INFRA
INFRA
INFRA
Microsoft forced to stop issuing faulty Meltdown and Spectre patches
Microsoft Corp.’s usually mundane monthly “Patch Tuesday” release took a different twist this month following a mad scramble to issue fixes for the Meltdown and Spectre vulnerabilities disclosed last week, some of which have since been found to have problems.
The monthly patch cycle started early with system updates attempting to patch the vulnerabilities in processors from Intel Corp., Advanced Micro Devices Corp. and ARM that relate to the three known Spectre and Meltdown vulnerabilities. But because the patches caused some machines to fail to boot up, Microsoft paused their distribution.
“A public disclosure of many proof-of-concepts on how to use these vulnerabilities in a ‘Speculative Execution Side-Channel Attack’ triggered a large response from the industry,” Chris Goettl, product manager at Ivanti Inc., told SiliconANGLE. “Intel and the other CPU vendors have been working to release firmware updates to mitigate the vulnerabilities at a firmware level, while operating system vendors have been releasing OS-level updates to … mitigate the Meltdown vulnerability.”
The problems arose with the rushed nature of the releases. There were widespread reports that the patches slowed down and in some cases crippled machines. PCs running AMD processors were the worst-affected, with Microsoft pulling the patch early Tuesday morning, saying in a statement that the issue had arisen from some AMD chipsets not conforming to documentation AMD sent.
The main Patch Tuesday release offered a range of patches covering Microsoft products, the most vital one a critical vulnerability (known as CVE-2018-0802) which not only allows an attacker to take control of the affected system but is currently being exploited in the wild. It’s a “zero day” vulnerability, meaning it hadn’t been discovered before.
“The Zero Day pertains to a vulnerability that could allow the attacker to gain control of the target system,” Ivanti’s Goettl explained. “The attacker in this case could create a specially crafted file or host specially crafted content on a compromised website or user contributed content on a website. A user opening these specially crafted files would allow the exploit to run giving the attacker equal rights to the system as the current user.”
Including the Office patch, Microsoft released a total of 14 updates this month covering Windows, Internet Explorer, SQL, .Net Framework and the Adobe Flash Player. The patches are available from the Microsoft TechNet site.
Photo: Jose Lopez/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
