![]() |
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Yet another surprise patch, KB 4078130, for all versions of Windows, disables part of the Meltdown/Spectre patches
Home › Forums › AskWoody blog › Yet another surprise patch, KB 4078130, for all versions of Windows, disables part of the Meltdown/Spectre patches
Tagged: KB 4078130
- This topic has 64 replies, 23 voices, and was last updated 2 years, 12 months ago.
Viewing 29 reply threads-
AuthorPosts
-
-
January 27, 2018 at 9:43 am #162586
woody
ManagerMore fun ‘n games. Last night, Microsoft released KB 4078130, which is specifically designed to turn off the Intel-identified buggy code in the Mel[See the full post at: Yet another surprise patch, KB 4078130, for all versions of Windows, disables part of the Meltdown/Spectre patches]
-
January 27, 2018 at 10:27 am #162587
AJNorth
AskWoody Plus -
January 27, 2018 at 10:55 am #162590
Seff
AskWoody PlusYou have to like this new patching system – install a patch to enable something and then install another patch to disable it. I hope whoever devised these patches hasn’t been paid twice.
Thanks for the information. Don’t hurry to review the DefCon rating, Woody, I’m quite happy waiting and doing all the normal things my computer allows me to do when MS, Intel and others aren’t trying their hardest to thwart me.
To be absolutely honest, I’m dreading the moment I access the site and see DefCon 3!
-
January 28, 2018 at 2:03 am #162745
-
-
January 27, 2018 at 11:08 am #162593
abbodi86
AskWoody_MVP-
January 28, 2018 at 3:59 am #162764
-
-
January 27, 2018 at 12:11 pm #162604
-
January 27, 2018 at 12:48 pm #162612
WildBill
AskWoody PlusFor those who are serving or have served in the military, & those with family & friends who do the same, a familiar theme is showing up: “Hurry up and wait”. The all clear (or not) will eventually sound. Thanks to Woody & all the MVP’s staying on top of things.
2 Machines for Now!
#1: Windows 8.1, 64-bit, back in Group A.
#2: Getting close to buying a refurbished Windows 10 64-bit, recently updated to v1909. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...5 users thanked author for this post.
-
January 27, 2018 at 12:57 pm #162615
-
January 27, 2018 at 2:26 pm #162648
ViperJohn
AskWoody LoungerWow talk about being late to the party.
Gibsons InSpectre gave you the ability to easily turn the MS KB Update(s) Meltdown / Spectre mitigations On/Off about 9 days ago ONLY IF your install was actually able to use / be effected by them. InSpectre’s Enable/Disable buttons were greyed out if not. InSpectre sets the bit value (0 to 3) of the FeatureSettingsOverride registry value just like MS does.
Note that with the exception of 32b W10 v1709 only 64b Windows installs can actually use, or be effected by, the MS KB Update Meltdown mitigation.
The Spectre mitigation in these same MS KB Update(s) can only be used or effect your 32b or 64b install (in any way) IF the new 01/08/2017 Intel Microcodes were applied to your system either by a bios update to your motherboard or directly injected into Windows using VMwares microcode update drivers.
Viper
-
January 27, 2018 at 3:07 pm #162654
anonymous
Guest -
January 27, 2018 at 4:22 pm #162671
bobcat5536
AskWoody Plus-
January 27, 2018 at 4:28 pm #162675
-
January 27, 2018 at 4:56 pm #162683
bobcat5536
AskWoody Plus-
January 27, 2018 at 5:06 pm #162686
-
-
January 27, 2018 at 5:14 pm #162689
bobcat5536
AskWoody Plus
-
-
-
January 27, 2018 at 5:49 pm #162697
-
January 27, 2018 at 7:39 pm #162711
bhen
AskWoody LoungerAs somebody with an AMD (A4-5000) and Intel (i5-3337 Ivy Bridge) that hasn’t been hit by the problems that impacted AMD or Intel and have been living peacefully on 16299.192 for a few weeks, I’m not really expecting to get anything. I’ll see soon enough if that’s an accurate prediction.
-
January 27, 2018 at 7:47 pm #162712
geekdom
AskWoody PlusI neither flash (nor streak).
Beta Work {Got backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender TRV=1909 WuMgr
offline▸ Win10Pro 20H2.19042.685 x86 Atom N270 RAM2GB HDD WindowsDefender WuMgr GuineaPigVariant
online▸ Win10Pro 2004.19041.746 x64 i5-9400 RAM16GB HDD Firefox85.0 WindowsDefender TRV=2004 WuMgr1 user thanked author for this post.
-
January 28, 2018 at 4:35 pm #162882
Cascadian
AskWoody Lounger-
January 28, 2018 at 4:53 pm #162885
WildBill
AskWoody PlusFor those born after 1974, the song was “The Streak” by Ray Stevens. He spoofed the college fad of running nude (‘streaking’) by having a reporter cover incidents in the song. He always wound up interviewing the same guy with his wife, Ethel. Check Wikipedia or Google “The Streak”.
2 Machines for Now!
#1: Windows 8.1, 64-bit, back in Group A.
#2: Getting close to buying a refurbished Windows 10 64-bit, recently updated to v1909. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...-
January 28, 2018 at 5:41 pm #162894
-
-
-
-
January 28, 2018 at 12:46 am #162735
-
January 28, 2018 at 3:39 am #162759
Fred
AskWoody PlusMore fun ‘n games. Last night, Microsoft released KB 4078130, which is specifically designed to turn off the Intel-identified buggy code in the Mel[See the full post at: Yet another surprise patch, KB 4078130, for all versions of Windows, disables part of the Meltdown/Spectre patches]
After looking all over the internet for news and support for the ‘very poor quality’ of the socalled vuneralibility updates and bios patch…. I finally had reset/reimaged my pcs to the date end of december 2017; so problems caused by this problemssolutions were ‘solved’ and got back to the original processor-/operatingsystem vunerabilities….
This message here acknowledges all these problems of bluescreens and lacks of speed… grrr. nevertheless thanks to this site to give some clarity!
So, waiting to get some adult and quality patches and solutions from the industry, or is that too much to ask for?;
For now the suspicion is more and over that these socalled processor flaws are intended-build-in.Has the “George Orwells 1984 syndrome” finally infected me too?
~ ~ ~-
January 28, 2018 at 4:05 am #162765
-
-
January 28, 2018 at 3:40 am #162760
Microfix
AskWoody MVPWe have a saying, ‘too many cooks spoil the broth’ , another is ‘the more haste, the less speed’, now the broth smells and tastes foul with PC’s spitting, spluttering and choking.
No problem can be solved from the same level of consciousness that created IT- AE-
January 28, 2018 at 4:45 pm #162883
Cascadian
AskWoody LoungerTurn off the heat, dump a full box of baking soda on top, wait to cool, and dispose of according to local hazardous waste regulations. Which means bury in an unmarked hole after midnight.
Humor, of course. And on reread, never dump baking soda on a liquid PH<4ish. Results in volcano science project.
-
-
January 28, 2018 at 1:38 pm #162869
_Reassigned Account
AskWoody LoungerJust more fixes for the fixes, as the Windows turn soap opera. Also I wonder having updated Chrome browser to 64 if anyone else noticed any speed loss? Google says the mitigation for Spectre and Meltdown could cause speed issues. Pertains mostly to Google/Chromium V8 as I read it. I then wonder as it stands all these fixes alone probably don’t add up to much in performance loss. But combine them and maybe its a bit worse, considering you have OS fixes, Firmware, browser updates, even potential issues with battery life. We still have yet to get bios fixes that stick, and we could be months before we know how effective any of this is.
-
January 28, 2018 at 2:39 pm #162871
ViperJohn
AskWoody LoungerYes, same Reg entry.
FYI – The settings available on:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management] “FeatureSettingsOverride”=dword:value
value = 00000000 = Both Meltdown and Spectre Mitigations Enabled
value = 00000001 = Meltdown Enabled and Spectre Disabled
value = 00000002 = Meltdown Disabled and Spectre Enabled
value = 00000003 = Both Meltdown and Spectre Mitigations Disabled
With Gibsons InSpectre you can set all these values using the separate Meltdown / Spectre Enable / Disable switches. Note the Spectre switch will be greyed out if you do not have Spectre mitigation enabling Microcode installed and the Meltdown switch will be greyed out on 32-bit installs (except 32B W10 v1709).
I believe from reading MS’s info on the KB4078130 update it sets the “FeatureSettingsOverride” value at an all disabled 00000003. I have not actually tried it but that is how it’s documentation reads to me.
Viper
-
January 28, 2018 at 6:03 pm #162896
ViperJohn
AskWoody LoungerIf I recall from my test, KB4078130 sets this: value = 00000001 = Meltdown Enabled and Spectre Disabled which makes sense to me.
Yes, this article states that too Disable mitigation against Spectre Variant 2 independently
Well I reread the article pointed to and I still believe an argument could be made that the value actully set by the KB4078130 update could be either 1 or 3. It’s typical MicroSoft “clear as mud” speak.
Since MrBrian has tested the KB4078130 update I will bow to his recall of 0000001. I agree it does make the most sense with a title of “Update to Disable Mitigation against Spectre Variant 2” but with MS these days “if ya don’t test ya don’t know for sure”.
It’s unfortunate that “making sense” and “Microsoft” in the same sentence has become an oxymoron due to a conflict in terms.
Viper
-
January 29, 2018 at 2:23 am #162939
anonymous
GuestAll this microcode talk I don’t understand. I downloaded the first update, KB4056892 after AVG updated the registry entry at the beginning of the month.. for the first variant and meltdown.. and made sure my BIOS was up to date etc but I don’t understand anything with variant 2 that MS released the update for recently.
I have an Intel Kaby Lake S CPU PRIME Z270-K and in an article I read that we should check Intel’s microcode revision guide. I found mine (I think) on the list I think but I don’t understand all the numbers etc but then I read in the article about MS update KB4078130 but can’t find it when I search in the MS Update Catalog so I’m like hmm what do I do?
I haven’t had any crazy and odd things happening with my computer that I’ve noticed.. even after Update restarts after installing an update but I wanted to be safe be I’m good with computers but this microcode, virus stuff confuses me.
Alece
EDIT html to txt
-
January 29, 2018 at 6:14 am #162959
sheldon
AskWoody Plus-
January 29, 2018 at 6:39 am #162964
PKCano
ManagerThe best way to prevent a new machine from installing anything is to do the first boot OFFLINE. In other words, don’t hook up a network cable, and when it asks about WiFi setup, say “later.”
I hope your new machine has Win10 Pro. If you have Win10 Home, you have very little control over updates. With Home, you can set your Internet connection to “don’t download over metered connections.” But this also affects other Internet facing software. You can use Mictosoft’s troubleshooter wushowhide to hide updates, but that too doesn’t always work if MS wants to push an update.
If your new machine comes with Win10 Home, it is well worth the $99.99 to upgrade it to Win10 Pro.
-
January 29, 2018 at 7:06 am #162966
sheldon
AskWoody Plus-
January 29, 2018 at 7:18 am #162971
PKCano
ManagerIn Win10 Pro, there are settings in Windows Update to put off quality updates for 30 days and feature updates (upgrades) for up to 365 days. There are also settings in Group Policy to have WU notify for download/install instead of “just do it.” And, again, you can use wushowhide. Woody has a ComputerWorld article on how to block Win10 updates.
-
January 29, 2018 at 1:48 pm #163008
-
-
-
-
-
January 29, 2018 at 9:06 am #162981
-
January 29, 2018 at 9:50 am #162984
anonymous
Guest-
January 29, 2018 at 9:54 am #162989
PKCano
ManagerWoody hasn’t published his recommendations for January patching yet. When he raises the DEFCON number to 3 or above, he will publish his recommendations at that time.
We are at DEFCON-2, which means installing patches at this time is not recommended unless you have a critical reason to do so (like a BSOD, for example). Otherwise the advise is to WAIT.
-
-
January 29, 2018 at 11:31 am #162994
WildBill
AskWoody PlusAs PKCano & Woody recommend, wait until MS-DEFCON changes to a higher number. For more information, click on the ‘MS-DEFCON System’ tab above. IMO, it will probably change to DEFCON 4, but DEFCON 3 is possible too.
Memo to Da Boss: Details will change, but I see patching possibly going in 2 groups (not necessarily the usual ones) this time:
Group S1 (for Shy one), who follow MS-DEFCON almost religiously: Install only needed patches, including the usual. Also flashing firmware updates at this time, if OK’ed by Intel/AMD.
Group B2 (for Bitten twice), who have rushed into things: Install patches that fix various screwups, both Microsoft & Intel/AMD related. Flash or re-flash firmware updates, if needed & OK’ed.
2 Machines for Now!
#1: Windows 8.1, 64-bit, back in Group A.
#2: Getting close to buying a refurbished Windows 10 64-bit, recently updated to v1909. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...-
January 29, 2018 at 4:43 pm #163044
Cascadian
AskWoody LoungerIt is a fracturing of what should be kept as simple as ‘possible’. But I cannot argue the logic. Directions when given, are going to be hard to follow and hinge on some dicey syntax. But I found, actually followed a recommendation by Canadian Tech, this site when things did not make sense. So IF it can be simple enough for a dummy, this is the place to get it.
Looking forward to the product of all efforts here. Thanks all.
1 user thanked author for this post.
-
-
January 29, 2018 at 12:35 pm #163000
ViperJohn
AskWoody LoungerI am getting a win10 machine in the next couple of days. What is the best way to control win10 updates/patches?[/quote
Well the BEST WAY would be a disk format and an Install of Windows 7. Short of that perfect solution do first boot with you Internet Modem powered off / disconnected but leave your router powered up so W10 on your new rig can still detect and config its network connection be it wireless or cabled ethernet. After that follow PKCano advice just a few posts up.
Viper
2 users thanked author for this post.
-
January 29, 2018 at 4:18 pm #163036
sheldon
AskWoody PlusThanks – actually isn’t this article the most up to date: https://www.computerworld.com/article/3215668/windows-pcs/8-steps-to-install-windows-10-patches-like-a-pro.html
-
-
January 29, 2018 at 3:03 pm #163028
MrBrian
AskWoody_MVPWoody’s initial post was updated to add a link to Windows surprise patch KB 4078130: The hard way to disable Spectre 2.
-
January 30, 2018 at 1:19 am #163104
anonymous
GuestWell Microsoft is obviously having some sort of issues at the moment.. I was going to wait like PKCano said, but I wanted to load the MS Update Catalog and see if they finally got KB4078130 on the catalog because when I wrote earlier I couldn’t find it.. but NOW the MS Update Catalog is temporatly unavailable but then I reloaded it and saw the update.. it says that the update is only 24KB so I downloaded it and went to install it but nothing happened.. nothing loaded etc. but I had Windows Update open at the time because I had already checked for updates before I downloaded KB4078130 to try and install it. Windows Update said that my device was up to date so I went to install KB4078130 all and the Windows Update randomly started checking for updates and said I had an update for my Kodak Printer that was awaiting to be installed but there was NO install button and it kept randomly checking for updates then it just stopped and Windows Update said that my computer was up to date but NOTHING was installed.. tried it twice but the same thing and after I loaded my Programs & Features menu in Windows 10 through the Control Panel and viewed the installed updates and searched for KB4078130 but nothing was installed.
I don’t get it.. so should I just WAIT until MS does something more about this whenever the DEFCON rises and MS decides to do more about it then send you to download an update from the catalog instead of sending it to everyone through Windows Update because it didn’t install and it’s not showing in my installed updates.
Like I said earlier.. I haven’t had any weird issues happening with my desktop that I’ve noticed, just want to be safe but UGHH all this stuff is confusing me and then the MS update from the catalog doesn’t install.. nothing makes sense anymore to me and I’m pretty good with computers for being a girl.
Alece
EDIT html to text (we can only use simple BBCodes, not html, so no size changes or colors work by copy>paste)
-
January 30, 2018 at 4:44 am #163122
-
January 30, 2018 at 5:11 am #163126
PKCano
ManagerKB4078130 is not intended for everyone’s use, nor will it be released through Windows Update. It may help those who installed faulty firmware microcode to bypass the faulty function. You don’t need it unless you meet a special criteria.
Just because Microsoft releases an update doesn’t mean everyone should immediately jump on it and install the patch. Especially those patches released for Catalog only manual download/install which are usually intended for a special purpose and not general distribution. This is one of the reasons for the DEFCON system – so you don’t install patches that are unsafe or not needed. You WAIT for Woody’s approval and guidance.
-
-
January 30, 2018 at 8:06 am #163150
_Reassigned Account
AskWoody Lounger-
January 30, 2018 at 9:56 am #163171
-
-
January 30, 2018 at 1:08 pm #163233
-
January 30, 2018 at 5:25 pm #163317
MrBrian
AskWoody_MVPFrom Microsoft rushes Spectre patch to disable Intel’s broken update:
‘A source at Microsoft, who wished to stay anonymous, told SearchSecurity the Spectre patch was a difficult situation because “you can’t fix it in firmware alone or software alone.”
“The chip vendor releases a firmware capability, which the OSes use in a certain way in key situations to mitigate against potential abuse [or] attack. So, to mitigate, you need a firmware update plus an OS that leverages [that update]. It’s symbiotic [and] collaborative,” the source said. “Given that you need both, it was possible that an OS update would rollout on machines that didn’t yet have a firmware update, so the mitigation needed to be able to be ‘on’ or ‘off’ depending [on the presence of Intel’s microcode update].”‘
-
-
AuthorPosts
Viewing 29 reply threads -
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Search The Lounge
Recent Replies
Alex5723 on iOS/iPadOS 14.3, WatchOS 7.2 released
22 minutes agoPaul T on Freeware Spotlight – Immunet 7
39 minutes agoPaul T on Windows 10 2004/20H2 Not Being Offered Due to Conexant HD Audio Issue
43 minutes agoanonymous on Kudos to NWS for their new radar site
45 minutes agowavy on Websites that still require Flash after EOL
55 minutes agoGoneToPlaid on Freeware Spotlight – Immunet 7
1 hour, 2 minutes agob on Windows 10 2004/20H2 Not Being Offered Due to Conexant HD Audio Issue
1 hour, 4 minutes agoGoneToPlaid on SFC errors not repairable, upgrade to 2004?
1 hour, 7 minutes agoSusan Bradley on Windows 10 2004/20H2 Not Being Offered Due to Conexant HD Audio Issue
1 hour, 13 minutes agoCybertooth on Outlook on Vista
1 hour, 26 minutes agojoep517 on Latest increase in no. of Win 10 services
1 hour, 54 minutes agoanonymous on Computer running slowly when using Wi-Fi since last Windows update
2 hours, 18 minutes agoanonymous on SFC errors not repairable, upgrade to 2004?
2 hours, 20 minutes agoWCHS on Comments on AKB 2000016: Guide for Windows Update Settings for Windows 10
3 hours, 4 minutes agoGoneToPlaid on Hard Drive at 100% usage
3 hours, 26 minutes agoPaul on Windows 10 2004/20H2 Not Being Offered Due to Conexant HD Audio Issue
3 hours, 32 minutes agoPaul T on Comments on AKB 2000016: Guide for Windows Update Settings for Windows 10
3 hours, 37 minutes agoussrankin on Linking a graphic to a website
3 hours, 43 minutes agotpbrownec on SFC errors not repairable, upgrade to 2004?
3 hours, 52 minutes agoTex265 on Comments on AKB 2000016: Guide for Windows Update Settings for Windows 10
4 hours, 36 minutes agodmt_3904 on iOS 14 : Bug with Mail aliases
4 hours, 51 minutes agoPaul T on Stop paying $200 a year for your Internet cable modem
5 hours, 25 minutes agoSlacker2008 on Stop paying $200 a year for your Internet cable modem
5 hours, 28 minutes agoanonymous on Sorting alphanumeric text
5 hours, 50 minutes agorc primak on Freeware Spotlight – Immunet 7
6 hours, 43 minutes agoAlex5723 on iOS 14 : Bug with Mail aliases
7 hours, 15 minutes agoAscaris on What Linux is and why it has persisted
7 hours, 28 minutes agoCraigS26 on Comments on AKB 2000016: Guide for Windows Update Settings for Windows 10
8 hours, 3 minutes agoPaul T on Websites that still require Flash after EOL
8 hours, 19 minutes agoPaul T on Links not working in some e-mails
8 hours, 22 minutes ago
Recent Topics
-
Outlook on Vista
1 hour, 27 minutes ago
-
Latest increase in no. of Win 10 services
1 hour, 55 minutes ago
-
Outlook 365 – Title bar – Folder Name
13 hours, 20 minutes ago
-
Office 365 Outlook getting rejected by some servers
8 hours, 59 minutes ago
-
Firefox 85 released
20 hours, 11 minutes ago
-
Video & Sound Cards ?
19 hours, 6 minutes ago
-
newsd process on Big Sur downloading MASSIVE amounts of traffic
1 day, 1 hour ago
-
No bootable device (sometimes!)
1 day, 1 hour ago
-
email providers
1 day, 2 hours ago
-
Legacy Teams Client Download
1 day, 2 hours ago
-
Accidentally hit “Pause Updates” , now what?
23 hours, 13 minutes ago
-
My neighbours’ media devices
13 hours, 1 minute ago
-
Links not working in some e-mails
8 hours, 23 minutes ago
-
Excess heat during laptop recharging?
13 hours, 21 minutes ago
-
Hackers are running your smart home
21 hours, 54 minutes ago
-
Freeware Spotlight – Immunet 7
40 minutes ago
-
Schrödinger’s Bill
18 hours, 50 minutes ago
-
Sorting alphanumeric text
9 hours, 34 minutes ago
-
Potential for iPhone 12 and MagSafe to Interfere With Medical Devices
1 day, 6 hours ago
-
Computer running slowly when using Wi-Fi since last Windows update
1 day, 10 hours ago
-
Websites that still require Flash after EOL
56 minutes ago
-
WinSlap (Windows 10 Privacy tool)
1 day, 21 hours ago
-
Using USB flash drive for both windows and on a Chromebook
9 hours, 53 minutes ago
-
Chrome browser stopped playing video
1 day, 3 hours ago
-
Apple News Wrap Up: January 23, 2020
2 days, 10 hours ago
-
Tasks for the Weekend – January 23, 2021
1 day ago
-
Need inexpensive domain
2 days, 10 hours ago
-
Outlook 2019 send and receive
2 days, 10 hours ago
-
Can’t add, or remove, any bluetooth device
1 day, 5 hours ago
-
Customize the mouse w10 2004–19041.746
2 days, 21 hours ago
Search for Topics
Recent blog posts
Key Links
Copyright © 2004 – 2021 AskWoody Tech LLC. All rights reserved.