Went looking for the Windows update for Melt down and spectre. I dont see it. I am running AVAST 17.9.2322(Build 17.9.3761.0) How do I know if I have had the AVAST registry entry applied ?
You can check the registry key as described here https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software
Even if the registry key is present, you may not be offered the update. Don’t know if that’s caused by Avast or MS, but you can get it from the Microsoft Update Catalog here http://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892
Same as Ttail above, also running AVAST 17.9.2322(Build 17.9.3761.0).
The registry key IS NOT present => what do we do ?
Tks in advance for you answer
how i known if my update of windows is compatible with the avast?
thanks
Here in Windows 10 1709 the key in de register is there and Ok.
Avast 7.9.2322 Free just updated to 7.9.3761.278.
But I still do not get KB4056892.
Also running Windows update troubleshooter did not help.
IntelSA00086DetectTool1.0.0.152 tells me I am still vulnerable !!
Do I have to wait for the next avast update ?
We can’t see the registry key in my company.
We use Endpoint Protection Suite together with Small Office Administration.
Your computer with SOA uses a proxy to connect to the Internet. Updates are delivered to clients only from mirror (SOA). Updating from the Internet is prohibited.
SOA version: 1.3.3.112
Database version: 1450
Mirror or Client version: 8.0.1609
Virus Definitions Version: 180111-8
Version of file AvastEmUpdate.exe is still 10.2.1609.588 and does not change. Virus definitions have changed when I updated them over SOA, but not the program or its parts (such as AvastEmUpdate.exe).
We also use a computer where a standalone version of Avast Endpoint Protection Suite is installed. Registry changes are performed correctly after the update.
File AvastEmUpdate.exe was changed 5.1.2018 (current version 17.9.3761.0). Older version (10.2.1609.588) was backuped and saved as AvastEmUpdate.exe.bak.9913124109445268958.
This computer doesn’t use a proxy to connect to the Internet.
Apologies for this newbie post but I’m a little lost as to which registry key to look for. I have Avast Free 17.9.2322 (build 17.9.3761.278). My system is Windows 10 (1709) and I have updated with the 2018-01 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4056892).
You have posted in the Avast for Business forum, it should be in the Avast Free Antivirus / Pro Antivirus / Internet Security/ Premier forum.
For speed the key is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat however if you have been able to install KB4056892 you must have had the key. Also see https://forum.avast.com/index.php?topic=212691.0.
If you have any further questions please start your own new topic in the forum link that I gave.
Thank you, DavidR! Sorry for getting the wrong forum. I will post in the correct forum if necessary.
Thank you for reporting the issue, we are currently investigating why it has not been applied to your SOA mirrored environment.
Windows 10 ver 1703 build 15063.786
Avast Endpoin protection ver 8.0.1609 vir.db. 18016-4
Avast AEA ver 8.0.405
I have more than 100 computers. why there is no key in the registry? please reply
Yesterday, we issued a patch for the machines behind a SOA mirror without the registry keys. It is downloaded together with virus definitions, and it is applied automatically. To download it immediately run Update server definitions job from the SOA web interface.
Windows 10 ver 1703 build 15063.786
Avast Endpoin protection ver 8.0.1609 vir.db. 180129-4
Avast AEA ver 8.0.405
The key in the registry is fixed
BUT! clients of the WSUS do not see the update KB4056891. When I deleted the avast on the test PC. He immediately update on the WSUS began to download and install KB4056891.
Explain the reason? You write that the product Avast Endpoin protection 8 is compatible
I tested it issue on Windows 10 1709
got the same result
If the antivirus is installed, the update does not find. if the antivirus removes the update is find and installed
P.S. the key in the registry is present
P.P.S problem in the antivirus software! Please respond!
Dear fordiegolg,
welcome to the club, you’re absolutely right that there seems to be a severe bug in this version (8.x and AEA).
We’ve already had the same problem like you with the mirror which should be fixed now i believe.
And we still have the same problem that no system can be patched anymore due to Microsoft’s Meltdown requirements and
its registry key AND Avast.
Beside WSUS Online we’re using the offline wsusscn2.cab in 3rd party applications or direct api calls with WUA, the online WSUS version is working for some cases but the offline one for absolutely NO system.
And you’re right it’s definitely the Avast scanner, registry keys are ok, you can disable the services and disable feature of the realtime scanner, nothing is working. Only the old non-flagged patches were recognized and installed.
Because Avast’s business support is sadly blazing with abstraction since the merge with AVG we’ve opened a case at Microsoft Premier to probably narrow it down more in detail. Nevertheless you’re right, if uninstalling Avast all is working without any problems - also for testing with other av vendors. Btw. we’re still using it on about 1500 servers. Still waiting on the final results of the L2/L3 engineers of Microsoft support. Will get them probably today or at monday… (btw. all server operating systems are affected, not only the client versions…)
PC in my company does not have direct access to the Internet
The Internet receives through the proxy server squid
settings are taken from IE through wpad settings
antivirus is updated via mirror Avast Enterprise Administration 8.0.405
I give direct access to the Internet test PC
launched the file c:\Program Files\AVAST Software\Avast Business\AvastEmUpdate.exe
I noticed that there was a log in the folder c:\ProgramData\AVAST Software\Avast\AvastEmUpdate.ini
in him
[Config]
LastAppliedPatchId = 381
And in folder new two files c:\Program Files\AVAST Software\Avast Business\
AvastEmUpdate.exe.sum
AvastEmUpdate.exe.bak.10567838635595355225
In the folder new file c:\Program Files\Common Files\avast software\overseer\overseer.exe
I rebooted the PC
and checked the updates via WSUS and…… yes! Update is view!
I noticed that in the task scheduling there is a task to start AvastEmUpdate.exe automatically when you turn on the PC
I registered in the gateway direct access to the update servers avast (I will not post a list of networks here because I do not know if this is allowed)
two - three reboots and my PC view update KB4056892, KB4056891 and released after
Later I’ll try to update my PC via WSUS
I was able to install patch KB4056892 via WSUS
In case your computers are not directly connected to the internet and Windows Update channel is therefore unavailable, you have to use other supported channel to get the hotfix. Also, depending on your OS version, the hotfix might not be available via Windows Update.
Please refer to January 2018 Windows operating system update schedule table for more information about available channels. Anyway the released hotfixes are always available via Catalog.
Hi,
strange thing, yesterday we’ve also found out the that proxies and the Avastemupdate.exe is one important problem.
It looks like that there were done some microcode updates or whatever else as add on to the registry entries and in our case
also the problem because we can’t get any patches via wsus offline or wua api calls.
Today i’ve sent a high priority case to the emea support an our german sales manager to get further information about this process and/or a fix which we can deploy of our own because we can’t open all connections for our 1500 servers only why Avast isn’t able to work properly with proxies and so on.
@SeReB:
You’re right that some special Microsoft updates are only available via the catalog server but that’s not the general goal in this case. The problem is that we have or fordiegolg e.g. is that it worked without any problems with WSUS Online but NOT with WSUS offline or WUA api calls like many 3rd party vendors are using. For this case you need a fix to deploy the Avast’s update manually, fix Avastemupdate.exe to use a proxy and the manin topic, inform at least business users about these hidden operations that costs a lot of time and money while contacting L2/L3 of other vendors like Microsoft Premier… >:(
Further on i’ve linked now your comments to the appropriate people of Avast which are responsible for us which sadly also didn’t know these kind of information !
There are two ways to have the MS hotfix required registry keys installed.
- registry keys are created by emergency updates (avastemupdate.exe), but this requires a direct connection to Avast’s update servers. There could be a delay up to 24 hours (update window interval), unless avastemupdate.exe is run manually. (Can use /debug parameter to see more information about the process.)
- registry keys are created by regular virus definition updates of Endpoint Protection business products (which is the suitable way for machines behind mirror).
These two options’ results are equivalent. Once the keys are present, all prerequisites of the hotfix are done, and we do not cooperate further neither (intentionally) interfere with the Windows update mechanism. I have personally tested the scenario with machines connected only to a mirror machine, and the hotfix was delivered and installed properly. Therefore I think the problem is not in a way how AV delivers the registry keys. As manually creating the registry keys does not solve the situation, it strengthens my suspicion the problem is not in AV, but in WU.
Therefore our support is going to reach out to you to provide more detailed information from the affected systems in order to find any reference of a problem in Windows/WU that could be accidentally caused by Avast AV, plus the option to allow the upgrade IPs.