Sunday, January 14, 2018

Fixing AMD PCs Bricked by Windows Update

In response to Spectre and Meltdown, Microsoft released a January Security Update for vulnerable machines. Unfortunately, they didn't get all the details right. Microsoft points a finger at AMD for the screw-up:
“After investigating, Microsoft has determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown.”
Regardless of who was at fault, customers have suffered as a result. Many impacted folks, like my dear middle-aged CPA, have resorted to one or *all* of the following:
  • Yelled in frustration
  • Rued the day they enabled "Automatic Windows Updates"
  • Cursed Microsoft profusely
  • Hated Microsoft Support for wanting $500 to speak to them (shame on you Microsoft Support)
  • Called everyone other than MS Support to fix their computer
  • Resigned and bought a new PC or Mac
None of this is good PR for Microsoft! To save my CPA the nuisance of starting afresh with a new PC, especially given all she has to learn about the new IRS regulations, I decided to find a fix for the issue because everything Microsoft suggests failed for her. I found another way to fix the issue; here's what you can do as a last resort before you buy a new PC:

1. Follow the instructions in this article from Microsoft Support. To summarize, Microsoft hopes one of these works for you:
  • Try Last Known Good Configuration
  • Try Safe Mode
  • Restore to a prior restore point
  • Try System Recovery
  • Try Startup Repair
  • Restore using a System Image Backup
  • Give up and Reinstall Windows
  • Pray that your backup service can restore all your data
2. If you're like my CPA, none of these will work for you. This is when you do the following:
  • Get access to another PC so you can create a USB disk. Let's label this PC, "doppel", and the USB, "hail-mary".
  • Microsoft has released a new update with the fixed files for impacted AMD systems. Yay.
3. On doppel,
  • Download the MSU with the fixed kernel from the Windows Update Catalog
  • Use WinZip to open the MSU file
  • Copy ntoskrnl.exe (and all the other files for safety) to hail-mary
  • Eject hail-mary safely using "Windows Explorer"
4. Back on your computer, bring the solution home:
  • Boot into "Recovery Mode"
  • Insert hail-mary into a USB port
  • Select the "Command Prompt" option
  • Copy ntoskrnl.exe from hail-mary to %windowsroot%\system32\. This action requires "Administrator" privileges.
  • Optional: Copy any other files on the USB drive to %windowsroot%\system32\
  • Reboot
5. Voila

It took a village to find this solution.
- I had a hunch that overwriting existing files with newly patched versions might work.
- My friend Arun Kishan (Director of Windows Development) supported my theory.
- My friend Karan Dhillon drove over to my CPA's house, validated my hunch, and shared the recovery steps he used.

Let me know on twitter (@manojhatax) if this worked for you. Good luck.