“Temporary pause”
The Meltdown and Spectre attacks have wrought havoc on the hardware industry since their public disclosure last week. The hardware-level CPU flaws can allow user-level applications, such as your web browser, to deduce the contents of system memory. A malicious webpage could steal sensitive in-memory data from your device, without ever making itself known.
Vendors including Intel, AMD, NVIDIA and Microsoft have already begun to push updates for the serious flaws. Since the release, Microsoft’s support forums have been flooded with complaints of AMD devices being left unusable after installing the patch. In a support post yesterday, Microsoft acknowledged the reports and said it has withdrawn the faulty fix from Windows Update.
READ NEXT: Start-up says China leads many areas of AI development
Microsoft has withdrawn published updates before. It doesn’t usually state why though, a form it’s now broken because of the severity of the issue. In its post, it confirmed that AMD devices may be left “in an unbootable state” after installing the company’s Meltdown and Spectre patches. Devices which include one of the affected AMD processor models – predominantly chips over ten years old – will no longer be able to download the fixes from Windows Update.
Microsoft is yet to republish the update or confirm how it will be helping affected PC owners recover their device. Microsoft and AMD are working to resolve the issues so the Meltdown and Spectre patches are accessible to PC users who haven’t already installed them. In the meantime, impacted devices are still at risk of exploit by attackers using the techniques.
“Most” Windows 7 users experience slowdowns
Separately, Microsoft this week addressed complaints of performance loss after installing the Meltdown and Spectre patches. Security researchers had previously warned that the fixes would incur a performance penalty.
In another unusual admission, Microsoft conceded that “most” users of Windows 8 and Windows 7 will experience a noticeable reduction in system performance. Windows 10 customers are less likely to be impacted, although people running the operating system on pre-2015 Intel chips may encounter “significant” slowdowns.
READ NEXT: New Wi-Fi standard offers “robust” encryption and security
The fallout from Meltdown and Spectre is still developing and its real-world impact won’t be apparent until all devices have the patches. Microsoft also confirmed that datacentre servers will be hit with slowdowns that in some cases will be noticeable.
This could directly increase costs to cloud operators and reduce the performance of high-intensity workloads such as virtual machines and AI learning models. Microsoft said security remains its top consideration, above performance, and it’s working with industry partners to update every system.
“A new exploit like this requires our entire industry to work together to find the best possible solutions for our customers,” said Microsoft. “The security of the systems our customers depend upon and enjoy is a top priority for us. We’re also committed to being as transparent and factual as possible to help our customers make the best possible decisions for their devices and the systems that run organizations around the world.”
