back to article More stuff broken amid Microsoft's efforts to fix Meltdown/Spectre vulns

More examples have emerged of security fixes for the Meltdown vulnerability breaking things. Patching against CVE-2017-5753 and CVE-2017-5715 (Spectre) and CVE-2017-5754 (Meltdown) borks both the PulseSecure VPN client and Sandboxie, the sandbox-based isolation program developed by Sophos. radiation symbol Microsoft patches …

  1. Z80

    It broke Asus' AI Suite software as well - caused a nice repeating error window to start cascading across my desktop. I was just using one component of it to set my own fan curves but I've just uninstalled it for now. Asus appear to have released a beta update but it's based on a newer version and I don't know if it supports my old board because, erm, I haven't tried it yet.

  2. Sgt_Oddball
    Windows

    I remember the days ....

    Where software/hardware bugs just got a error number and a patch releases that had been tested to not take out your PC when it was updated... they even didn't bother to name them.....

    Good times.......

    1. Michael B.

      Re: I remember the days ....

      When was that golden age then? I certainly remember patching taking out machines going way back.

      1. Sgt_Oddball

        Re: I remember the days ....

        Before windows was properly a thing.. on Amiga maybe? Dunno, seems so long ago now....

        1. big_D Silver badge

          Re: I remember the days ....

          On the Amiga? You got updates when the next version of the OS was released, you didn't get patches, generally.

      2. Anonymous Coward
        Anonymous Coward

        Re: I remember the days ....

        When was that golden age then?

        It pretty much ended when Worries for Workgroups was released..

    2. big_D Silver badge

      Re: I remember the days ....

      But you didn't have the press shouting Armageddon from the roof tops before the patches were finished and forcing people's hands.

    3. Anonymous Coward
      Anonymous Coward

      Re: I remember the days ....

      Was that before Intel alone had thousands of different chips and chip sets out there?

  3. Anonymous Coward
    Anonymous Coward

    Systems without an AV may need the reg key to be set manually

    Or the patch won't appear in Windows Update.

    1. Ken Hagan Gold badge

      Re: Systems without an AV may need the reg key to be set manually

      "Or the patch won't appear in Windows Update."

      Or any other patch, from now on, perhaps? Presumably MS will rig the WU software so that it tells you that updates are not being provided and this is what you can do about it. Presumably...

      1. hellwig

        Re: Systems without an AV may need the reg key to be set manually

        I'm assuming they'll just bug you to enable Windows Defender over and over.

        Cue the EU lawsuit in 3..... 2.....

        1. Adrian 4
          Holmes

          Re: Systems without an AV may need the reg key to be set manually

          So .. were all these AV suites using the bug mechanism to peek ring 0 already ?

          1. Tom Paine

            Re: Systems without an AV may need the reg key to be set manually

            No. That is not the problem with AV and these patches.

  4. TaabuTheCat

    Add Symantec Endpoint Protection to the broken list...

    https://support.symantec.com/en_US/article.TECH248552.html

    "However, Symantec plans to release a hotfix to address the issue, and recommends that the Microsoft Windows Security Updates released on January 3rd, 2018 updates not be applied to systems until a hotfix is available for the affected versions."

    Working AV or vulnerable system? Guess that's your choice.

    1. Tom Paine

      Re: Add Symantec Endpoint Protection to the broken list...

      That's odd, they've told us they're compatible, our testing appears to confirm that so far, and @GossiTheDog (aka Kevin B, whose spreadsheet is linked from the article) lists it as fixed.

      1. hamiheim

        Re: Add Symantec Endpoint Protection to the broken list...

        According to the article linked, and testing that I've done, it technically is compatible, i.e. it doesn't cause BSOD as previously predicted, however on Win 8 or greater machines (Server 2012 or greater) after applying the MS patch, the SEP client reports errors in the SysTray but not the UI on the client. Symantec assures "At this time, this issue has no functional impact on the protection technology of the SEP client." but still recommends not installing the MS update until a hotfix is in place.

  5. Lorribot

    SCCM potentially affected

    Seen some suggestions that the fixes break Microsoft's own SCCM.

    1. Anonymous Coward
      Anonymous Coward

      Re: SCCM potentially affected

      There was something on the Microsoft site warning about patching SQL Servers that are used for SCCM. I can't seem to find it now, but the implication there was patching the SQL Server would break SCCM and to hold off patching those for now.

      It was about a week ago I saw that, so it's probably changed now anyway. It was a temporary "just hold off while we figure out what's going on" type warning.

  6. beep54
    Devil

    Fix?

    "Microsoft" and "fixes something" are two things that really do not belong in the same sentence.

    1. DJV Silver badge
      Joke

      Re: Fix?

      Oh, I don't know - how about "Microsoft fixed my computer so that it no longer works at all."

  7. Michael Thibault

    Your hero is so reverent! It's a nice change, and change is good.

  8. Anonymous Coward
    Anonymous Coward

    As we have witnessed countless times, especially in the 'new era' Microsoft

    The official patching is often more harmful than the problems it purports to solve.

    1. Anonymous Coward
      Anonymous Coward

      Re: As we have witnessed countless times, especially in the 'new era' Microsoft

      While MS have screwed up too many patches in the last few years, it is dlfficult to blame them in this case. They are having to make fundamental changes to the way the OS deals with virtual memory due to a problem not of their making. I am sure they have done extensive testing with as much hardware/software as possible, but at the end of the day they can't test everything and the patches had to go out last week.

      If developers are going to be naughty, not follow the rules and make undocumented calls to the OS, it is hard to blame MS when their software breaks due to these forced changes.

    2. TReko

      Re: As we have witnessed countless times, especially in the 'new era' Microsoft

      Microsoft now uses its users for testing purposes.

      That has allowed them to downsize their QA dept which is now mostly redundant.

  9. Anonymous Coward
    Trollface

    Get rid!

    This has smoked out all the s/w that wasn’t using documented API but instead increasing the attack surface by messing about with OS data in memory. Poorly written and fragile s/w needs to get binned.

  10. Anonymous Coward
    Anonymous Coward

    Is GPU also too?

    wonder if GPU from nvidia or intel are vulns too?

    1. Michael Wojcik Silver badge

      Re: Is GPU also too?

      GPUs won't be vulnerable to Meltdown, because they don't have privilege levels. At least I'm not aware of any that do.

      GPUs traditionally did not provide speculative execution; their die space went to features that improved compute-intensive SIMD workloads. See for example this 2009 whitepaper on nVidia's Fermi architecture. The Spectre family of attacks depends on speculative execution.1

      I haven't paid attention to the last several years' developments in GPU architectures, though, and it's conceivable that designers have started incorporating more speculation features into them.

      Better questions: What might a side-channel attack like Spectre achieve on a GPU? Spectre is only interesting if the attack code can gain access to data that it shouldn't be able to read. And are there better existing attacks on such data? For that question, you might want to look at the CUDA Leaks paper from 2013. Again, obviously, that's relatively old, and memory protection in GPUs may have moved forward.

      1However, it's entirely possible that there are other memory-probing side-channel attacks which don't require spec-ex, as I've noted in comments on other stories.

      1. Steve Jackson

        Re: Is GPU also too?

        Pretty much everything can be rewritten to at least mitigate Spectre

        http://nvidia.custhelp.com/app/answers/detail/a_id/4610

        1. ididnttry

          Re: Is GPU also too?

          great info. but nvidia is not telling any performance dip..

    2. Steve Jackson

      Re: Is GPU also too?

      Acer haven't updated the Intel GPU drivers on my laptop since the release of W10.

  11. Nimby
    Trollface

    Control! Must. Have. Control.

    The good news is that one of the many things that Microsoft just broke is their own forced Windows Update on Win10 Home users. There is now a convenient registry key that allows you to stop Microsoft from updating your Windows 10 box so that you can update it when (and if) you want to. I wonder how long it will take before people start making software to leverage this registry key for easy control without regedit. Combine it with a Win7-style start menu replacement and you almost have a usable version of Windows again.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like