Skip to main content
close search
site logo
Dive Brief

Microsoft's patches for Meltdown and Spectre on pause after becoming 'unbootable'

Published Jan. 10, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Kendall, Industry Dive

Dive Brief:

  • Microsoft stopped issuing patches following the Meltdown and Spectre vulnerabilities because users with AMD devices are becoming "unbootable" with a blue screen after the Windows security updates, according to the company. Microsoft found that certain AMD chips don't "conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations."
  • Microsoft is working with AMD to resolve issues presented by customers impacted by the Windows Update and Windows Server Update Services (WSUS). However, Microsoft instructed users to contact AMD directly for specific chip-related inquiries, according to a Microsoft spokesperson. 
  • The company acknowledged that customers with older versions of Windows, such as Windows 7 and 8, "will notice a decrease in system performance," according to a company statement. But users running Windows 10 on older hardware may also face the same decrease in performance. 

Dive Insight:

Vendors impacted by the Meltdown and Spectre security flaws have been frantically issuing patches to vulnerable customers.

Meltdown and Spectre are said to grant access to bad actors to "otherwise protected kernel memory," allowing them to exploit personal information or release more malware onto a device, according to researchers. There is no way of knowing if someone's device has already been exploited.

The only way to eliminate all risk is to replace the CPU hardware. The patches distributed by vendors including Microsoft, Apple and Google are only to mitigate further risk.

Meltdown impacts nearly all modern Intel chips from the last two decades while Spectre affects other modern processors and smartphones. Chip manufacturers are under mass scrutiny as nearly every device with a chip is vulnerable. 

However, Intel announced it would not be issuing a recall. CEO Brian Krzanich said the fix is much easier than "overblown" reports are saying, reports CNet. Prior to the exploits' disclosure, Krzanich sold of a portion of stock, raising concern over the timing.

The company maintains the decision was already arranged with an "automated schedule." But due to the size of the sold stock, the U.S. Securities and Exchange Commission is expected to look into it, reports Bloomberg.  

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Blackpoint Cyber Launches Global Partner Program and Enablement Platform Emphasizing a Focus o…
From Blackpoint Cyber
October 30, 2024
Tech Ambitions Collide with Reality: 2025 Technology Impact Report Exposes Critical Readiness…
From Omnia Strategy Group, LLC
October 21, 2024
DigiCert Welcomes Lakshmi Hanspal as New Chief Trust Officer
From DigiCert
October 24, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell