-virus registry key. Many reports are running standard Microsoft Security Essentials. AMD CPUs effected include Athlon, Sempron, Opteron and Turion:
  • AMD Athlon X2 6000+
  • AMD Athlon X2 5600+
  • AMD Athlon X2 5200+
  • AMD Athlon X2 5050e
  • AMD Athlon X2 4800+
  • AMD Athlon X2 4600+
  • AMD Athlon X2 4200+
  • AMD Athlon X2 3800+
  • AMD Athlon X2 BE-2400
  • AMD Opteron 285
  • AMD Opteron 2220
  • AMD Turion X2
Found Here.
@btarunr please update the image to reflect that the issue happens on older chipsets and/or add more information, Ryzen seems not to be affected so far. As it stands, it is vague and creates FUD around which AMD products this is being affected, with reports so far pointing to K8-era hardware. It is enough that this is already happening with Intel CPUs.

Minor edit for completeness.
Posted on Reply
#9
john_
If this patch is only for Spectre I will not say if this is AMD's or Microsoft's fault.
If this patch is also for Meltdown, then I would advice this F*(&**&( company to stop trying to make AMD processors look as bad, in this case, as Intel CPUs. Meltdown is an Intel ONLY issue.

In any case I will also advice this lovely company to buy a few AMD systems for proper testing and not assume that whatever works on Intel will also work on AMD. It's the same case as with game developers 5-10 years ago, before the GCN consoles, where they where testing their games only on Nvidia systems, making AMD's drivers look bad.
Posted on Reply
#10
Manu_PT
1- This is not affecting Ryzen CPUs at all-

2- This whole meltdown thing just shown me how much people around the world are biased towards Intel. Everyone, including media, are basically trying to hide what is the biggest security flaw ever in the history of technology and making it seem like is just a "patchable" thing that dissapears once you patch it.

We are talking about a flaw that can compromise ANY PC, be it consumer or enterprise. And everyone trying to convince people that they just need to patch it and that is WRONG. This meltdown thin is NO JOKE, a patch can always be reversed by a hacker, when the flaw is physically on the CPU. The correct posture from the media was to tell everyone to switch platform ASAP! And no I´m not over reacting. This is not happening because everyone knows Intle has like 95% of the market and it would be a disaster with everyone needing to change computer. But this just shown me how we are "controlled", we are shills, that´s all. Anyone is at risk right now using Intel CPUs with this meltdown thing. Your bank account details, your credit card infos, your passwords, everything is at risk. Yes the patch made it a bit more difficult, but what do you expect? Do you really think hackers will stop trying to do their thing because of a patch? A patch that they will eventually find ways to exploit and steal all your info from your kernel? Sure, good luck on that fellas.

The way media is handling this situation is shocking to me. Meanwhile Intel is announcing new products on CES (NUC with kaby lake + Vega, new coffee lake motherboards), the other brands are announcing new laptops and system with Intel CPUs like NOTHING HAS HAPPENED, and THIS IS WRONG. You are making everyone fool. NO ONE SHOULD USE CPUs WITH MELTDOWN ISSUE, PERIOD. DO NOT SUPPORT THESE COMPANIES TRYING TO FOOL YOU.

Sorry for the rant, but this whole situation made me mad because I´m into this kind of stuff and I know how harmful meltdown is.
Posted on Reply
#11
londiste
Manu_PT, the situation is more complex than that.

The better way to look at this is that Spectre is a new family of vulnerabilities, affecting most modern processors. Meltdown is a subset of that, a specific vulnerability affecting (almost) all Intel processors. The way things have turned out is a bit strange, especially considering the initial reaction and coverage.

Meltdown mitigation measures in the form of KAISER-type patches (KPMI in Linux and functionally similar patches for Windows and MacOS) are fairly effective. While not resolving the issue, it is an effective mitigation of this particular hardware issue. At this time, Linux has AMD processors excluded and same appears to be true for Windows patches (it's a bit more complex as the same update includes parts for Spectre mitigation). And yes, this causes a measurable performance hit for Intel processors. Initial estimate of maybe 5% in general and worst cases 30% appears to be accurate as well.

Meltdown patch cannot be reversed by hacker, at least not from within the patched operating system.

Spectre is like opening a whole can of worms and it does affect almost all current processors (all, if we look at desktop). There is no straightforward fix Spectre class of vulnerabilities. There are mitigation measures that are being taken. This includes updates to firmware, microcode, operating system kernels and even pieces of software separately.
Posted on Reply
#12
Jism
Imagine you'd had a computer which u use for business related stuff. All your administration, financial and documents are on that. Then there comes a pushed update by MS, basicly breaking your computer. You need to dial in an expert to fucking solve the mess others did'nt test enough. Sue the shit out of MS for pushing idiot updates like this without any proper testing.
Posted on Reply
#13
Katanai
I'm on Intel but I won't update anything for at least a month. The latest version of Firefox is patched against this so I think I'm kinda covered. I will just wait and see if they make a better patch for this mess with less performance penalty. I advise anyone to wait for them to sort this out, this is an artificial panic, there are no viruses who exploit these things right now, so the best option is to wait for a better patch...
Posted on Reply
#14
64K
It would seem to me that MS could afford to buy a few PCs for testing before spewing out updates and spend a little more on QA considering that for 2017 they had......

90 billion dollars in revenue
21 billion dollars in profit

and they are sitting on a massive hoard pile of cash of around 130 billion dollars.

https://www.microsoft.com/investor/reports/ar17/index.html
Posted on Reply
#15
RH92
Agree with most peoples here , if anything else Microsoft should had tested some AMD systems before pushing the fix . Not only it makes sense but it's mandatory practice !
Posted on Reply
#16
Manu_PT
"londiste said:
Manu_PT, the situation is more complex than that.

The better way to look at this is that Spectre is a new family of vulnerabilities, affecting most modern processors. Meltdown is a subset of that, a specific vulnerability affecting (almost) all Intel processors. The way things have turned out is a bit strange, especially considering the initial reaction and coverage.

Meltdown mitigation measures in the form of KAISER-type patches (KPMI in Linux and functionally similar patches for Windows and MacOS) are fairly effective. While not resolving the issue, it is an effective mitigation of this particular hardware issue. At this time, Linux has AMD processors excluded and same appears to be true for Windows patches (it's a bit more complex as the same update includes parts for Spectre mitigation). And yes, this causes a measurable performance hit for Intel processors. Initial estimate of maybe 5% in general and worst cases 30% appears to be accurate as well.

Meltdown patch cannot be reversed by hacker, at least not from within the patched operating system.

Spectre is like opening a whole can of worms and it does affect almost all current processors (all, if we look at desktop). There is no straightforward fix Spectre class of vulnerabilities. There are mitigation measures that are being taken. This includes updates to firmware, microcode, operating system kernels and even pieces of software separately.
Spectre is not as dangerous as Meltdown! Not even close! Also AMD chips are only affected by 1 variant, wich means it can only be hacked if you access it physically! Meltdown is not solved by a patch, it includes the whole working method of Intel CPUs and it exposes EVERYTHING, while Spectre expose random information that you need to be lucky to have what you want (bank details etc) and while it is harder to fix it is SO MUCH HARDER to exploit. Spectre to me isn´t anything different from any other security flaw around. It seems media is talking about spectre in a way to mask meltdown issue or something like that, wich I find shocking. Meltdown was fixed simply by using a patch (line of code) that tells the CPU not to do the things like it was suppose to, that´s all. That can be hacked in no time and the CPU will start doing its stuff like it was programmed to do and a hacker can steal all the information on the kernel again! Is completly unsafe for anyone in the world right now to use CPUs with this flaw, doesn´t matter how many patches you release.

Media and big corporations manipulate everyone. Is shocking. This meltdown thing is no joke and should be terminated immediatly. Yes I know it would give a big loss to a lot of people but one day things will get worse, trust me they will. The correct thing to do, if we lived in a world not controlled by superior corporations, was telling EVERYONE to change their systems immediatly. Not keep releasing CPUs with meltdown flaws and annoucing new product lines with it. All of this is shocking to me. I was never the conspiracies kind of guy, but this situation called my attention to the current world we live now. Because I´m into this stuff and I know what meltdown flaw is. It is shocking, trust me. No other flaw in the past beat this one, not even the PSN servers thing in 2011 or the XBlaster on Windows XP in 2001.

All my systems were Intel and I´m currently switching everything to AMD. No way I want to run a flawed CPU 24/7, I will not wait for some hacker to reverse the patch line codes and do his thing, now that the flaw is known worldwide and anyone that can read code lines can debunk it. Easy! Too easy!
Posted on Reply
#17
londiste
None of Spectre/Meltdown attacks require physical access.
Meltdown is effectively solved by the patches that are being rolled out. The core of what the Meltdown patches do is to clean cache (and TLB) during context switch.

Edit:
Pretty much all of Manu_PT's last post is wrong, except the first sentence.
"Manu_PT said:
Spectre is not as dangerous as Meltdown!
And even that is subjective. Meltdown seems to be much easier to mitigate.
Posted on Reply
#18
Jism
That people actually believe, that a 'patch' will solve this thing, lol. Patch will be overwritten and your system is back to being vulnerable again. It takes some time for hackers to develop a serious exploit.
"londiste said:
None of Spectre/Meltdown attacks require physical access.
Meltdown is effectively solved by the patches that are being rolled out. The core of what the Meltdown patches do is to clean cache (and TLB) during context switch.

Edit:
Pretty much all of Manu_PT's last post is wrong, except the first sentence.
And even that is subjective. Meltdown seems to be much easier to mitigate and for both this reason and others practical attacks are likely to be more dangerous for Spectre.
You sure? If a hacker would succesfully write his own patch to disable that patch, then that CPU goes back to doing normal thing again, making it vulnerable. He is right. The scale of Meltdown is easily underestimated. Every intel CPU is vulnerable. It would be a different story if that patch would bin applied by CPU micro code or BIOS fix, not Software / OS fix.
Posted on Reply
#19
D3m
Hello.

Should I uninstall KB4056982 which i installed manualy? I have a AMD 7th. Generation APU A6-9500B.

Regards.
Posted on Reply
#20
londiste
"Jism said:
You sure? If a hacker would succesfully write his own patch to disable that patch, then that CPU goes back to doing normal thing again, making it vulnerable. He is right. The scale of Meltdown is easily underestimated. Every intel CPU is vulnerable. It would be a different story if that patch would bin applied by CPU micro code or BIOS fix, not Software / OS fix.
If hacker can overwrite operating system kernel, he has no need for Meltdown, Spectre or any other vulnerability. The machine is already his.

"D3m said:
Should I uninstall KB4056982 which i installed manualy? I have a AMD 7th. Generation APU A6-9500B.
It installed without issues? Have you noticed any problems after that? If not, there should be no reason to do anything.
Using Powershell you can check what the patch actually did apply:
https://betanews.com/2018/01/05/microsoft-powershell-meltdown-spectre-script/
For AMD CPUs, in the Speculation control settings for CVE-2017-5754 [rogue data cache load] section it should show - Hardware requires kernel VA shadowing: False
Posted on Reply
#21
Manu_PT
"londiste said:
None of Spectre/Meltdown attacks require physical access.
Meltdown is effectively solved by the patches that are being rolled out. The core of what the Meltdown patches do is to clean cache (and TLB) during context switch.

Edit:
Pretty much all of Manu_PT's last post is wrong, except the first sentence.
And even that is subjective. Meltdown seems to be much easier to mitigate.
Sure, and a patch is... lines of code. Ever heard of reverse engineer? Simple as that and your CPU is back to what it was programmed for, put stuff on the kernel. Hackers can leak what they want nowadays, they can hack complex systems with important information, and open doors on really protected datasystems. And you think it is hard to reverse engineer a simple OS patch? Sure. Good luck dude!
Posted on Reply
#22
londiste
"Manu_PT said:
Sure, and a patch is... lines of code. Ever heard of reverse engineer? Simple as that and your CPU is back to what it was programmed for, put stuff on the kernel. Hackers can leak what they want nowadays, they can hack complex systems with important information, and open doors on really protected datasystems. And you think it is hard to reverse engineer a simple OS patch? Sure. Good luck dude!
Why reverse engineer? What these patches do is pretty much public knowledge.
Posted on Reply
#23
raptori
I got weird "irql_gt_zero_at_system_service" BSOD after the update on 2500K PC !!
Posted on Reply
#24
Manu_PT
Why? Because what that patch is doing is basically screaming at the CPU "no you won´t be doing this, you are blocked, find another route". Because if the CPU does what it was programmed to, it will put valuable information on a place where a hacker can access. Wich is what meltdown is, in easy non complex words. This is not your common insecure software code that can be 100% patched. This is on the core of the CPUs!

Is like having a powerful and very dangerous virus on your PC that you just can´t delete. You just wrote lines to control it and make it quiet. Very different things. Is still dangerous when you have a bomb that can be detonated at any time. Even a website can mess your meltdown patch and you are open again. This will be a never ending fight between hackers and continous OS patches. Yes because there are more to come, don´t worry. As soon as this one is debunked and easily exploitable.

If you have no problems by using a CPU at that constant risk, that´s up to you. I refuse to.
Posted on Reply
#25
londiste
"Manu_PT said:
Why? Because what that patch is doing is basically screaming at the CPU "no you won´t be doing this, you are blocked, find another route". Because if the CPU does what it was programmed to, it will put valuable information on a place where a hacker can access. Wich is what meltdown is, in easy non complex words. This is not your common insecure software code that can be 100% patched. This is on the core of the CPUs!
What the patch does is tell CPU to clean out the valuable information from a place where hacker can access before the hacker gets to the point where he can access it.
When that information is not there, the CPU is not going to be able to read it.
"Manu_PT said:
Even a website can mess your meltdown patch and you are open again.
No, it cannot.
"Manu_PT said:
If you have no problems by using a CPU at that constant risk, that´s up to you. I refuse to.
What are you going back to, one of the Atoms? :)
For Meltdown, AMD and most of ARMs seem to be unaffected. For Spectre, here is a list:
https://forum.level1techs.com/t/list-of-cpus-most-likely-immune-to-spectre/123128
Posted on Reply
Add your own comment