MS Security Update for Meltdown

UPDATE [Jan 9] Microsoft has pushed the update to Win 8.1 as well. Users of Avast should receive the updates automatically for all the supported versions of Windows.


UPDATE [Jan 8] Microsoft is the pushing security updates in stages. As of now, Avast users of Win 7, Win 10 RS2 and Win 10 RS3 are getting security updates automatically, other versions will follow soon.


Hi everyone,

Please be aware that AVAST is compatible with the MS Security Update for the Intel Vulnerability called “Meltdown” since December 2017, and is also storing the required registry key (since January 3rd 2018). Users of AVAST should not have any issues receiving the patch via Windows Update.

More info at https://support.avast.com/en-ww/article/253/

Maybe I shouldn’t be having trouble, but I am. I’m using Win 10 Home, 1709 (build 16299.125), Avast Free Antivirus 17.9.2322 (Build 17.9.3761.0) with virus definition 180105-0. My firewall is the Windows 10 built-in firewall left at the MS default settings. Forcing a Windows update indicates that I’m up to date. However, my last update was installed in mid-December. Similarly, forcing updates to the Avast program and virus definitions also indicates that I’m up to date. However, no sign of the MS patch for Meltdown. Suggestions please!
Peter

Further information, I checked my registry and do not have the key I’m supposed to have. Please advise. Peter
CORRECTION: I was looking in the wrong place in the registry. I do have the required key. However, MS update isn’t providing the patch. Should I wait until Tuesday or manually download and install the patch now?

It looks like Microsoft is pushing the patch quite slowly (it was not offered on my computer either).
If you want to install it manually without waiting, you can get the cumulative update for Win10 from https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892 - there is a link to Microsoft Update Catalog website.

Hello, I expect this fix at patch tuesday (second tuesday in month).

This is more what I would expect of MS, whilst this is a vulnerability, in the past MS still waited until patch Tuesday and on occasion even longer before patching. As has been mentioned the actual patch for this is within a KB that includes other stuff also. So I’m not so sure how much urgency MS are putting into this.

Not to mention this isn’t an immediate issue, first your computer would also have to be infected to take advantage of the vulnerability.

The point is the vulnerability can be exploited using JavaScripts embedded in malicious sites. The patch from MS also contains fixes to IE and Edge, meaning MS should be interested in releasing it to all end users ASAP.

Mozilla have released a hotfix with adjustments for browser config to minimize the exploitation possibilities, and Google have published their settings recommendations. IE and Edge can’t be updated separately though, given how MS now handles patching.

I just discovered why some of us may not be getting the patch via MS Update even if we’ve verified that we have the required registry key. I downloaded from the Intel web site their SA-00086 chip tester that they developed specifically to determine if a user’s processor is vulnerable. I’ve attached the report for my Dell PC, which is approximately 5 yrs old. Surprise: I’m supposedly not vulnerable!! Perhaps there’s something my my registry that enables MS to detect that and determine that I don’t need a patch. You can download the tool directly from Intel at: https://downloadcenter.intel.com/download/27150?v=t The page that provides documentation is:
https://www.intel.com/content/www/us/en/support/articles/000025619/software.html Maybe you’ll be in luck also. Peter

Got tired of waiting.
Downloaded and Installed Cumulative Update for Win 10 64Bit from MS.
All went smoothly. :slight_smile:

@ pdkent2002
It isn’t so much what you have in registry to determine your need for the patch, but that your AV would support the patch if issued.

The Intel tool is checking your CPU to see if it is vulnerable and it is in more ‘modern’ CPUs with the vulnerability/flaw. I suspect your CPU, like mine (Core2Duo E8300) predates this determination of a modern CPU.

Yes you are!

This tool checks for a vulnerability in the Intel Management Engine. That is a completely separate problem from both Meltdown and Spectre.

Still not getting the Win10 patches for this security issue - on every PC I have Avast installed on. Avast is up to date on all of them. I have rebooted them multiple times. So, I take issue with your confidence that Avast is compatible!

I removed Avast from one of them and guess what - after rebooting the system (required to complete the uninstall of Avast) - UPDATES began immediately.

And for those with Malwarebytes installed as well (I have it on all my PC’s), the computer I mention here has Malwarebytes installed and running before, during and after deleting Avast. No issues with that software preventing the update.

MS has no vested interest in putting people in a queue for this particular update. It was ready as of yesterday, your computer should have already downloaded and installed it. If yours did not, your antivirus is most likely getting in the way. I do not condone uninstalling any AntiVirus product as I did. I only did it to find out if Avast was stopping the update. You can draw your own conclusions.

EDIT: add additional info regarding Malwarebytes and remove some salty language :slight_smile:
UPDATE: I responded to some questions, you can find them on Page 3, Reply #34 (link below)
click here

Ihave Avast Pro antivirus 17.9.2322 build 17.9.3761.0 but do not have Allow Regkey. Even i do not have file QualityCompat!!! I do not understand.

Exactly what happened for me, and I use MBAM as well.

I too have Malwarebytes and Avast. Like you I uninstalled Avast and left Malwarebytes installed. I have Win 10 build 1709 (Fall Creators Update). After my computer restarted I did an manual update check and immediately the update started downloading and installed perfectly. Apparently Windows Defender is the component that Microsoft requires for the security patch to work correctly. I am leaving Avast uninstalled for now.

rjsattler , TwasSnood , safeman
Didn’t you tried “passive mode” rather than uninstalling avast ?

Also ended up installing the patch from Microsoft Update Catalog for Win10 1709:
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892

It seem to be the most reliable way.

Something is clearly wrong with Windows Update. Searching for info about KB4056892 not being offered by WU, I found reddit posts stating that some systems with Windows Defender only, didn’t receive the update either. It looks like MS tried some new thing to avoid system disruption due to early release of the update, which isn’t working properly…

avast, can you please test this. You have users stating that they have the latest version of your software installed, have verified that the registry key exists, but are not able to get the MS update until they uninstall avast antivirus, at which point they immediately are able to download the update through the normal Windows Update mechanism. You should be able to reproduce this issue and offer a solution.

Doesn’t this piece of software detect vulnerabilities in IME only? That’s quite different from current problems.

This^

The IMEI vulnerability is a whole other issue than Meltdown and Spectre