Published: Tue, January 30, 2018
Industry | By Dora Warner

New 'emergency' Windows update removes the last one

New 'emergency' Windows update removes the last one

Intel noted that this microcode can cause "higher than expected reboots and other unpredictable system behaviour", adding that situations like this may result in "data loss or corruption".

Intel's notice and Microsoft's emergency update were just the latest bits in one of the messiest security events in ages. According to ZDNet, Microsoft made the highly unusual decision to pull back the patch after ascertaining it can directly cause data loss.

The Journal said an Intel spokesman refused to identify the companies it told about Spectre and Meltdown before its planned announcement, and the company was unable to tell the US government, or everyone else it meant to, because the news about the flaws got out earlier than Intel expected.

United States dollar falls to 3-year low as world leaders visit Davos
The multinational trade deal is set to go ahead after a year of renegotiations, following the US's withdrawal in early 2017. But many now believe that alongside the strong U.S. economic rally the dollar is set for recovery in 2018.

The update was written for all supported versions of Windows, including Windows 7, 8.1 and 10, as well as the corresponding Server editions.

An Intel spokesperson didn't detail who the company reached out to first, but did say that it wasn't able to notify everyone (which includes U.S. officials) in time because both Spectre and Meltdown were revealed early.

The problematic Intel fix was created to mitigate against attacks using the Spectre-related Branch Target Injection vulnerability, CVE 2017-5715.

Swatting Mosquitoes Teaches Them To Avoid You
Here, we show that olfactory learning may contribute to Aedes aegypti mosquito biting preferences and host shifts. Dr Riffell tested mosquitoes by given them a choice between sleeves bearing human odours and those with no smell.

ARM and AMD chips are also vulnerable to attacks, but Intel remains the only manufacturer with products that are affected by all three of Spectre, Spectre Variant 2, and Meltdown. An Intel spokesman didn't reveal details about the warnings but stated that the company couldn't notify everyone due to the earlier revealed of Meltdown and Spectre vulnerabilities. You can also install it manually from the Microsoft Update Catalog, which ironically is styled like Windows XP. "There are no known reports to indicate that this Spectre variant 2 (CVE 2017-5715) has been used to attack customers, a Microsoft said". Torvalds said developers are now tackling Linux on Arm-based architectures and the Spectre bounds check bypass vulnerability (Variant 1).

To make matters even worse, Intel's Spectre variant 2 mitigation is causing instability (random reboots) on some Windows computers. Intel's still not published a timeframe for when its functioning microcode update will be issued to hardware vendors.

The patch essentially disables the fix for variant two of Spectre but will still protect against the first variant of the flaw.

USA casino magnate quits as Republican finance chair
The Massachusetts Gaming Commission said it is reviewing a license it issued for a resort casino to Wynn Resorts. A person with direct knowledge of the situation said Mr Trump had signed off on the decision for Wynn to resign.

Intel has found itself on the wrong side of a security vulnerability and the company can't seem to figure out how to properly get out of this hole beside continuing to dig down.

Like this: