This post was originally published on this site is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to

Red Hat logo

Red Hat is releasing updates that are reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715) after customers complained that some systems were failing to boot.

“Red Hat is no longer providing microcode to address Spectre, variant 2, due to instabilities introduced that are causing customer systems to not boot,” the company said yesterday.

“The latest microcode_ctl and linux-firmware packages are reverting these unstable microprocessor firmware changes to versions that were known to be stable and well tested, released prior to the Spectre/Meltdown embargo lift date on Jan 3rd,” Red Had added.

Red Hat tells users to contact CPU/OEM vendors

Instead, Red Hat is recommending that each customer contact their OEM hardware provider and inquire about mitigations for CVE-2017-5715 on a per-system basis.

Besides Red Hat Enterprise Linux, other RHEL-based distros like CentOS and Scientific Linux are also expected to be affected by Red Hat’s decision to revert previous Spectre Variant 2 updates, so these users will also have to contact CPU/OEM vendors.

CVE-2017-5715 is the identification number for one of three bugs known as Meltdown (CVE-2017-5754) and Spectre (Variant 1 – CVE-2017-5753, and Variant 2 – CVE-2017-5715).

Most experts have always said that only Meltdown and Spectre Variant 1 could be theoretically be addressed via an OS-level patch, Spectre Variant 2 requiring a firmware/BIOS/microcode update to patch fully.

Earlier this week, Bleeping Computer put together a list of places where users could find BIOS updates for the Spectre flaw.

Spectre patch previously caused problems for AMD, Intel, Microsoft

The Spectre patching process has been complex and challenging for all hardware and software vendors. Red Hat deferring Spectre patching to CPU manufacturers and OEM vendors is not a surprise.

Microsoft had to pause the rollout of Spectre patches for computers using AMD devices after encountering similar issues with computers that failed to boot. The OS maker recently resumed those patches after working with AMD to resolve the problems.

Intel admitted similar issues and said it was investigating an issue with Spectre patches for older Broadwell and Haswell CPUs that introduced higher system reboot rates.

The Spectre patch is additionally causing issues for users with custom antivirus software on Windows, and Microsoft is threatening to stop all future security updates unless the antivirus software adds a special registry key that guarantees the antivirus won’t crash the PC because it’s not compatible with the Windows Spectre patch.

At L Technology Group, we know technology alone will not protect us from the risks associated with in cyberspace. Hackers, Nation States like Russia and China along with “Bob” in HR opening that email, are all real threats to your organization. Defending against these threats requires a new strategy that incorporates not only technology, but also intelligent personnel who, eats and breaths cybersecurity. Together with proven processes and techniques combines for an advanced next-generation security solution. Since 2008 L Technology Group has develop people, processes and technology to combat the ever changing threat landscape that businesses face day to day.

Call Toll Free (855) 999-6425 for a FREE Consultation from L Technology Group,