UPDATED 20:27 EDT / JANUARY 09 2018

INFRA

Microsoft forced to stop issuing faulty Meltdown and Spectre patches

Microsoft Corp.’s usually mundane monthly “Patch Tuesday” release took a different twist this month following a mad scramble to issue fixes for the Meltdown and Spectre vulnerabilities disclosed last week, some of which have since been found to have problems.

The monthly patch cycle started early with system updates attempting to patch the vulnerabilities in processors from Intel Corp., Advanced Micro Devices Corp. and ARM that relate to the three known Spectre and Meltdown vulnerabilities. But because the patches caused some machines to fail to boot up, Microsoft paused their distribution.

“A public disclosure of many proof-of-concepts on how to use these vulnerabilities in a ‘Speculative Execution Side-Channel Attack’ triggered a large response from the industry,” Chris Goettl, product manager at Ivanti Inc., told SiliconANGLE. “Intel and the other CPU vendors have been working to release firmware updates to mitigate the vulnerabilities at a firmware level, while operating system vendors have been releasing OS-level updates to … mitigate the Meltdown vulnerability.”

The problems arose with the rushed nature of the releases. There were widespread reports that the patches slowed down and in some cases crippled machines. PCs running AMD processors were the worst-affected, with Microsoft pulling the patch early Tuesday morning, saying in a statement that the issue had arisen from some AMD chipsets not conforming to documentation AMD sent.

The main Patch Tuesday release offered a range of patches covering Microsoft products, the most vital one a critical vulnerability (known as CVE-2018-0802) which not only allows an attacker to take control of the affected system but is currently being exploited in the wild. It’s a “zero day” vulnerability, meaning it hadn’t been discovered before.

“The Zero Day pertains to a vulnerability that could allow the attacker to gain control of the target system,” Ivanti’s Goettl explained. “The attacker in this case could create a specially crafted file or host specially crafted content on a compromised website or user contributed content on a website. A user opening these specially crafted files would allow the exploit to run giving the attacker equal rights to the system as the current user.”

Including the Office patch, Microsoft released a total of 14 updates this month covering Windows, Internet Explorer, SQL, .Net Framework and the Adobe Flash Player. The patches are available from the Microsoft TechNet site.

Photo: Jose Lopez/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU