In the words of Linux creator Linus Torvalds, Intel’s attempts to mitigate against the Spectre flaw have been “complete and utter garbage.” It’s hard to argue with that statement, especially now that Microsoft has been forced to issue an out-of-cycle emergency Windows update to disable the patch mitigation for Spectre variant 2, which was causing reboots, stability issues, and, in worse cases, loss or corruption of data.
Intel admitted that its microcode was causing random system restarts and recommended that users stop installing them. But it wasn’t as forthcoming when it came to warnings of “data loss and corruption,” which were found in its recent fourth-quarter results.
"Our own experience is that system instability can in some circumstances cause data loss or corruption," Microsoft said.
"We understand that Intel is continuing to investigate the potential impact of the current microcode version and encourage customers to review their guidance on an ongoing basis to inform their decisions."
To prevent these issues, Microsoft has released a new software update for Windows 7, Windows 8.1, and Windows 10 to disable mitigation against Spectre variant 2. Those that installed Intel's now withdrawn Microcode patches via a BIOS update might want to downloaded the update from the Microsoft Update Catalog website.
Microsoft says it is also offering a new option that allows advanced users to manually disable and enable the mitigation for Spectre variant 2 through registry key changes.
Microsoft notes that there still haven’t been any attacks used against customers that exploit Spectre, but that doesn’t mean it shouldn’t be a concern. It recommends that Windows users re-enable the mitigation once Intel releases microcode that doesn’t cause systems to reboot or destroys user data.
During a conference call following Intel’s earnings report, CEO Brian Krzanich told investors that a silicon-based fix for Spectre and Meltdown would appear in new hardware sometime in 2018.