Microsoft releases “out of band” update to disable Spectre attack protection

Microsoft released an update this weekend that disables protection against the second Spectre attack because it causes issues with Intel BIOS updates. The problems can cause higher than expected reboots and other unpredictable system behavior. Eventually the issue could result in data loss or data corruption.

Microsoft releases "out of band" update to disable Spectre attack protection

The Meltdown attack only affects Intel CPUs but the Spectre attack is an issue for all modern CPUs. There are two known variants of the Spectre attacks. The update from this weekend targets the mitigation of Spectre variant 2  (CVE 2017-5715 Branch Target Injection).

Microsoft states that the unpredictable system behavior caused by the Intel BIOS updates can cause data loss or data corruption in specific cases. Therefore, Intel decided to withdraw the BIOS updates and instead work on new updates. While waiting for the new updates, Microsoft released an “out of band” update that disables the protection against Spectre variant 2. This should prevent the issues on Intel systems, according to Microsoft.

The update is available for Windows 7, Windows 8.1 and Windows 10. Intel has made a document (PDF) available that lists CPUs affected by the problematic BIOS Updates. Users with an affected CPU can download the required Windows update through Microsoft’s Update Catalog.

Advanced users can use another option to manually disable protection against Spectre variant 2. This can be done through a change of a setting in the Windows Registry. The company describes how to do this in two Knowledge Base articles.

Microsoft also states that there have been no reports of Spectre variant 2 attacks in the wild. The software giant also recommends users to enable Spectre variant 2 protection again after Intel has released a new BIOS update.