Meltdown and Spectre logos

Microsoft has issued on Saturday an emergency out-of-band Windows update that disables patches for the Spectre Variant 2 bug (CVE-2017-5715).

The update —KB4078130— targets Windows 7 (SP1), Windows 8.1, all versions of Windows 10, and all supported Windows Server distributions.

Microsoft shipped mitigations for the Meltdown and Spectre bugs on January 3.

Microsoft reacts to Intel statement

The company said it decided to disable mitigations for the Spectre Variant 2 bug after Intel publicly admitted that the microcode updates it developed for this bug caused "higher than expected reboots and other unpredictable system behavior" that led to "data loss or corruption."

As a response, Microsoft decided to disable Spectre Variant 2 mitigations until Intel develops a more stable fix.

In cases where these updates can't be rolled out to affected computers right away, Microsoft is also providing instructions on how to manually disable the Spectre Variant 2 mitigations via registry keys. Separate instructions are available for Windows desktop and server users.

Microsoft is not the only one having issues with this bug

Microsoft is not the first company to roll back Spectre Variant 2 patches. After Intel's announcement, Dell advised customers to "revert back to a previous BIOS versions" that did not include Spectre patches.

HP also took a similar step. After it previously made available BIOS updates containing Meltdown and Spectre (Variant 1 and Variant 2) patches, HP reissued BIOS updates this week that only contained Meltdown and Spectre Variant 1 patches, but not Variant 2.

Red Hat Enterprises also decided to revert Spectre Variant 2 patches last weekend, even before Intel's formal announcement.

Intel is not the only major CPU maker having issues with Spectre Variant 2 patching. This bug also caused issues for devices with AMD processors, so much so that Microsoft paused the rollout of Windows updates for devices with AMD processors. Microsoft resumed these updates, but only after AMD worked with Microsoft to correct reported BSOD errors.

Related Articles:

Here's the Status of Meltdown and Spectre Mitigations in Windows

Microsoft Released Windows 7 & 8.1 Cumulative Updates KB4345459 & KB4345424

Microsoft Is Rolling Out New Cumulative Updates for Windows 10, 8.1, and 7

Microsoft Explains Whether a Vulnerability Turns Into a Windows Security Update

Microsoft June 2018 Patch Tuesday Fixes 50 Security Issues