New Meltdown and Spectre CPU vulnerabilities

On January 3, 2018, Microsoft released updates to patch Windows, SQL server, Internet Explorer, Microsoft Edge to address the Meltdown and Spectre flaws in CPU’s across the industry.  Unfortunately, Microsoft also warned users that its patches for these CPU bugs may not reach them if their third-party antivirus hasn’t been updated to support this week’s Windows security updates.

As of January 5th, the following A/V companies were reporting that they did not yet support the Microsoft patch process for Meltdown and Spectre fixes:

BitDefender, Carbon Black, Cisco AMP, Cyren F-Prot, G-Data A/V, Palo Alto TRAPS, Vipre Endpoint

This means that if you’re using one of these anti-virus products, even if you applied your Windows Updates after the release date, they may not have applied.

If you’re using one of these A/V products and aren’t one of our Managed clients, we suggest you contact that vendor to find out when they’re going to be ready to accept the updates for your PC’s from Microsoft.  If you’re one of our Managed clients, don’t worry, you’re not using any of these products.

AMD Processor Issues

Microsoft suspended its Meltdown updates for AMD systems after some customers reported booting issues once the Windows Updates were installed. AMD and Microsoft have reportedly been working on the issues so if you’ve got systems with AMD processors, you may want to confirm that you have the most recent Microsoft patches applied and see if your AMD processor are on the list of unsupported CPUs.

CPU Firmware Updates

Surface and Surface Book users can expect an automatic firmware update from Microsoft shortly but those with other hardware will need to check with their vendors.

Intel last week confirmed that some if it’s firmware patches for the CPU flaws have been causing a higher number of reboots on Broadwell and Haswell chips. The company had reportedly told its datacenter customers to hold off on applying the patch due to the errors.

Rockwell Automation has also reported some problems in its FactoryTalk-based products after installing Microsoft’s patches including problems logging on to Rockwell’s security server, issues with the FactoryTalk admin console, and various other error messages.

If you’re a Managed client of ours, be assured that we’re addressing issues as they are reported by the manufacturers and publishers.  If you’re not one of our Managed clients and would like our assistance, please call ACT at (847) 639-7000.