23 March 2018

KB40888878 Patch for Spectre and Meltdown on Windows 7 x86 and x64 systems

Recently, Dell released the BIOS updates covering systems starting with the Intel Family 6 Model 42 and later processors. This is the first part of the patching process. The second part is to apply all windows updates, which I also included all optional updates. That was my personal preference. The third step is to apply the appropriate KB4088878 patch. 

The first two systems, Dell Optiplex 990s with Windows 7 64-Bit, I did these patches on were successful. GRC's InSpectre tool was executed and returned the following. 

The next two failed. These systems were Windows 7 32-Bit installed on Dell Optiplex 990s with 64-Bit processors. The BIOS was patched with the latest A23 version Dell had published. The windows updates were all installed. When the windows6.1-kb4088878-x86_7512ab54d6a6df9d7e3d511d84a387aaeaeef111.msu was applied, the following crash screen appeared when the OS booted back up.

One tactic I tried was to configure the registry to clear out the page file when the system shuts down by changing the value of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown to a 1. The next thing I did was to boot the system into safe mode to execute the patch. I got the following message. 

In conclusion, the only solution is to have the hardware architecture match the OS architecture. If they match then applying the appropriate patch will be successful. 

Here is a note on patching. Applying the latest BIOS does not pass the GRC Inspectre test. The Microsoft OS patch must also be applied for the system to pass the test. 



Post a Comment