Microsoft security update trumps Intel's Meltdown and Spectre fix

Intel told Chinese companies about chip flaw before notifying US gov: report

Intel reportedly notified Chinese companies of chip security flaw before the US government

Intel has been on the receiving end of some very harsh remarks following its recent disclosure that its fix for Spectre Variant 2 were faulty, the most notable of them coming from Linux founder Linus Torvalds who wrote on Sunday,"the patches are COMPLETE AND UTTER GARBAGE". Microsoft has also documented registry keys that can be used to selectively enable or disable the protections, for sensitive systems or test environments. Microsoft says its testing has found that applying its update eliminates the stability problems - and potential data loss and corruption - that Intel's firmware patch has been causing. READ NEXT:Report: Microsoft building new "modern" Windows 10 version For PC users, this is likely to confuse the situation around Meltdown and Spectre even further.

An official at the US Department of Homeland Security, which runs US CERT, said it only learned of the processor vulnerabilities from early news reports.

While year-end financial results released last week show Intel enjoyed record earnings in 2017, the company could yet see long-term fallout from the Spectre and Meltdown hardware bugs.

On Jan. 3, a slew of vendors, primarily makers of processors and operating systems, broke the news of Spectre and Meltdown, two classes of CPU vulnerabilities uncovered by Google researchers.

Intel says that nearly all older computers running high-demanding tasks such as Photoshop will experience a noticeable slowdown. In that January 11 note, Intel added that, "End-users should continue to apply updates recommended by their system and operating system providers". The specific vulnerability involved is CVE 2017-5715 (requires microcode update for full enablement).

CEO Brian Krzanich revealed that the company is working on a hardware fix for its next line of processors that will be available in 2019. "We are also working directly with data center customers to discuss the issue".

Shenoy also told personal computer users that he would provide more information as it became available. Joyent, a U.S. cloud-services provider owned by Samsung Electronics, was among those that may have benefited from a warning but wasn't included in the select group informed ahead of the public reveal. If you're using Windows 7, you will need to download the new update from Microsoft's Update Catalog website (which doesn't seem to work with Chrome or Firefox) as Microsoft stopped delivering automatic updates to Windows 7 a while ago.

"Intel has reported issues with recently released microcode meant to address Spectre variant 2 (CVE 2017-5715 Branch Target Injection)".

Latest News