News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Yet another surprise patch, KB 4078130, for all versions of Windows, disables part of the Meltdown/Spectre patches

    Home Forums AskWoody blog Yet another surprise patch, KB 4078130, for all versions of Windows, disables part of the Meltdown/Spectre patches

    Tagged: 

    This topic contains 64 replies, has 23 voices, and was last updated by

     PKCano 1 year, 5 months ago.

    • Author
      Posts
    • #162586 Reply

      woody
      Da Boss

      More fun ‘n games. Last night, Microsoft released KB 4078130, which is specifically designed to turn off the Intel-identified buggy code in the Mel[See the full post at: Yet another surprise patch, KB 4078130, for all versions of Windows, disables part of the Meltdown/Spectre patches]

      11 users thanked author for this post.
    • #162587 Reply

      AJNorth
      AskWoody Plus

      My own suspicion is that the Universe is not only queerer than we suppose, but queerer than we can suppose.  — J. B. S. Haldane

      (John Burdon Sanderson Haldane, FRS; 5 November 1892 – 1 December 1964)

      4 users thanked author for this post.
    • #162590 Reply

      Seff
      AskWoody Plus

      You have to like this new patching system – install a patch to enable something and then  install another patch to disable it. I hope whoever devised these patches hasn’t been paid twice.

      Thanks for the information. Don’t hurry to review the DefCon rating, Woody, I’m quite happy waiting and doing all the normal things my computer allows me to do when MS, Intel and others aren’t trying their hardest to thwart me.

      To be absolutely honest, I’m dreading the moment I access the site and see DefCon 3!

      10 users thanked author for this post.
      • #162745 Reply

        Jan K.
        AskWoody Lounger

        If we see MS-DEFCON 5, Woody’s site clearly has been hacked…

        Btw. Defcon 3 isn’t really “good”. Even Defcon 4 has troublesome patches, but these will be perfectly documented here.

        2 users thanked author for this post.
    • #162593 Reply

      abbodi86
      AskWoody_MVP

      The dust yet to settle 🙂

      10 users thanked author for this post.
      • #162764 Reply

        Microfix
        Da Boss

        In windy cyberspace..

        ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

        1 user thanked author for this post.
    • #162604 Reply

      Pepsiboy
      AskWoody Lounger

      Sounds to me like more “Much ado about nothing”. Just creating more dust to settle before doing ANYTHING.

      1 user thanked author for this post.
    • #162612 Reply

      WildBill
      AskWoody Plus

      For those who are serving or have served in the military, & those with family & friends who do the same, a familiar theme is showing up: “Hurry up and wait”. The all clear (or not) will eventually sound. Thanks to Woody & all the MVP’s staying on top of things.

      Windows 8.1, 64-bit, now in Group B!
      Wild Bill Rides Again...

      5 users thanked author for this post.
      • #162696 Reply

        Bill C.
        AskWoody Plus

        That applies, but what really applies is the SNAFU one…

        6 users thanked author for this post.
        • #162713 Reply

          anonymous

          Bill C. wrote:

          That applies, but what really applies is the SNAFU one

          Certainly true, except for the folks with persistent BSODs/bricked PCs…

          6 users thanked author for this post.
      • #162702 Reply

        OscarCP
        AskWoody Plus

        Absolutely. And, if I remember correctly, in the Navy there is the saying:

        Don’t just sit there! Get up and run to screw up something!

        1 user thanked author for this post.
    • #162615 Reply

      HiFlyer
      AskWoody Lounger

      Oh the Merry-Go-Round broke down…..

      Th-th-that’s NOT all, folks!

      2 users thanked author for this post.
    • #162648 Reply

      ViperJohn
      AskWoody Lounger

      Wow talk about being late to the party.

      Gibsons InSpectre gave you the ability to easily turn the MS KB Update(s) Meltdown / Spectre mitigations On/Off about 9 days ago ONLY IF your install was actually able to use / be effected by them.  InSpectre’s Enable/Disable buttons were greyed out if not.  InSpectre sets the bit value (0 to 3) of the FeatureSettingsOverride registry value just like MS does.

      Note that with the exception of 32b W10 v1709 only 64b Windows installs can actually use, or be effected by, the MS KB Update Meltdown mitigation.

      The Spectre mitigation in these same MS KB Update(s) can only be used or effect your 32b or 64b install (in any way) IF the new 01/08/2017 Intel Microcodes were applied to your system either by a bios update to your motherboard or directly injected into Windows using VMwares microcode update drivers.

      Viper

      2 users thanked author for this post.
    • #162654 Reply

      anonymous

      I’m hesitant to download something that erases a mitigation against Spectre.

      If this was so important and everyone should use it why didn’t Microsoft put it out through WU?

      4 users thanked author for this post.
    • #162671 Reply

      bobcat5536
      AskWoody Plus

      So if I run Gibson’s scanner and tell it to turn off the Meltdown fix, this would be the same as getting the patch from WU catalog? Would this be a recommended coarse of action, or just wait ?

      • #162675 Reply

        PKCano
        Da Boss

        See @mrbrian ‘s answer here

        1 user thanked author for this post.
        • #162683 Reply

          bobcat5536
          AskWoody Plus

          That link take me to a profile page 🙂

        • #162689 Reply

          bobcat5536
          AskWoody Plus

          So if I read that correctly, if I’m not having any problems leave things alone. I’m still wondering if the disable option in Gibson’s scanner is the same as the Microsoft 4078130 ?

    • #162697 Reply

      anonymous

      Bottom line:  I downloaded KB4056894 earlier this month and am not seeing any problems with data or file corruption so far, so I probably don’t have to download this new update right now?

    • #162711 Reply

      bhen
      AskWoody Lounger

      As somebody with an AMD (A4-5000) and Intel (i5-3337 Ivy Bridge) that hasn’t been hit by the problems that impacted AMD or Intel and have been living peacefully on 16299.192 for a few weeks, I’m not really expecting to get anything. I’ll see soon enough if that’s an accurate prediction.

    • #162712 Reply

      geekdom
      AskWoody Plus

      I neither flash (nor streak).

      Group G{ot backup} Win7Pro · x64 · SP1 · i3-3220 · TestBeta
      1 user thanked author for this post.
      • #162882 Reply

        Cascadian
        AskWoody Lounger

        “Don’t look, Ethel!”
        but it was too late,
        she’d been mooned!

        lyrics to a novelty song that spoofed the crazy fads in the early 1970s.

        1 user thanked author for this post.
        • #162885 Reply

          WildBill
          AskWoody Plus

          For those born after 1974, the song was “The Streak” by Ray Stevens. He spoofed the college fad of running nude (‘streaking’) by having a reporter cover incidents in the song. He always wound up interviewing the same guy with his wife, Ethel. Check Wikipedia or Google “The Streak”.

          Windows 8.1, 64-bit, now in Group B!
          Wild Bill Rides Again...

          3 users thanked author for this post.
          • #162894 Reply

            Cascadian
            AskWoody Lounger

            Couldn’t dig the name out of memory, thanks for closing the loop. I think Ray did Guitarzan, too. Yep, took the time to verify this time. Forgot about Would Jesus Wear a Rolex.

            2 users thanked author for this post.
    • #162735 Reply

      anonymous

      I hope you never have to switch to Defcon NaN because of any foolery.

      1 user thanked author for this post.
    • #162759 Reply

      Fred
      AskWoody Lounger

      More fun ‘n games. Last night, Microsoft released KB 4078130, which is specifically designed to turn off the Intel-identified buggy code in the Mel[See the full post at: Yet another surprise patch, KB 4078130, for all versions of Windows, disables part of the Meltdown/Spectre patches]

      After looking all over the internet for news and support for the ‘very poor quality’ of the socalled vuneralibility updates and bios patch….  I finally had reset/reimaged my pcs to the date end of december 2017; so problems caused by this problemssolutions were ‘solved’ and got back to the original processor-/operatingsystem vunerabilities….

      This message here acknowledges all these problems of bluescreens and lacks of speed…  grrr. nevertheless thanks to this site to give some clarity!

      So, waiting to get some adult and quality patches and solutions from the industry, or is that too much to ask for?;
      For now the suspicion is more and over that these socalled processor flaws are intended-build-in.

      Has the “George Orwells 1984 syndrome” finally infected me too?

      2 users thanked author for this post.
      • #162765 Reply

        Microfix
        Da Boss

        Imaging is the saviour of all hiccups when mis-prescribed patches for PC’s are rife.

        ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

        6 users thanked author for this post.
    • #162760 Reply

      Microfix
      Da Boss

      We have a saying, ‘too many cooks spoil the broth’ , another is ‘the more haste, the less speed’, now the broth smells and tastes foul with PC’s spitting, spluttering and choking.

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      2 users thanked author for this post.
      • #162883 Reply

        Cascadian
        AskWoody Lounger

        Turn off the heat, dump a full box of baking soda on top, wait to cool, and dispose of according to local hazardous waste regulations. Which means bury in an unmarked hole after midnight.

        Humor, of course. And on reread, never dump baking soda on a liquid PH<4ish. Results in volcano science project.

    • #162869 Reply

      John
      AskWoody Lounger

      Just more fixes for the fixes, as the Windows turn soap opera.  Also I wonder having updated Chrome browser to 64 if anyone else noticed any speed loss? Google says the mitigation for Spectre and Meltdown could cause speed issues. Pertains mostly to Google/Chromium V8 as I read it. I then wonder as it stands all these fixes alone probably don’t add up to much in performance loss. But combine them and maybe its a bit worse, considering you have OS fixes, Firmware, browser updates, even potential issues with battery life. We still have yet to get bios fixes that stick, and we could be months before we know how effective any of this is.

    • #162871 Reply

      ViperJohn
      AskWoody Lounger

      Yes, same Reg entry.

      FYI – The settings available on:

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management] “FeatureSettingsOverride”=dword:value

      value = 00000000 = Both Meltdown and Spectre Mitigations Enabled

      value = 00000001 = Meltdown Enabled and Spectre Disabled

      value = 00000002 = Meltdown Disabled and Spectre Enabled

      value = 00000003 = Both Meltdown and Spectre Mitigations Disabled

       

      With Gibsons InSpectre you can set all these values using the separate Meltdown / Spectre Enable / Disable switches. Note the Spectre switch will be greyed out if you do not have Spectre mitigation enabling Microcode installed and the Meltdown switch will be greyed out on 32-bit installs (except 32B W10 v1709).

      I believe from reading MS’s info on the KB4078130 update it sets the “FeatureSettingsOverride” value at an all disabled 00000003.  I have not actually tried it but that is how it’s documentation reads to me.

      Viper

      5 users thanked author for this post.
    • #162896 Reply

      ViperJohn
      AskWoody Lounger

      If I recall from my test, KB4078130 sets this: value = 00000001 = Meltdown Enabled and Spectre Disabled which makes sense to me.

      Yes, this article states that too Disable mitigation against Spectre Variant 2 independently

      Well I reread the article pointed to and I still believe an argument could be made that the value actully set by the KB4078130 update could be either 1 or 3. It’s typical MicroSoft “clear as mud” speak.

      Since MrBrian has tested the KB4078130 update I will bow to his recall of 0000001. I agree it does make the most sense with a title of “Update to Disable Mitigation against Spectre Variant 2” but with MS these days “if ya don’t test ya don’t know for sure”.

      It’s unfortunate that “making sense” and “Microsoft” in the same sentence has become an oxymoron due to a conflict in terms.

      Viper

      2 users thanked author for this post.
    • #162939 Reply

      anonymous

      All this microcode talk I don’t understand. I downloaded the first update, KB4056892 after AVG updated the registry entry at the beginning of the month.. for the first variant and meltdown.. and made sure my BIOS was up to date etc but I don’t understand anything with variant 2 that MS released the update for recently.

      I have an Intel Kaby Lake S CPU PRIME Z270-K and in an article I read that we should check Intel’s microcode revision guide. I found mine (I think) on the list I think but I don’t understand all the numbers etc but then I read in the article about MS update KB4078130 but can’t find it when I search in the MS Update Catalog so I’m like hmm what do I do?

      I haven’t had any crazy and odd things happening with my computer that I’ve noticed.. even after Update restarts after installing an update but I wanted to be safe be I’m good with computers but this microcode, virus stuff confuses me.

      Alece

      EDIT html to txt

      • #162999 Reply

        woody
        Da Boss

        You aren’t alone. It confuses the %$#@! out of me, too.

      • #163024 Reply

        MrBrian
        AskWoody_MVP

        The basic idea is that the updated microcodes add new CPU instructions that the January 2018 Windows updates use to try to mitigate Spectre variant 2. KB 4078130 sets settings that tell Windows not to call those new CPU instructions (for those CPUs that have them).

    • #162959 Reply

      sheldon
      AskWoody Plus

      Hi,

       

      I have a win7 machine, which is easy to control patches/updates…   I am getting a win10 machine in the next couple of days.   What is the best way to control win10 updates/patches?  On the first boot-up of a new machine, is there anyway to prevent it from installing all the patches?

      • #162964 Reply

        PKCano
        Da Boss

        The best way to prevent a new machine from installing anything is to do the first boot OFFLINE. In other words, don’t hook up a network cable, and when it asks about WiFi setup, say “later.”

        I hope your new machine has Win10 Pro. If you have Win10 Home, you have very little control over updates. With Home, you can set your Internet connection to “don’t download over metered connections.” But this also affects other Internet facing software. You can use Mictosoft’s troubleshooter wushowhide to hide updates, but that too doesn’t always work if MS wants to push an update.

        If your new machine comes with Win10 Home, it is well worth the $99.99 to upgrade it to Win10 Pro.

        6 users thanked author for this post.
        • #162966 Reply

          sheldon
          AskWoody Plus

          My new machine will have win10 pro.  What is the best way to control updates/patches?

          • #162971 Reply

            PKCano
            Da Boss

            In Win10 Pro, there are settings in Windows Update to put off quality updates for 30 days and feature updates (upgrades) for up to 365 days. There are also settings in Group Policy to have WU notify for download/install instead of “just do it.” And, again, you can use wushowhide. Woody has a ComputerWorld article on how to block Win10 updates.

            3 users thanked author for this post.
            • #163008 Reply

              anonymous

              Thanks

    • #162981 Reply

      anonymous

      The Register has a good article on Spectre.
      “You can’t ignore Spectre. Look, it’s pressing its nose against your screen.”
      Makes one wonder how screwed up things are going to get as State funded
      hackers get into the game.

    • #162984 Reply

      anonymous

      So @woody, would you recommend as a best pratice installing the Jan 3rd Security Only patch (witch as more updates than just the Spectre / Meltdown), and then install this one (or run Steve Gibson’s tool) to deactivate the Spectre / Meltdown yet keep all the other security updates?

      • #162989 Reply

        PKCano
        Da Boss

        Woody hasn’t published his recommendations for January patching yet. When he raises the DEFCON number to 3 or above, he will publish his recommendations at that time.

        We are at DEFCON-2, which means installing patches at this time is not recommended unless you have a critical reason to do so (like a BSOD, for example). Otherwise the advise is to WAIT.

        6 users thanked author for this post.
    • #162994 Reply

      WildBill
      AskWoody Plus

      As PKCano & Woody recommend, wait until MS-DEFCON changes to a higher number. For more information, click on the ‘MS-DEFCON System’ tab above. IMO, it will probably change to DEFCON 4, but DEFCON 3 is possible too.

      Memo to Da Boss: Details will change, but I see patching possibly going in 2 groups (not necessarily the usual ones) this time:

      Group S1 (for Shy one), who follow MS-DEFCON almost religiously: Install only needed patches, including the usual. Also flashing firmware updates at this time, if OK’ed by Intel/AMD.

      Group B2 (for Bitten twice), who have rushed into things: Install patches that fix various screwups, both Microsoft & Intel/AMD related. Flash or re-flash firmware updates, if needed & OK’ed.

      Windows 8.1, 64-bit, now in Group B!
      Wild Bill Rides Again...

      2 users thanked author for this post.
      • #163044 Reply

        Cascadian
        AskWoody Lounger

        It is a fracturing of what should be kept as simple as ‘possible’. But I cannot argue the logic. Directions when given, are going to be hard to follow and hinge on some dicey syntax. But I found, actually followed a recommendation by Canadian Tech, this site when things did not make sense. So IF it can be simple enough for a dummy, this is the place to get it.

        Looking forward to the product of all efforts here. Thanks all.

        1 user thanked author for this post.
    • #163000 Reply

      ViperJohn
      AskWoody Lounger

      I am getting a win10 machine in the next couple of days. What is the best way to control win10 updates/patches?[/quote

      Well the BEST WAY would be a disk format and an Install of Windows 7.  Short of that perfect solution do first boot with you Internet Modem powered off / disconnected but leave your router powered up so W10 on your new rig can still detect and config its network connection be it wireless or cabled ethernet. After that follow PKCano advice just a few posts up.

      https://www.computerworld.com/article/3138088/microsoft-windows/woodys-win10tip-block-forced-win10-updates.html

      Viper

      2 users thanked author for this post.
    • #163028 Reply

      MrBrian
      AskWoody_MVP

      Woody’s initial post was updated to add a link to Windows surprise patch KB 4078130: The hard way to disable Spectre 2.

    • #163104 Reply

      anonymous

      Well Microsoft is obviously having some sort of issues at the moment.. I was going to wait like PKCano said, but I wanted to load the MS Update Catalog and see if they finally got KB4078130 on the catalog because when I wrote earlier I couldn’t find it.. but NOW the MS Update Catalog is temporatly unavailable but then I reloaded it and saw the update.. it says that the update is only 24KB so I downloaded it and went to install it but nothing happened.. nothing loaded etc. but I had Windows Update open at the time because I had already checked for updates before I downloaded KB4078130  to try and install it. Windows Update said that my device was up to date so I went to install KB4078130  all and the Windows Update randomly started checking for updates and said I had an update for my Kodak Printer that was awaiting to be installed but there was NO install button and it kept randomly checking for updates then it just stopped and Windows Update said that my computer was up to date but NOTHING was installed.. tried it twice but the same thing and after I loaded my Programs & Features menu in Windows 10 through the Control Panel and viewed the installed updates and searched for KB4078130  but nothing was installed.

      I don’t get it.. so should I just WAIT until MS does something more about this whenever the DEFCON rises and MS decides to do more about it then send you to download an update from the catalog instead of sending it to everyone through Windows Update because it didn’t install and it’s not showing in my installed updates.

      Like I said earlier.. I haven’t had any weird issues happening with my desktop that I’ve noticed, just want to be safe but UGHH all this stuff is confusing me and then the MS update from the catalog doesn’t install.. nothing makes sense anymore to me and I’m pretty good with computers for being a girl.

      Alece

      EDIT html to text (we can only use simple BBCodes, not html, so no size changes or colors work by copy>paste)

      • #163122 Reply

        MrBrian
        AskWoody_MVP

        KB4078130 needs to be run with admin privileges. KB4078130 doesn’t install or uninstall; it merely runs.

      • #163126 Reply

        PKCano
        Da Boss

        KB4078130 is not intended for everyone’s use, nor will it be released through Windows Update. It may help those who installed faulty firmware microcode to bypass the faulty function. You don’t need it unless you meet a special criteria.

        Just because Microsoft releases an update doesn’t mean everyone should immediately jump on it and install the patch. Especially those patches released for Catalog only manual download/install which are usually intended for a special purpose and not general distribution. This is one of the reasons for the DEFCON system – so you don’t install patches that are unsafe or not needed. You WAIT for Woody’s approval and guidance.

        7 users thanked author for this post.
        • #163131 Reply

          MrBrian
          AskWoody_MVP

          This answer is also a good answer to other comments in this post asking why this update isn’t available on Windows Update.

          4 users thanked author for this post.
        • #163370 Reply

          anonymous

          I’ll just wait then, since the update didn’t install anything. So you’re suggesting to wait until Woody updates the DEFCON warning on here? When that happens, where would I look?

          Alece

          • #163390 Reply

            PKCano
            Da Boss

            At the top of the home page, the number will change to somewhere between 3 and 5. And there will be a post with a link to an article giving instructions on patching.

            1 user thanked author for this post.
    • #163150 Reply

      John
      AskWoody Lounger

      Noticed this morning the update not available through Update Catalog? Maybe another dud?

    • #163233 Reply

      MrBrian
      AskWoody_MVP

      This text has been added to KB4078130: “Note Users who do not have the affected Intel microcode do not have to download this update.”

      1 user thanked author for this post.
    • #163317 Reply

      MrBrian
      AskWoody_MVP

      From Microsoft rushes Spectre patch to disable Intel’s broken update:

      ‘A source at Microsoft, who wished to stay anonymous, told SearchSecurity the Spectre patch was a difficult situation because “you can’t fix it in firmware alone or software alone.”

      “The chip vendor releases a firmware capability, which the OSes use in a certain way in key situations to mitigate against potential abuse [or] attack. So, to mitigate, you need a firmware update plus an OS that leverages [that update]. It’s symbiotic [and] collaborative,” the source said. “Given that you need both, it was possible that an OS update would rollout on machines that didn’t yet have a firmware update, so the mitigation needed to be able to be ‘on’ or ‘off’ depending [on the presence of Intel’s microcode update].”‘

      4 users thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Yet another surprise patch, KB 4078130, for all versions of Windows, disables part of the Meltdown/Spectre patches

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.