The Meltdown and Spectre – the biggest and massive flaw discovered in the core design of modern CPUs starting from 1995. These flaws were present there for decades until we discovered what they are. Thanks to the security research teams, the whole world is in a danger of security threats. As they’re publicly disclosed, both the users and hackers know about them. Rest assured, hackers are working heart and soul to use them to their advantages.
The Spectre patch
The Meltdown was relatively easy to resolve using software patches. A few kernel tweaks and changes are enough to mitigate exploitation of the Meltdown. The kernel is the core software of any OS. It works in-between the hardware and software. However, the Spectre is a harder one.
Microsoft has published a Windows update for disabling microcode patches released earlier for the Spectre variant 2 – Branch Target Injection (CVE-2017-5715) vulnerability. Microsoft released this counter patch after a week Intel asked customers and OEMs to stop deploying the buggy security patches. According to Intel, those patches might introduce more reboots than expected and unpredictable system behavior.
Why is Microsoft disabling the patch? The answer from Microsoft was quite logical. Unstable systems will eventually cause data loss or corruption. Think of a scenario like this: you’re working hard on your next day assignment or in the middle of an ongoing project, then your system reboots out of nowhere (unexpected reboots). This is more annoying than Spectre, I believe.
However, you don’t need to worry about the Meltdown and Spectre right now. These security flaws are, by their nature, is very hard to pull off. The Meltdown is relatively easier to pull off compared to Spectre. The Spectre requires a deeper knowledge of the victim’s programs’ inner workings. As you guessed, not every hacker is that much good. Moreover, there has been no report of using Spectre variant 2 (CVE-2017-5715) to exploit a system.
What to do
Windows will automatically download and install the update via Windows Update. The update is also available to download from the Microsoft Catalog. The update ID is KB4078130 and size is 24KB. For advanced users, Microsoft also describes a method to disable the Spectre variant 2 patch using Windows Registry. Two guides are available – for desktops and servers.
It’s mostly Intel to blame for the issues. Intel has earned a really bad reputation in the press and the community for their inability to provide necessary & flawless security fix for the speculative execution bugs. Speculative execution is such a blazing technique that boosts the performance far ahead. However, Intel’s CEO Brian Krzanich said that we may see new Intel processors free of these bugs within 2018. If you’re interested in learning more about the Meltdown and Spectre bug, check out the complete details.
If you’re a Windows user, you already know how much time + bandwidth consuming process is Windows Update. Using a 3rd-party tool, you can cut this short several times! Check out how to use WSUS Offline Update.