Skip to main content

Revised patch released to diable mitigation against Spectre variant 2

Intel has confirmed that the microcode updates designed to mitigate Spectre variant 2 (CVE-2017-5715: Branch Target Injection) have introduced an increased risk of system instability, data loss and corruption.

Intel has released an advisory recommending that users cease deployment of the current microcode update (Root Cause of Reboot Issue Identified).

In response to this, Microsoft has released an updated security advisory, Update to Disable Mitigation Against Spectre, variant 2, and associated patch which disables this specific mitigation.

The ACSC recommends that organisations cease deploying the microcode updates currently available. For systems that have already received the microcode patch, it is recommended that organisations apply vendor-supplied patches which disable the specific problematic Spectre variant 2 mitigation.

As part of this revised patch released by Microsoft, organisations have the option to manually enable or disable the mitigation. Organisations may determine that the increased risk of instability, data loss and corruption is unacceptable in order to mitigate the Spectre variant 2 vulnerability. For further information on enabling or disabling the mitigation, consult 'Disable mitigation against Spectre variant 2 independently' on Microsoft: Windows client guidance for IT pro's to protect against speculative execution side- channel vulnerabilities.