Microsoft has suspended sending some Windows updates to address the Spectre and Meltdown vulnerabilities after some people whose computers use AMD processors reported that their devices did not boot after installing the new patches.
“Microsoft has reports of customers with some AMD devices getting into an unbootable state after installing recent Windows operating system security updates,” the company said in a statement Monday. Microsoft appears to pin the blame on the faulty updates with the manufacturer. “After investigating, Microsoft has determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown.”
Microsoft said that to prevent customers from getting into an unbootable state it would suspend sending Windows updates to devices with the affected AMD processors.
“We’re working with AMD to resolve this issue and resume security updates to affected AMD devices via Windows Update and Windows Server Update Services,” Microsoft told The Washington Post on Tuesday. The list of updates can be found here.
AMD said Tuesday that it's working to resolve the issue. “AMD is aware of an issue with some older generation processors following installation of a Microsoft security update that was published over the weekend,” the company said.
The Spectre and Meltdown vulnerabilities were publicly disclosed last week, setting off a flurry of announcements from tech companies, such as Intel, Amazon, Google and Apple, encouraging customers to install patches designed to lessen the risk of a hack. Although it’s not clear whether malicious actors have exploited these flaws, security experts say attacks would be relatively easy and could allow the theft of private information such as passwords, credit card numbers and corporate data on computers or smartphones. To add to the concern, experts say that such attacks probably would not leave a trace and could go undetected.
The researchers who discovered the vulnerabilities first alerted technology companies over the summer. Since then, hardware and software providers have scrambled to develop patches to protect against potential exploits. The flaws have uncommon breadth and reach. They could affect nearly every modern computer processor and implicate a broad array of devices, from laptops to mobile phones to cloud networks. And although security experts say that the patches that have been released do reduce the risks of exploits, the vulnerabilities cannot yet be entirely fixed.