Page 1 of 1

Microsoft Says No More Windows Security Updates Unless AVs Set a Registry Key

Posted: Fri Jan 12, 2018 10:25 am
by Err
https://www.bleepingcomputer.com/news/m ... istry-key/
Microsoft has added a new and very important detail on the support page describing incompatibilities between antivirus (AV) products and the recent Windows Meltdown and Spectre patches.

According to an update added this week, Microsoft says that Windows users will not receive the January 2018 Patch Tuesday security updates, or any subsequent Patch Tuesday security updates, unless the antivirus program they are using becomes compatible with the Windows Meltdown and Spectre patches.
The AV program needs to add the following key:

Code: Select all

Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD”
You can add it yourself or use the .reg file from bleepingcomputer. However, if your AV is incomparable, it may cause a BSOD.

Re: Microsoft Says No More Windows Security Updates Unless AVs Set a Registry Key

Posted: Fri Jan 12, 2018 11:26 am
by psypher
In case someone doesn't bother to read the article...I do NOT recommend adding the registry key. You risk getting BSOD.

"The Redmond-based OS maker has asked antivirus companies to create this registry key because it detected during testing that some AV products caused Windows computers to enter a Blue Screen of Death (BSOD) error state that prevented subsequent boot-ups."

Re: Microsoft Says No More Windows Security Updates Unless AVs Set a Registry Key

Posted: Fri Jan 12, 2018 3:19 pm
by Err
psypher wrote:In case someone doesn't bother to read the article...I do NOT recommend adding the registry key. You risk getting BSOD.

"The Redmond-based OS maker has asked antivirus companies to create this registry key because it detected during testing that some AV products caused Windows computers to enter a Blue Screen of Death (BSOD) error state that prevented subsequent boot-ups."
Thanks for pointing that out. I should've put that disclaimer in.

I did manually add this key on my X260 Lenovo (Windows 7 - 64 , McAfee Endpoint Security) and it didn't cause issues. However I updated to the most recent DAT beforehand which is compatible. This allowed me to install the security rollup.