Microsoft released the Windows Update KB4078130 yesterday. It disables the mitigation against Spectre, Variant 2 on all supported versions of the company’s Windows operating system when installed.
Microsoft released updates for Windows on the January 2018 Patch Day to mitigate Spectre and Meltdown vulnerabilities disclosed earlier. The company stopped the distribution of these updates to select AMD devices shortly after initial deployment because it caused blue screen of death crashes on Windows 7 machines with AMD hardware.
Intel acknowledged “higher than expected reboots and other unpredictable behavior” and recommended to customers on January 22nd that customers “stop deploying the current microcode version on impacted processors.”
RedHat reverted patches on January 21st already.
KB4078130 deactivates Spectre Patch
KB4078130 is not offered through Windows Update. The update is available on the Microsoft Update Catalog website. Users and admins need to download it manually to install it on affected systems.
The update is available for all supported versions of Windows — client and server. It has a size of 24 Kilobytes.
Microsoft recommends that the patch is only applied to systems on which unexpected reboots or other issues are noticed after installation of the January 2018 security updates.
Registry
The update is not the only option that admins have to deactivate the patch. Admins may change values in the Windows Registry directly to activate or deactivate the patch. Microsoft highlights how that is done on this Support page.
Tip: We have uploaded batch scripts to our server which you can download and run to enable or disable the Spectre Variant 2 protection. Download the file with a click on the following link:
windows-disable-enable-spectre-variant-2.zip
You may use InSpectre by Gibson to disable the protection as well.
To disable Spectre Variant 2:
reg add “HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management” /v FeatureSettingsOverride /t REG_DWORD /d 1 /f
reg add “HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management” /v FeatureSettingsOverrideMask /t REG_DWORD /d 1 /f
To enable Spectre Variant 2:
reg add “HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management” /v FeatureSettingsOverride /t REG_DWORD /d 0 /f
reg add “HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management” /v FeatureSettingsOverrideMask /t REG_DWORD /d 1 /f
Closing Words
Disabling the protection should resolve unexpected reboot and other issues caused by the Spectre Variant 2 patch. It is not necessary to install the updates on systems that run without any of these issues after update installation. (via Born and Deskmodder)
The post Windows Update KB4078130 deactivates Spectre Patch appeared first on gHacks Technology News.