iTnews
  • Home
  • News
  • Technology
  • Security

Microsoft tries again with Spectre fix for Windows

By Juha Saarinen on Feb 14, 2018 8:45AM
Microsoft tries again with Spectre fix for Windows

Also patches Adobe Flash zero-day.

Microsoft has released a revised fix for the Meltdown and Spectre processor vulnerabilities in 32-bit versions of Windows 10 as part of its monthly patch bundle.

Microsoft had to disable its earlier revision of the Spectre patch in January due to system instability, data loss and rebooting caused by bugs in the Intel-supplied processor microcode firmware.

It has now provided a new version of the patch for 32-bit Windows 10 on Intel x86 systems.

The patches are numbered 4074596 for Windows 10, 4074591 for Windows 10 version 1511, 4074590 for Windows 10 version 1607, and 4074592 for Windows 10 version 1703.

"Microsoft recommends that customers running 32-bit systems install the applicable update as soon as possible," the company said.

Patches for other versions of 32-bit Windows are in the works, but Microsoft said it does not yet have a release schedule.

Intel has released revised production microcode to address the vulnerabilities in 22 processor families at the time of writing [pdf]. Microcode for a further 53 Intel processor families is in either planning or beta stage.

Fixing the Meltdown and Spectre vulnerabilities - which can be exploited to read system memory - has been problematic for Microsoft and its hardware partners.

Apart from the problems with Intel's microcode, Microsoft had to block patches for systems with certain AMD processors after the fixes rendered them unbootable.

AMD and Microsoft devised a fix for the problem, and the patches were reissued on January 19 this year. Microsoft did however warn that applying the patches would slow down customer systems to a varying degree.

"In testing Microsoft has seen some performance impact with these mitigations. For most consumer devices, the impact may not be noticeable, however, the specific impact varies by hardware generation and implementation by the chip manufacturer," the company said at the time.

Microsoft's February set of patches also contains a fix for an Adobe Flash Player zero-day that appears to have been deployed by North Korean government hackers against targets in South Korea.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
amdintelmeltdownmicrosoftsecurityspectrewindows

Partner Content

Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like
The Great Resignation has intensified insider security threats
Promoted Content The Great Resignation has intensified insider security threats
Digital signatures propel Australian Unity with rapid time to value
Digital signatures propel Australian Unity with rapid time to value
Why Genworth Australia embraced low-code software development
Promoted Content Why Genworth Australia embraced low-code software development

Sponsored Whitepapers

Free eBook: Digital Transformation 101 – for banks
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see

Events

  • Forrester Technology & Innovation Asia Pacific 2022
By Juha Saarinen
Feb 14 2018
8:45AM
0 Comments

Related Articles

  • Researchers poke holes in Spectre data leak bug fixes
  • Microsoft details massive phishing operation
  • Microsoft's monthly patch includes four serious bugs
  • Poor patching creates easy zero-day vulnerability reuse
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Services Australia sets changeover date for myGov

Services Australia sets changeover date for myGov
Google Cloud IoT Core goes on the end-of-life list

Google Cloud IoT Core goes on the end-of-life list
NBN Co proposes to axe CVC across all plans by mid-2026

NBN Co proposes to axe CVC across all plans by mid-2026
Wesfarmers to stand up offensive cyber security capabilities

Wesfarmers to stand up offensive cyber security capabilities

Digital Nation

Crypto losses to crime surge to $1.9 B in first half of 2022: Chainalysis
Crypto losses to crime surge to $1.9 B in first half of 2022: Chainalysis
Stakes are higher for cybersecurity in Web3: Gal Tal-Hochberg, CTO at Team8
Stakes are higher for cybersecurity in Web3: Gal Tal-Hochberg, CTO at Team8
Edge and IoT critical to Web3 infrastructure
Edge and IoT critical to Web3 infrastructure
Save the Date — Digital Nation Live launches on October 25
Save the Date — Digital Nation Live launches on October 25
CommBank’s mobile banking app beats ANZ, NAB, Suncorp and Westpac: Forrester
CommBank’s mobile banking app beats ANZ, NAB, Suncorp and Westpac: Forrester
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.