Go Back   DreamTeamDownloads1, FTP Help, Movies, Bollywood, Applications, etc. & Mature Sex Forum, Rapidshare, Filefactory, Freakshare, Rapidgator, Turbobit, & More MULTI Filehosts > Computer/MAC Help/Info. & New Technology > General Computer/Android Help, News & Info + New Technology

General Computer/Android Help, News & Info + New Technology Find All The Latest Reports/Reviews in Here. Start a New Thread in Here if You Need Help

IMPORTANT ANNOUNCEMENT
Hallo to All Members. As you can see we regularly Upgrade our Servers, (Sorry for any Downtime during this). We also have added more Forums to help you with many things and for you to enjoy. We now need you to help us to keep this site up and running. This site works at a loss every month and we appeal to you to donate what you can. If you would like to help us, then please just send a message to any Member of Staff for info on how to do this,,,, & Thank You for Being Members of this site.
Post New ThreadReply
 
LinkBack Thread Tools Display Modes
Old 10-01-18, 02:51   #1
Official Site Uploader & TECH ADVISOR
 
Join Date: Aug 2013
Location: Australia
Posts: 7,354
Thanks: 214
Thanked 2,685 Times in 2,032 Posts
jenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond repute

Awards Showcase
Bronze Medal Gold Medal Gold Medal Gold Medal 
Total Awards: 4

Default Microsoft Says No More Windows Security Updates Unless AVs Set a Registry Key

Microsoft Says No More Windows Security Updates Unless AVs Set a Registry Key



Microsoft Says No More Windows Security Updates Unless AVs Set a Registry Key

Microsoft has added a new and very important detail on the support* page describing incompatibilities between antivirus (AV) products and the recent Windows Meltdown and Spectre patches.
According to an update added this week, Microsoft says that Windows users will not receive the January 2018 Patch Tuesday security updates, or any subsequent Patch Tuesday security updates, unless the antivirus program they are using becomes compatible with the Windows Meltdown and Spectre patches.
The way antivirus programs become compatible is by updating their product and then adding a special registry key to the Windows Registry.
The presence of this registry key tells the Windows OS the AV product is compatible and will trigger the Windows Update that installs the Meltdown and Spectre patches that address critical flaws in the design of modern CPUs.
Registry key dictates if users are eligible for future updates

According to Microsoft's latest policy changes, this registry key has now become a permanent check of the Windows Update process and will prevent all further updates, not just the Meltdown and Spectre patches.
The Redmond-based OS maker has asked antivirus companies to create this registry key because it detected during testing that some AV products caused Windows computers to enter a Blue Screen of Death (BSOD) error state that prevented subsequent boot-ups.
Security researcher Kevin Beaumont explained why this happens in a Medium blog post earlier today.
There is a problem where some anti-virus vendors are using techniques to bypass Kernel Patch Protection by injecting a hypervisor which they use to intercept syscalls and make assumptions about memory locations — memory locations which are now changing with the Meltdown fixes. To be honest, some of the techniques are similar to ones used by rootkits — Kernel Patch Protection was introduced by Microsoft a decade ago to combat rootkits, in fact. Because some anti-virus vendors are using very questionable techniques they end up cause systems to ‘blue screen of death’ — aka get into reboot loops.
The Meltdown and Spectre vulnerabilities highlighted a fundamental flaw in the design of modern processors. The fixes that Microsoft deployed last week are producing a similar impact on how antivirus software now interacts with the Windows OS.
Windows users who do not use an antivirus or who use Windows Defender can update right now, as they are not subject to the registry key requirement. The only ones affected are those using custom, third-party antivirus solutions.
The vast majority of AV vendors have updated their products to support the Meltdown and Spectre patches, but some vendors require users to set up the registry key by hand.
According to Beaumont, this happens because some AV companies are aware that some of their customers are running their products alongside other AV software. Due to this, they don't want to accidentally cause BSODs by setting the registry key while the other AV wasn't updated for the Meltdown and Spectre patches.
In other words, it's a mess!
Registry key might cause issues down the line

Beaumont has been keeping track of antivirus products that create the registry key, AV products that ask users to create the registry key manually, and antivirus software that has not yet received updates and is currently incompatible with the Windows Meltdown and Spectre patches.
It's Bleeping Computer's belief that a large part of the Windows userbase is probably not affected by this "registry key requirement."
But if in the following months users should notice that their Windows computer is not receiving any security updates, the first place they need to look at is their antivirus.
They should also take a look over Beaumont's list and make sure their current antivirus is compatible with the Meltdown and Spectre patches to be safe.
Users should give their AV a little bit more time

By stopping all Windows security updates until antivirus products or users set the registry key, Microsoft is basically saying two things: (1) users either choose to stop receiving Windows security updates and stay with their current antivirus or (2) they ditch their current incompatible antivirus for one that supports the crucial fixes for Meltdown and Spectre.
Users shouldn't hurry to drop their current antivirus just yet. In statements last week, Microsoft said that antivirus companies might take a while before releasing updates and advised users to have patience. The updates are very complex and not your typical one-line source code fixes.
The registry key that antivirus products need to set up is the following:

Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\ QualityCompat" Value="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD”
Bleeping Computer has created a .reg file that users can double-click and create the registry on their PC. Users can use this file if their antivirus vendor has told them they need to manually install the registry key. More info on updating Windows computers with the Meltdown and Spectre patches are available here.

https://www.bleepingcomputer.com/news/microsoft/microsoft-says-no-more-windows-security-updates-unless-avs-set-a-registry-key/
Here's a list from Beaumont you can check.

https://docs.google.com/spreadsheets/u/1/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true
Note:
Microsoft's patch is only for Windows 10 so far. They claim they will release a patch for Windows 7 and 8.1 later.
Keep in mind they don't want you using New chips and hardware that isn't being run with Windows 10.

Last edited by jenkins4; 10-01-18 at 22:03.
jenkins4 is online now  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiTweet this Post!
Reply With Quote
The Following User Says Thank You to jenkins4 For This Useful Post:
Ladybbird (11-01-18)
Old 11-01-18, 06:02   #2
Official Site Uploader & TECH ADVISOR
 
Join Date: Aug 2013
Location: Australia
Posts: 7,354
Thanks: 214
Thanked 2,685 Times in 2,032 Posts
jenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond reputejenkins4 has a reputation beyond repute

Awards Showcase
Bronze Medal Gold Medal Gold Medal Gold Medal 
Total Awards: 4

Default Re: Microsoft Says No More Windows Security Updates Unless AVs Set a Registry Key

AshampooŽ Spectre Meltdown CPU Checker

You can download a small program from Ashampoo to check if your CPU is vulnerable to Spectre/Meltdown.

https://www.ashampoo.com/en/usd/lpa/spectre-meltdown-cpu-checker
Note, this is just a check not a patch/fix.

--------------------------------------------------------------

For those of us running Linux there is a check tool too....

So, if you want to check for meltdown and spectre vulnerabilities on your Linux OS.

Download spectre-meltdown-checker.sh from here (23.7kb Archive).

https://github.com/speed47/spectre-meltdown-checker
Once downloaded open it in terminal or as root and run

sudo sh spectre-meltdown-checker.sh

from where you downloaded/placed the file.

This will open a terminal and give you relevant information on any vulnerability.

Last edited by jenkins4; 11-01-18 at 22:55.
jenkins4 is online now  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiTweet this Post!
Reply With Quote
The Following User Says Thank You to jenkins4 For This Useful Post:
Ladybbird (11-01-18)
Post New ThreadReply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2019, vBulletin Solutions Inc.
SEO by vBSEO 3.5.2
Designed by: vBSkinworks