Monday, January 29th 2018
Microsoft Issues Update to Rollback Intel Spectre, Meltdown Problematic Patches
Multiple reports pegged some issues on Intel's rapid-fire, microcode and software response towards addressing the Spectre and Meltdown vulnerabilities, with Intel themselves coming forward, admitting to the problems' existence, and urging users not to perform said updates. However, Intel's press release wasn't very clear on whether or not users would be able to rollback changes in order to recover their machines' stability. Microsoft has taken the matter into its own hands, via an out of band update for Windows, KB4078130, that specifically disables only the mitigation against CVE-2017-5715 - "Branch target injection vulnerability."
In Microsoft's testing, this particular update is the one that the company has found to be associated the most with stability issues on host machines, and their out of band update seems to mitigate these completely. Microsoft is also adding the possibility for users to either disable or enable the troublesome mitigation themselves, manually, via registry changes. Microsoft seems to have taken the job of cleaning house on themselves, after Intel's apparent hasty move to restore security to systems based on their CPUs.
In Microsoft's testing, this particular update is the one that the company has found to be associated the most with stability issues on host machines, and their out of band update seems to mitigate these completely. Microsoft is also adding the possibility for users to either disable or enable the troublesome mitigation themselves, manually, via registry changes. Microsoft seems to have taken the job of cleaning house on themselves, after Intel's apparent hasty move to restore security to systems based on their CPUs.