Microsoft releases another security patch against ‘Spectre Variant 2’
Intel’s security patch for Meltdown and Spectre had issues causing higher reboots than usual.Updated: Jan 29, 2018 12:42 IST
Indo Asian News Service
Microsoft has released another security patch against “Spectre Variant 2” bug found on Intel chips.
Intel has reported issues with recently released microcode meant to address “Spectre variant 2” termed as “CVE 2017-5715 Branch Target Injection”.
Intel noted that this microcode can cause “higher than expected reboots and other unpredictable system behaviour,” adding that situations like this may result in “data loss or corruption”.
“While Intel tests, updates and deploys new microcode, we are making available an out of band update ‘KB4078130’ that specifically disables only the mitigation against CVE-2017-5715 - Branch target injection vulnerability,” Microsoft wrote on its support page on Sunday.
“Our own experience is that system instability can in some circumstances cause data loss or corruption. In our testing this new update has been found to prevent the behaviour described,” Microsoft said.
Microsoft is also offering a new option - available for advanced users on impacted devices - to manually disable and enable the mitigation against Spectre Variant 2 (CVE 2017-5715) independently via registry setting changes.
“There are no known reports to indicate that this Spectre variant 2 (CVE 2017-5715 ) has been used to attack customers,a Microsoft said.
After chip-maker Intel confirmed a potential security flaw in its chips, Microsoft issued emergency updates to supported versions of Windows earlier this month.
Intel Corp had confirmed two security flaws -- “Meltdown and “Spectre” -- in its Chips that were vulnerable to hacking.
Intel CEO Brian Krzanich later allayed fears of any data breach.
Addressing the gathering at his keynote address at the “CES 2018” earlier this month, Krzanich said: “Our primary goal has been to keep our customers safe. We have not received any information that these exploits have been used to obtain customers’ data.
The Intel CEO urged everyone to patch their systems as soon as these are available.
First Published: Jan 29, 2018 12:42 IST