Microsoft has scaled back its rollout of Windows patches against the Meltdown and Spectre CPU flaws after reports the updates were crashing computers with AMD processors.
Following claims the patches trapped some AMD PCs in an endless loop, Microsoft today announced the Windows updates would not be rolled out to affected machines.
“To prevent AMD customers from getting into an unbootable state, Microsoft will temporarily pause sending the following Windows operating system updates to devices with impacted AMD processors at this time,” Microsoft said in a statement on its support site.
After the patches were installed on PCs running on AMD Athlon X2 processors, there were reports these machines would not boot and would then get stuck in an endless loop while they tried to roll back to an earlier build of Windows.
The issue was particularly tricky for those running Windows 10 Home, due to the OS not providing a simple way for users to defer updates.
SEE: Incident response policy (Tech Pro Research)
Microsoft is halting the rollout of nine updates to affected AMD PCs, outlined in detail here, but said it is working with AMD to restore the updates to affected devices “as soon as possible”
Explaining why the patches had caused certain AMD PCs to crash, Microsoft said that it had “determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown”.
AMD processors do not have the Meltdown design flaw, and, while they are affected by Spectre, this flaw is thought to be far harder to exploit in an attack.
Spectre and Meltdown are design flaws in modern processors that expose a wide range of PCs, phones, tablets and servers to attack.
While there is little evidence of the flaws being exploited to date, the two vulnerabilities in modern chip design could allow attackers to bypass system protections to read sensitive information, such as passwords, from memory.
The recent Microsoft patches apply to all supported versions of Windows and Windows Server, Microsoft SQL Server and the Edge and Internet Explorer 11 browsers.
Microsoft has provided the following guides for owners of AMD PCs stuck in an unbootable state after updating:
- Troubleshoot blue screen errors in Windows 10
- Resolving Blue Screen errors in Windows 8.1
- Resolving stop (blue screen) errors in Windows 7
Microsoft had already delayed installation of a Meltdown/Spectre update on some PCs, until anti-virus companies were confident it wouldn’t conflict with their products. Most anti-virus vendors say their software is now compatible with the patch.
- How the Meltdown and Spectre chip flaws will impact cloud computing (TechRepublic)
- Windows Meltdown patch: Find out if your PC is compatible (TechRepublic)
- Emergency Windows Meltdown patch may be incompatible with your PC (TechRepublic)
- Massive Intel CPU flaw: Understanding the technical details of Meltdown and Spectre (TechRepublic)
- Critical flaws revealed to affect most Intel chips since 1995 (ZDNet)
- Nope, no Intel chip recall after Spectre and Meltdown, CEO says (CNET)
- Intel chips have critical design flaw, and fixing it will slow Linux, Mac, and Windows systems (TechRepublic)
- Special report: The future of Everything as a Service (free PDF) (TechRepublic)
- Linux security: Google fuzzer finds ton of holes in kernel’s USB subsystem (ZDNet)
- How to upgrade the Linux kernel with a handy GUI (TechRepublic)
- Intel: We’ve found severe bugs in secretive Management Engine, affecting millions (ZDNet)
- PowerShell: The smart person’s guide (TechRepublic)