UPDATED 20:27 EST / JANUARY 09 2018

INFRA

Microsoft forced to stop issuing faulty Meltdown and Spectre patches

Microsoft Corp.’s usually mundane monthly “Patch Tuesday” release took a different twist this month following a mad scramble to issue fixes for the Meltdown and Spectre vulnerabilities disclosed last week, some of which have since been found to have problems.

The monthly patch cycle started early with system updates attempting to patch the vulnerabilities in processors from Intel Corp., Advanced Micro Devices Corp. and ARM that relate to the three known Spectre and Meltdown vulnerabilities. But because the patches caused some machines to fail to boot up, Microsoft paused their distribution.

“A public disclosure of many proof-of-concepts on how to use these vulnerabilities in a ‘Speculative Execution Side-Channel Attack’ triggered a large response from the industry,” Chris Goettl, product manager at Ivanti Inc., told SiliconANGLE. “Intel and the other CPU vendors have been working to release firmware updates to mitigate the vulnerabilities at a firmware level, while operating system vendors have been releasing OS-level updates to … mitigate the Meltdown vulnerability.”

The problems arose with the rushed nature of the releases. There were widespread reports that the patches slowed down and in some cases crippled machines. PCs running AMD processors were the worst-affected, with Microsoft pulling the patch early Tuesday morning, saying in a statement that the issue had arisen from some AMD chipsets not conforming to documentation AMD sent.

The main Patch Tuesday release offered a range of patches covering Microsoft products, the most vital one a critical vulnerability (known as CVE-2018-0802) which not only allows an attacker to take control of the affected system but is currently being exploited in the wild. It’s a “zero day” vulnerability, meaning it hadn’t been discovered before.

“The Zero Day pertains to a vulnerability that could allow the attacker to gain control of the target system,” Ivanti’s Goettl explained. “The attacker in this case could create a specially crafted file or host specially crafted content on a compromised website or user contributed content on a website. A user opening these specially crafted files would allow the exploit to run giving the attacker equal rights to the system as the current user.”

Including the Office patch, Microsoft released a total of 14 updates this month covering Windows, Internet Explorer, SQL, .Net Framework and the Adobe Flash Player. The patches are available from the Microsoft TechNet site.

Photo: Jose Lopez/Wikimedia Commons

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.