Microsoft patches Meltdown patch for boot-locked AMD PCs
19 January 2018 | 0
AMD processors are not affected by the devastating Meltdown CPU flaw, but the emergency fix for Meltdown and Spectre brought certain AMD CPUs to their knees. Microsoft has now resumed issuing patches for those systems as of 18 January.
Microsoft’s new patch, KB4073290, solves the problem, Microsoft says. It will either deploy via Windows Update or can be manually downloaded.
While the discovery of the original Spectre and Meltdown bugs prompted six months or so of covert, behind-the-scenes work to develop mitigations, the patches themselves have had issues, too. The original issues with AMD systems surfaced on or about 9 January.
“After investigating, Microsoft has determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown,” Microsoft’s security advisory said at the time. “To prevent AMD customers from getting into an unbootable state, Microsoft will temporarily pause sending the following Windows operating system updates to devices with impacted AMD processors at this time.”
Microsoft did not specify which AMD CPUs are vulnerable to the error. CSO reported that forum complaints largely revolved around older Athlon and Sempron chips, with the largest thread bearing over 160 replies and more than 800 “I have the same question” votes.
If your AMD PC refuses to boot after installing the emergency patch, Microsoft says its guides for troubleshooting bluescreen errors in Windows 7, 8, and 10 may help.
Even if you cannot install the Meltdown patch at this time, upgrade your web browser pronto. Firefox, Chrome, Internet Explorer, and Edge have all been updated with initial protections against the Spectre CPU exploit—a separate issue from Meltdown and these flawed Windows patches. AMD chips are susceptible to Spectre. Also, be sure to keep your security software vigilant while you are working without the Windows patch. It will not be able to detect if the Meltdown or Spectre exploits are abused on your system, but an attacker needs to be able to inject and run malicious code on your PC to trigger the CPU flaws. Security software can keep malware that gives bad guys access to your PC, off your PC.
IDG News Service