Tuesday , 22 May 2018
Home >> B >> Browser >> Microsoft: No some-more Windows rags during all if your AV clashes with the Meltdown fix

Microsoft: No some-more Windows rags during all if your AV clashes with the Meltdown fix

Video: Your antivirus might strife with Windows Meltdown-Spectre patch

Microsoft won’t let we implement destiny certainty updates until your antivirus businessman sets a specific registry pivotal that certifies harmony with Windows.

As partial of this week’s certainty updates for a Meltdown and Spectre CPU attacks, Microsoft compulsory that all third-party antivirus vendors endorse harmony with a CPU fixes and afterwards to set a registry pivotal in their products to plead compatibility. Without a pivotal being set, Microsoft’s certainty refurbish simply won’t install.

Microsoft has now simplified that this new order will request to all destiny certainty updates and means users regulating non-conforming third-party antivirus won’t be stable by Microsoft’s destiny patches.

“Customers will not accept a Jan 2018 certainty updates (or any successive certainty updates) and will not be stable from certainty vulnerabilities unless their antivirus program businessman sets a following registry key”, Microsoft’s updated support page says.

A indicate to explain yet is that Microsoft won’t make this requirement indefinitely, though rather usually until it sees adequate machines have practical a Jan 3 CPU fixes. As it records in a FAQ on a issue:

Microsoft combined this requirement to safeguard business can successfully implement a Jan 2018 certainty updates. Microsoft will continue to make this requirement until there is high certainty that a infancy of business will not confront device crashes after installing a certainty updates.

During contrast of a rags for a dual attacks, Microsoft detected some antivirus had been creation “unsupported calls into Windows heart memory” that stop a appurtenance from booting or means blue shade of genocide (BSOD) errors after a patch is applied. To equivocate this issue, it introduced a new rules.

Security researcher Kevin Beaumont has gathered a list of antivirus products that are both concordant with Microsoft’s CPU refurbish and have a compulsory Windows registry pivotal set correctly. As ZDNet reported earlier this week, some vendors are doing both, while others have usually reliable compatibility.

Download now: IT leader’s beam to shortening insider certainty threats

However, it seems required antivirus products accommodate both requirements, while next-generation certainty products have usually reliable compatibility.

windows-10-blue-event-thumb.jpg

Microsoft says a new order means users regulating non-conforming third-party antivirus won’t be stable by a destiny patches.


Image: CNET

Beaumont said Microsoft is regulating a new acceptance routine to forestall antivirus vendors bypassing Microsoft’s Kernel Patch Protection, that it introduced in 2007 to urge opposite rootkits.

As he notes, a bypass technique some vendors are regulating is identical to a approach rootkits work, that involves injecting their product into a Windows hypervisor to prevent complement calls to memory locations that Microsoft altered in response to a Meltdown attack.

free pdf


Special report: The destiny of Everything as a Service


Special report: The destiny of Everything as a Service

SaaS has set off a series in a approach companies devour services on-demand. We demeanour during how it’s swelling to other IT services and transforming IT jobs.

Read More

“Because some antivirus vendors are regulating unequivocally controversial techniques they finish adult [causing] systems to blue shade of death – aka get into reboot loops. This shouldn’t be probable in a latest handling systems, though some antivirus vendors have managed it by holding themselves into a hypervisor… Antivirus makers unequivocally shouldn’t be messing with systems like this.”

He estimates there are 5 pivotal vendors that use this technique. Beaumont argues Microsoft should set a date for when it will no longer need a harmony registry pivotal or risk a immeasurable series of machines going though patches. On a flip side, a immeasurable infancy of consumer PCs would not be regulating next-gen certainty products.

Currently, a list of entirely concordant antivirus now includes Avast, AVG, Avira, Bitdefender, ESET, F-Secure, Kaspersky, Malwarebytes, Sophos, and Symantec. McAfee, Trend Micro, and Webroot are among a firms that will shortly join this group.

However, next-gen certainty providers including CrowdStrike, Cylance, FireEye, and Palo Alto Networks have usually reliable harmony though so distant haven’t been peaceful to set a specific registry key.

Next-gen providers explain they’re not environment a registry pivotal given they don’t wish to risk causing a BSOD in a eventuality a patron also has other antivirus program installed.

A problem with next-gen providers not environment a registry pivotal is that their products used to be sole as an further to bequest antivirus, though are now being sole as a primary antivirus.

So business who’ve done that switch contingency manually set a registry pivotal to implement a updates, something that Microsoft says should usually be undertaken with impassioned caution.

Previous and associated coverage

Windows Meltdown-Spectre fix: How to check if your AV is restraint Microsoft patch

Antivirus firms are personification patch catch-up, as Microsoft releases Meltdown firmware updates for Surface devices.

Windows Meltdown-Spectre patches: If we haven’t got them, censure your antivirus

Microsoft says your antivirus program could stop we from receiving a puncture rags released for Windows.

Critical flaws suggested to impact many Intel chips given 1995

Most Intel processors and some ARM chips are reliable to be vulnerable, putting billions of inclination during risk of attacks. One of a certainty researchers pronounced a bugs are “going to haunt us for years.”

Windows puncture Meltdown patch: Microsoft stops refurbish for AMD PCs after pile-up reports (TechRepublic)

Following claims a rags trapped some AMD PCs in an unconstrained loop, Microsoft currently announced a Windows updates would not be rolled out to influenced machines.

How to strengthen yourself from Meltdown and Spectre CPU flaws (CNET)

Practically each complicated processor is vulnerable. We’re updating this list of fixes as they turn available.

close
==[ Click Here 1X ] [ Close ]==