
Windows operating system security update block for some AMD based devices - rdtsc
https://support.microsoft.com/en-ie/help/4073707/windows-os-security-update-block-for-some-amd-based-devices
======
MikusR
The important part: "After investigating, Microsoft has determined that some
AMD chipsets do not conform to the documentation previously provided to
Microsoft to develop the Windows operating system mitigations to protect
against the chipset vulnerabilities known as Spectre and Meltdown."

~~~
gmiller123456
Which shows, that no matter how certain you are that your code matches the
specifications, it still pays to test it.

------
amadeusw
Looking for which hardware is affected, I only found a statement form AMD [0]
tldr, Ryzen CPUs are fine

> "AMD is aware of an issue with some older generation processors following
> installation of a Microsoft security update that was published over the
> weekend. AMD and Microsoft have been working on an update to resolve the
> issue and expect it to begin rolling out again for these impacted shortly."

[0] [http://www.techradar.com/news/meltdown-and-spectre-
windows-p...](http://www.techradar.com/news/meltdown-and-spectre-windows-
patch-halted-for-amd-pcs-after-it-causes-boot-failure)

~~~
Osiris
I'm surprised by this because I know that Microsoft has a test lab with
various hardware configurations and software to help verify that updates don't
break existing software.

Doesn't Microsoft have the resources to run automated tests on enough hardware
configurations to have caught this?

~~~
bluedino
How far back do the machines in Microsoft testing lab go?

I heard the chips having the problems were Athlons from 2005-2006, which are
12-13 years old now. Apple doesn't have to worry about this kind of stuff when
they patch OS X because they are able to drop support for anything they want
after a certain time.

------
AaronFriel
Related, I just shared that Microsoft is going to make the mitigations for
Windows Server optional
[https://news.ycombinator.com/item?id=16108356](https://news.ycombinator.com/item?id=16108356)

This should make it very clear that other vendors downplaying the performance
impact were misleading users.

~~~
merb
yep they even have a KB article where they said where the fix is NECESSARY and
where it might be ok to not install it:

> [https://support.microsoft.com/en-us/help/4072698/windows-
> ser...](https://support.microsoft.com/en-us/help/4072698/windows-server-
> guidance-to-protect-against-the-speculative-execution)

Part: "Enabling protections on the server"

it even has a registry key to enable/disable it. Basically they say that:

> Your server is at increased risk if it is in one of the following
> categories:

>

> Hyper-V hosts

> Remote Desktop Services Hosts (RDSH)

> For physical hosts or virtual machines that are running untrusted code such
> as containers or

> untrusted extensions for database, untrusted web content or workloads that
> run code that is

> provided from external sources.

------
throwaway2048
Breaking windows is not bricking a machine, can we please stop abusing this
term. Brick means irrevocably render an electronic device inoperative (making
it as useful as a brick), short of something like JTAG or soldering.

This is especially important surrounding hardware bug concerns like this,
because its at least conceivable that interactions with hardware bugs really
_could_ brick machines.

EDIT: for posterity post title is "Windows AMD Spectre patches brick some
machines" atm.

~~~
zeep
You appear to be talking about soft brick vs hard brick? neither hard brick or
soft brick is physically broken though...

~~~
da_chicken
Brick means "to render a device _permanently_ inoperable." There is no hard or
soft involved. Bricked is _bricked_. If you can recover the device without
replacing hardware or components, you didn't brick it, you just fucked it up.

~~~
korethr
I think it's fair to say that different people have different thresholds for
"bricked" depending on their awareness, willingness, and ability with regard
to various repair techniques that may be to hand. To my mother, a virus that
causes her laptop to bluescreen upon boot is bricked. There's nothing she can
do about that. To me, you gotta do something like wreck the firmware, and even
that's not quite permanent, as I am not afraid of soldering tools.

~~~
josteink
Your grandma is not going to say the machine is “bricked”. She will say it’s
not working.

Bricked is a technical term used by techies, and it has one specific meaning.

Bricked is bricked.

~~~
zeep
to me, soft bricked means that you have to do something out of the ordinary to
fix it, something that most people would not know how to do, even if it's just
a software problem (maybe it's a new problem that had no known solutions
yet)... [http://unbrick.itcse.com/soft-brick-vs-hard-bricked-vs-
broke...](http://unbrick.itcse.com/soft-brick-vs-hard-bricked-vs-broken-
android-device/)

~~~
kbenson
Common use of the term predates Android phones by at _least_ a decade, so I'm
going to resist this new "soft-brick" designation as both misleading and
unuseful.

Having your phone go into a boot loop or corrupting your MBR has historically
not been considered "bricked", but just having a corrupted install. It's
generally not that hard to fix or find someone to fix, which is why it
wouldn't be considered bricked.

Getting a device to a state where it's unrecoverable, or at least requires
custom equipment and lots of knowledge about it to fix (and I'm not talking
USB key fob and how to reset an MBR, or even a serial port connection, I'm
talking JTAG connectors).

People familiar with putting experimental linux hobbyist distros on devices
with no support, such as the Sharp Zaurus or wireless routers circa 2000 know
what this means.

~~~
zeep
JTAG connector is not that much different from USB at at stage... you just
have to remove the case to access it or solder a connector to existing pins? I
would call that hard brick... and if JTAG doesn't work, then it might be
considered broken by some and need electronic part(s) replaced

~~~
kbenson
Are you comparing plugging in a USB fob to soldering a connector to pins, and
that's what you're referring to as "not that much different"?

I would consider any time you have to solder a custom connector onto the
device to fix it as being bricked. The equipment, knowledge and capability to
do that are very rare.

~~~
zeep
but it's not physically broken... it's just a different way of connecting to
it... so yes I would call that hard bricked, but not broken, since you don't
need to replace components

~~~
kbenson
> since you don't need to replace components

I think the fact that you have to manually add a component for connection by
soldering, even if you can remove it later, makes that point somewhat moot.

Let's look at it from another point of view. The combination of needed skills
is rare, and if you had to pay someone to do this, it would likely cost to fix
it is more than the cost of a new device (since they would have to research
how to fix and apply that knowledge. If there was an existing market you could
easily tap it may be cheaper). If the cost to fix is more than the cost to
replace, it's a brick.

~~~
zeep
I get your point, but if soldering is the only problem, just get a spring
loaded solderless connector for JTAG pads? then it is about the same as USB
for many more people?

~~~
kbenson
I just think you'll have to go quite a bit farther to convince me that using a
USB key fob in an existing USB port, which I can probably find and buy at a
7-11 down the street, is the same as acquiring a spring loaded JTAG pad or
soldering a JTAG connection in place to a device I have opened to expose the
circuity, and then configuring the software required to interface with it.

In one case, I plug a USB stick into a working computer, which virtually
everyone has already done at some point before, run a utility included in
Windows[1], and maybe download and drag some files around to copy them. In the
other I do a whole bunch of stuff that isn't common to any neophyte or even
most advanced computer users.

1:
[https://www.google.com/search?q=how+to+make+a+bootable+usb](https://www.google.com/search?q=how+to+make+a+bootable+usb)

------
yuhong
I posted these two images:
[https://imgur.com/a/QANol](https://imgur.com/a/QANol)
[https://imgur.com/a/h3MhG](https://imgur.com/a/h3MhG) Notice the variables
they set up that RtlInterlockedPopEntrySList don't use.

------
Neil44
I had an AMD machine in on Monday that I installed in 2009, was chugging along
fine until this update. Now has a stop error on boot.

New machine time - which actually gives Microsoft money in reward for their
mistake but is the best course of action for the client.

It’s just expense for the the client and inconvenience for all involved.

------
andreano
Unbootable, they say. So I think they actually mean it!

