I have not been able to test any of this myself, but many people are reporting that some of their ASCOM drivers don't work properly after the latest Microsoft security patch (to protect from the speculative execution bug). [UPDATE: Others are reporting no problems. It is possible the bug only affects some versions or has been quietly fixed in a later update.]
These instructions for fixing ASCOM, rather tediously, are circulating and are reportedly reliable:
The idea is to use DCOMCNFG.EXE to hunt through the drivers and change their authentication level from "None" to "Call".
ASCOM drivers aren't really DCOM, but they use the same authentication system.
But what really went wrong?
I think I know. Microsoft admits a bug with DCOM authentication in KB4058702. Search for "_CALL" on this web page:
The problem they report is that CoInitializeSecurity (the system call to start up a driver like ASCOM's) doesn't work right when passed "None" as an authentication level, and you have to change it to "Call".
Microsoft admits this is a bug and promises to fix it.
It is not a bug in ASCOM, although ASCOM could probably work around it by installing the components with authentication level "Call".
In the meantime, I am uninstalling KB4056892 from my autoguiding computer. That's easy to do from Control Panel, Programs and Features (under View Installed Updates), and you don't need to boot into Safe Mode.
After uninstalling KB4056892, you can hide it so it won't come back the next time your computer wants to download updates.
(And later unhide it, if you feel it necessary.) Use the troubleshooter here: https://support.micr...alling-in-windo and don't worry that it runs a long time scanning all your installed updates before it does anything else.
Is it dangerous to do without the update? In my opinion, no. I've consulted several CPU experts, and they say that if you're not running a server, there's not much danger. The bug does provide a new way to write viruses, but there were lots of ways to write viruses already, and under most circumstances this new method has no appeal. (I have also heard dissenting voices, so you'll have to make your own decision. I recommend the rollback primarily for computers that are not used extensively for web surfing or other software.)
In any case, Microsoft promises us a better fix soon.
Edited by MCovington, 09 January 2018 - 10:18 AM.