Soon after Microsoft released the security patch to mitigate the Spectre and Meltdown security threat to Intel-powered PCs, many early adopters complained of performance issues, while some faced random bootloops, rendering their device useless.
Taking note of the problem, chip-maker Intel initiated an internal investigation and found the firmware slowed the PCs' functions, raising the chances of data getting corrupted (unreadable) or lost, and reported the matter to Microsoft to stop the update roll-out, which was halted a few weeks ago.
Now, Microsoft is releasing a new software patch to negate the effects of the Spectre-fix, which was downloaded and installed by early users, and make devices function normal as before.
"While Intel tests, updates and deploys new microcode, we are making available an out-of-band update today, KB4078130, that specifically disables only the mitigation against CVE-2017-5715 – 'Branch target injection vulnerability.' In our testing, this update has been found to prevent the behaviour described," Microsoft's Windows team said in a statement.
The new update is rolling out to PCs running Windows 7 Service Pack 1, Windows 8.1, Windows 10, Windows 10 Version 1511, Windows 10 Version 1607, Windows 10 Version 1703, Windows 10 version 1709, Windows Server 2008 R2 Standard and Windows Server 2012 R2 Standard.
PC and Server owners can manually run the Windows security update by following guide 1 (here) and guide 2 (here), respectively.
Read more: Spectre and Meltdown Security Threat Origin
Until the proper security fix comes to computers, users can follow the guideline below to safeguard their PCs from Spectre, Meltdown and other security threats:
- Always keep your PCs updated with the latest firmware. Most software companies including Microsoft and Apple usually send software updates weekly or monthly. Always make sure to update them immediately.
- Make sure to use premium antivirus software, which also provide malware protection and Internet security.
- Never ever open emails sent from unknown senders.
- Disable ActiveX content in Microsoft Office applications such as Word, Excel, etc.
- Disable remote desktop connections. Employ least-privileged accounts. Limit users who can log in using Remote Desktop. Set an account lockout policy. Ensure proper RDP logging and configurations.
- Never ever install plugins (for browsers) and application software on PCs from unfamiliar publishers.
- System administrators in corporate companies should establish a Sender Policy Framework (SPF) for their domain, which is an email validation system designed to prevent spam by detecting email spoofing by which most of the ransomware samples successfully reaches the corporate email boxes.
Even smartphones are vulnerable to Spectre and Meltdown. While Apple has fixed the issue with security update via iOS11.2.2 update, Google is still working with OEMs (Original Equipment Manufacturers) to deploy the update. Until then, follow this guideline:
- Always keep your smartphone updated to the latest firmware. Most companies in collaboration with Google send software updates — especially security patches — on priority basis. Always make ensure you install them immediately.
- Make sure to use premium antivirus software, which also provides malware protection and internet security.
- Never open emails sent from unknown senders.
- Never install apps from unknown websites.
- Never install apps from unfamiliar publishers even on Google Play (for Android phones) and Apple application store (for iPhones and iPads).
