Microsoft just made an important announcement on their support page regarding incompatibilities between antivirus programs and the Windows patches for Meltdown and Spectre.
Microsoft identifies compatibility issue in how some AV programs handle the Meltdown and Spectre updates for Windows
Apparently, the company has identified a compatibility issue with some antivirus tools. The compatibility issue arises when antivirus applications make unsupported calls into Windows kernel memory, Microsoft explained.
These calls may cause stop errors (also known as blue screen errors) that make the device unable to boot. To help prevent stop errors that are caused by incompatible antivirus applications, Microsoft is only offering the Windows security updates that were released on January 3, 2018, to devices that are running antivirus software that is from partners who have confirmed that their software is compatible with the January 2018 Windows operating system security update.
In other words, Windows users will not get the security updates from January 2018 Patch Tuesday, or any following Patch Tuesday security updates for that matter. For users to receive the security fixes, the AV programs installed on their machines from become compatible with Microsoft’s Meltdown and Spectre patches.
In case a user is not seeing the above-mentioned security update, he or she may be running incompatible AV software, meaning that the vendor should be contacted, Microsoft noted. The company is also working closely with AV partners “to ensure that all customers receive the January Windows security updates as soon as possible”.
How does an AV program become compatible with the Meltdown and Spectre update?
This happens via first updating the AV product and then adding a specific registry key to Windows Registry. Once the key is added to the Registry, Windows will “know” whether the AV program is compatible or not, and whether the update will be installed flawlessly.
The registry key has become a permanent check of Windows Update and its process. If the AV program is not compatible, it will prevent any forthcoming security update, not just the current Meltdown and Spectre ones.
It should also be noted that most AV vendors have already updated their tools so that they “fit” the Meltdown and Spectre fixes. However, there are vendors who require users to launch the registry key manually.
N.B. In addition, Microsoft raises the following red flag regarding the use of the Registry Editor:
Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.
As for the registry entry, this is it:
→ Key=”HKEY_LOCAL_MACHINE” Subkey=”SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat” Value=”cadca5fe-87d3-4b96-b7fb-a231484277cc” Type=”REG_DWORD”
Data=”0x00000000”
Learn more about it on Microsoft’s support page.