The Meltdown and Spectre vulnerabilities published in early January have drawn significant media attention and urged software and hardware manufacturers to hastily release security patches. While most systems now have available security updates to protect against these attacks, many of the patches have been reported to cause problems of their own, including dips in system performance, unexpected reboots and even outright system failure.
Here are the latest reports from major vendors:
After suspending Windows Spectre and Meltdown patches to AMD systems, Microsoft started releasing the patches to newer AMD systems last week. The latest Microsoft update features versions of the patches that are compatible with older AMD systems. Users that have already applied incompatible patches will have to roll back the update to apply the new one.
Microsoft stated that Windows updates that mitigate Meltdown and Spectre are incompatible with some third-party antivirus products, and can cause system failure. Therefore, Microsoft will only push the patch to systems that are running approved, compatible antivirus software.
The microcode update to protect against Spectre has been reported to cause reboots on Haswell and Broadwell processors. These issues are also being reported for Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake processors. Intel is developing a fixed version of the update to be released to vendors this week.
VMware is rolling back firmware patches that it had previously pushed out to ESX users because of this issues within virtual machines. For users who have already applied the patches, VMware has released a configuration change to disable the Intel firmware behavior that is the root cause of the issue.
The National Cybersecurity and Communications Integration Center recommends referring to vendors for information regarding their respective patches. The NCCIC also warns users to only download patches directly from the vendor’s website, as phishing attacks have started using the media attention around the vulnerabilities to send out fake updates that contain malware.
If you have have questions about these updates, please contact our Technology Services Group and they can help mitigate your risk. Fill out our contact form or call 800-259-2922.