More information has emerged on which anti-virus products are incompatible with a Windows patch against the Meltdown and Spectre CPU flaws.
Microsoft patched Windows against the vulnerabilities on Wednesday, but said certain systems would not receive the patch on release, due to a clash with some anti-virus software.
At the time this article was published, PCs running anti-virus from the following vendors were not able to receive the patch automatically: BitDefender, Carbon Black, Cisco, CrowdStrike, Cylance, Cyren, Endgame, Fortinet, G-DATA, McAfee, Nyotron, Palo-Alto, SentinelOne, Sophos, Trend Micro, VIPRE and Webroot.
However, the vast majority of firms have stated they are working on a fix, with BitDefender, CrowdStrike, McAfee and Trend Micro among those suggesting the patch will be able to be applied imminently.
A number of AV firms also say the believe their anti-virus is compatible with the patch but they have not yet updated the Windows registry on customer machines to allow the patch to be installed. Admins can manually update the Windows registry to install the patch, however Microsoft cautions that doing so may cause serious problems that "require you to reinstall your operating system". To manually update the registry, add the following key:
Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD"
Antivirus firms that have confirmed compatibility and set the registry keys so the patch can be applied include Avast, Avira, EMSI, ESET, F-Secure, Kaspersky, and Malwarebytes.
The list of compatible AV products is available here and is continuing to be updated by cybersecurity researcher Kevin Beaumont.
SEE: Incident response policy (Tech Pro Research)
The patch applies to all supported versions of Windows and Windows Server, Microsoft SQL Server and the Edge and Internet Explorer 11 browsers.
Most unpatched PCs and servers are susceptible to hackers exploiting the Meltdown and Spectre vulnerabilities to extract sensitive information such as passwords, although Microsoft says it is unaware of the flaws being used in attacks to date.
The Meltdown and Spectre flaw affects all devices with Intel processors. Computers with AMD processors are affected by Spectre, although it is significantly more difficult to exploit than Meltdown. While only a small number of Arm-based processors are affected by Spectre, affected chips are widely used in smartphones and tablets, including all Apple iPad and iPhones.
A side-effect of the patch may be to slow down some systems, although Microsoft claims "for most consumer devices, the impact may not be noticeable".
Microsoft has also said it will update the UEFI, software that runs before the operating system boots, on Surface devices to help mitigate the risk posed by Spectre.
- Emergency Windows Meltdown patch may be incompatible with your PC (TechRepublic)
- Massive Intel CPU flaw: Understanding the technical details of Meltdown and Spectre (TechRepublic)
- Critical flaws revealed to affect most Intel chips since 1995 (ZDNet)
- Intel chips have critical design flaw, and fixing it will slow Linux, Mac, and Windows systems (TechRepublic)
- Nope, no Intel chip recall after Spectre and Meltdown, CEO says (CNET)
- The future of Everything as a Service (free PDF) (ZDNet/TechRepublic special report)
- Linux security: Google fuzzer finds ton of holes in kernel's USB subsystem (ZDNet)
- How to upgrade the Linux kernel with a handy GUI (TechRepublic)
- Intel: We've found severe bugs in secretive Management Engine, affecting millions (ZDNet)
- PowerShell: The smart person's guide (TechRepublic)
Nick Heath is chief reporter for TechRepublic. He writes about the technology that IT decision makers need to know about, and the latest happenings in the European tech scene.