Microsoft moves to block Intel's Spectre patch

Intel Warned Chinese Companies of Chip Flaws Before US Government

WSJ: 'Near Certainty' China Knew of Intel Security Flaws Before US

An Intel spokesperson said that the company was unable to notify others, including the United States government, as the bugs were made public earlier than the decided date which was January 9. Apparently, some of the software updates meant to fix them are. This was important because Meltdown - which allows malware to extract passwords and other secrets from an Intel-powered computer's memory - is pretty easy to exploit, and cloud-computing environments were particularly exposed as they allow customers to share servers.

Then on Saturday, Microsoft released a security update enabling users and IT administrators to disable Intel's mitigation for Spectre variant 2, a branch target injection flaw designated CVE-2017-5715.

An official at the Department of Homeland Security said that the staffers learned of the flaws on January 3 from news reports and not from Intel in advance, explaining the hastily-provided mitigation for the problem.

Microsoft has rushed out a system update that will disable the sloppy mitigation patch deployed earlier by Intel for Spectre vulnerabilities detected on Windows systems. According to ZDNet, Microsoft made the highly unusual decision to pull back the patch after ascertaining it can directly cause data loss.

In other developments related to Spectre and Meltdown, which also affect many CPUs made by ARM and AMD, The Wall Street Journal reported yesterday that Intel's initial disclosures about the vulnerabilities were made to "a small group of customers, including Chinese technology companies, but left out the US government".

Unfortunately, Intel discovered earlier this month that the microcode updates are causing machines to reboot. READ NEXT:Report: Microsoft building new "modern" Windows 10 version For PC users, this is likely to confuse the situation around Meltdown and Spectre even further.

Windows users received an emergency update over the weekend as Microsoft raced to address yet another issue in the Meltdown/Spectre malware saga.

Intel CEO Brian Krzanich said that they have committed to keeping their customers and owners appraised of their progress and, through their actions. Microsoft added that the fixes are creating stability issues and random reboots that could lead to data loss. The announcement came after the company revealed that it has issued firmware updates for 90 per cent of Intel CPUs made in the past five years.

Latest News