News

Microsoft Blocks Windows Fixes After Reports of 'Bricked' AMD PCs

• By Kurt Mackie
• 01/09/2018

• Related: Microsoft Confirms System Slowdowns from Fixes to Meltdown and Spectre Attack Methods

Microsoft on Tuesday confirmed that some computers with AMD chipsets were put into an unbootable state after receiving Jan. 3 Windows updates designed to address the Meltdown and Spectre attack methods.

Meltdown and Spectre are two attack methods potentially affecting all computer devices because of how modern CPUs function. Some AMD-based machines reportedly got "bricked" by Windows updates designed to address those attack methods, and so Microsoft is now blocking the updates for all machines with "impacted AMD processors," the company explained in a support article dated Jan. 9. The support article listed nine Windows updates that caused the system freezes, with most dated from Jan. 3.

The support article didn't explain which AMD systems were affected. Microsoft blamed AMD's documentation for the glitch.

"After investigating, Microsoft has determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown," the support article explained. Microsoft is working with AMD on the issue and plans to "resume Windows OS security updates to the affected AMD devices via Windows Update and WSUS [Windows Server Update Services] as soon as possible," the article added.

The Windows updates will only arrive if a system's anti-malware solution isn't making unsupported kernel calls, a requirement that Microsoft explained in this support document. The compliance of various anti-malware vendors on that front is tracked in a spreadsheet compiled by security researcher Kevin Beaumont. He described the issues with anti-malware vendors in this article, which contains a link to his spreadsheet.

The reports about getting unbootable PCs after the Jan. 3 Windows updates seemed to be associated with AMD Athlon processors. For instance, on Jan. 4, a user described getting an unbootable Asus machine with an AMD Athlon 64 6000+ chip in this complaint, which was posted in a Microsoft community forum. According to that post, 996 people had the same problem.

Microsoft's Jan. 3 patches were supposed to address both the Meltdown and Spectre attack methods. However, AMD has claimed that its processors aren't subject to the Meltdown threat, which has only been demonstrated to be a problem on Intel processors.

Some officials, such as OpenBSD Founder Theo de Raadt, have suggested that Intel obscured a problem that was primarily concerned with Meltdown by adding the Spectre attack method into the mix, which affects all processors (Intel, AMD and ARM), according to this ITWire article.

Possibly, there aren't patches available yet for Spectre. At least that seems to be the view of this Jan. 8 Cisco Talos security post.

"Currently no patches are available for Spectre," Cisco's Talos post stated. "As soon as Operating System patches are available for Spectre, we recommend that you apply them to your system as soon as possible."

Spectre is considered to be a harder attack method to block than Meltdown, although Meltdown is easier for attackers to implement. Meltdown is easier because it defeats "Kernel Address Space Randomization," according to Cisco.

Both attack methods exploit a normal CPU process called "speculative execution" to extract privileged operating system kernel information. It's possible to use those methods to extract passwords and encryption key information, for example. In response, the industry as a whole has issued operating system updates and firmware updates designed as a sort of workaround fix for both Meltdown and Spectre.