Kbi058 Patched (Linux HOT)
Deep in the C code of the firmware, the developers had written a loop to handle "scancodes"—the unique hex numbers sent by the keyboard controller every time a key is pressed.
The logic was supposed to be simple:
However, the code had a flaw related to Edge Triggering vs. Level Triggering. The original implementation didn't properly handle the "Make" and "Break" codes. In keyboard protocol, a "Make" code is sent when a key goes down, and a "Break" code is sent when a key comes up.
The code was failing to clear the internal buffer flag after reading the initial press. This meant that even after you lifted your finger, the firmware thought you were holding the key down indefinitely. Worse, under specific timing conditions—specifically Issue KBI058—the interface would lock up waiting for a "Break" code that the logic had effectively ignored. kbi058 patched
The CPU was stuck in an infinite loop, waiting for a signal that had already been missed. The system was "alive," but the keyboard interface was effectively dead.
No major update is without side effects. Since the rollout of KBI058, administrators and users have reported the following anomalies (most of which are now resolved with subsequent micro-patches):
Get-WUfBDevices | Where-Object $_.LastScanError -ne 0 Deep in the C code of the firmware,
sha256sum kbi058_patch.bin
# compare output to vendor SHA256
| Scenario | Patch Source |
|----------|---------------|
| Windows 10/11 | Microsoft Update Catalog (search KBI058 or underlying KB) |
| WSUS | Import from Microsoft Update |
| Offline system | Download .msu or .cab from catalog |
Do not download patches from third-party sites.
The kbi058 patch was a surgical fix. It didn't rewrite the entire driver; it optimized the interrupt handler. However, the code had a flaw related to Edge Triggering vs
The patch introduced a status register flush. Now, after the system reads a scancode, the patched code forces a specific bit (often bit 0 of the Status Register) to toggle, acknowledging to the hardware controller: "I have received this data. Clear the buffer. Reset the listening state."
It effectively told the system: "Don't just listen for the change; acknowledge the state so you are ready for the next one."
If you intended a different target (a software package, CVE KBI-058, or a specific product model), tell me which one and I’ll produce an exact, vendor-specific step-by-step guide.
(Invoking related search suggestions now.)