In a statement earlier today, Microsoft announced that it was suspending some of the patches meant to fix the micro-processing chip vulnerabilities nicknamed Meltdown and Spectre; specifically, security updates for microprocessors designed by Advanced Micro Devices (AMD)—one of the largest microchip suppliers in the world—have stopped. The halt in patch distribution stems from customer complaints that the updates froze their endpoints.
“Some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown,” Microsoft said in its statement. “To prevent AMD customers from getting into an unbootable state, Microsoft will temporarily pause sending the following Windows operating system updates to devices with impacted AMD processors at this time.” The tech giant added that they were working with AMD to resolve the problem as soon as possible.
As previously reported, Meltdown and Spectre are flaws in microprocessors’ memory access operations. Microprocessors achieve faster speeds through speculative execution—anticipating what operations they will be called to run next and preloading them. Researchers recently discovered that speculative execution opens a backdoor to the computer’s memory that a hacker could exploit to obtain valuable data, documents, or encryption keys.
There have been as yet no reports of such attacks occurring in the real world. However, the security vulnerability affects virtually every computer and smartphone manufactured in the past two decades. This is not the first issue with security patches meant to fix the manufacturing flaw; reports of the patches not integrating with third party antivirus solutions are widespread.
Latest posts by Ben Canner (see all)
- Critical Enterprise Endpoint Security Statistics for 2020 - December 5, 2019
- Critical Steps to Achieving Comprehensive Endpoint Security in 2020 - December 4, 2019
- 5 Critical Next-Gen Endpoint Security Capabilities For Businesses - November 27, 2019