The latest Windows security updates that Microsoft released to address the Meltdown and Spectre security flaws seem to cause more issues than usual. Last week, the company warned Windows users that due to an issue with some versions of Anti-Virus software, this security path was “only being made applicable to the machines where the Anti virus ISV has updated the ALLOW REGKEY.”
As it turns out, Microsoft has since explained that customers using problematic AV software won’t be able to receive future security updates for Windows, including today’s Patch Tuesday update (which should include the security fixes from January 3). Our colleagues over that BleepingComputer spotted the following update on Microsoft’s support page today:
Note: Customers will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities unless their antivirus software vendor sets the following registry key:
Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD”
In the related FAQ, the Redmond giant explained that it’s requiring all AV vendors to set this registry key to “help protect our customers from "blue screen" errors and unknown scenarios.” These bluescreen errors are the result of AV software making unsupported calls into Windows kernel memory, the FAQ noted. The company added that this registry key requirement will be enforced “until there is high confidence that the majority of customers will not encounter device crashes after installing the security updates.”
The Redmond giant says that it’s working closely with AV vendors to allow all Windows users to receive the latest security updates, but it could take some time. Microsoft is also dealing with another issue with AMD processors, which forced it to stop pushing the latest security updates to AMD devices this week. Again, the company is working with AMD to resolve this issue as soon as possible.