Skip to main content

Grab this Microsoft update now if your PC was affected by the Spectre fixes

The last few weeks have been rough for technology manufacturers and users alike, with the Meltdown and Spectre exploits making headlines and requiring fixes that can slow down our gadgets. Intel issued microcode fixes for its own CPUs meant to address the issue and then quickly retracted them due to system reboots and instability. Now, Microsoft has concluded that fixes meant to address the Spectre Variant 2 exploit are bad enough to cause data loss, and its issued its own fix.

For now, this fix comes via a support bulletin that it issued the following statement:

“Intel has reported issues with recently released microcode meant to address Spectre Variant 2 (CVE 2017-5715 Branch Target Injection) — specifically Intel noted that this microcode can cause “higher than expected reboots and other unpredictable system behavior” and then noted that situations like this may result in “data loss or corruption.” Our own experience is that system instability can in some circumstances cause data loss or corruption. On January 22, Intel recommended that customers stop deploying the current microcode version on impacted processors while they perform additional testing on the updated solution. We understand that Intel is continuing to investigate the potential impact of the current microcode version and encourage customers to review their guidance on an ongoing basis to inform their decisions.”

Microsoft’s response, for now at least, is to simply turn off the mitigation against Spectre Variant 2. It provided an update that users can run at the Microsoft Update Catalog site, along with steps to manually disable and enable the mitigation by modifying the registry. The registry is a finicky thing, though, and so be careful if you choose the latter route.

While it’s usually a bad idea to turn off security measures meant to protect against known exploits, in this case, the damage that Intel’s bad microcode can cause clearly outweighs what Microsoft considers to be a negligible potential for harm. According to the company, there have been no known attacks based on Spectre Variant 2, at least as of Thursday, January 25.

Microsoft will likely issue a more widely available update once its official Patch Tuesday update rolls around next month. This emergency out-of-band update might be worth running in the meantime, though, particularly if any of your PCs have been acting a bit crazy since being updated with the Spectre fixes.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Update Windows now to patch this critical Microsoft Word exploit
Person sitting and using an HP computer with Windows 11.

Microsoft has rolled out security updates as part of its June 2022 Windows updates to address a serious security bug that has targeted programs including Microsoft Word.

The Windows zero-day vulnerability is known as Follina (CVE-2022-30190) by security researchers and is "actively exploited in ongoing attacks," according to Bleeping Computer.

Read more
Hackers can now take over your computer through Microsoft Word
A dark mystery hand typing on a laptop computer at night.

A new zero-day vulnerability in Microsoft Office could potentially allow hackers to take control of your computer. The vulnerability can be exploited even if you don't actually open an infected file.

Although we're still waiting for an official fix, Microsoft has released a workaround for this exploit, so if you frequently use MS Office, be sure to check it out.

Read more
Microsoft Edge just got a new way to protect your privacy
Microsoft Edge Secure Network graphic.

Microsoft Edge just got even more secure. After a tease a few weeks ago, Microsoft has just officially announced the availability of Edge Secure Network, the new built-in VPN feature for the Microsoft Edge browser.

Though still in an experimental stage with a small audience using the Canary version of the browser, Microsoft hopes this feature can provide extra peace of mind when using Edge on unsecured networks. As with most other VPN services, this built-in Secure Network can mask your device's IP address, encrypt your data, and route it through a secure network that's geographically co-located.  This will make it harder for hackers and others with bad intent to see your true location. The company that provides your internet also won't be able to collect your browsing data for ads.

Read more