Microsoft are now pushing out an update to mitigate some of the security issues that Meltdown takes advantage of, but there is a small problem. KB4056892 may cause your machine to BSoD depending on the anti-virus software you use so it is not recommended you install the update manually. Windows Update looks for a registry entry on your machine, which indicates your AV software has updated and is compatible with the patch, so far Symantec, F-Secure, Avast, and Windows Defender have all updated. If you are curious, The Register has posted the key in this story so you can check for yourself if you are ready to update and make the change if not.
It is something you should be doing soon, as this is a serious vulnerability which is only somewhat mitigated by the patch but at least this attack will not be successful.
"Microsoft has released updates for Windows to block attempts by hackers and malware to exploit the Meltdown vulnerability in Intel x86-64 processors – but you will want to check your antivirus software before applying the fixes."
Here is some more Tech News from around the web:
- When F00F Bug Hit 20 Years Ago, Intel Reacted the Same Way @ Slashdot
- Quick Facts about Meltdown and Spectre @ [H]ard|OCP
- Samsung topples Intel as semiconductor top dog, but lead 'literally built on sand' @ The Register
- Scaling Raven Ridge with David Kanter: The TR Podcast 191
- Intel facing multiple class-action lawsuits over Meltdown' and 'Spectre' chip flaws @ The Inquirer
- Wine Takes Minor Performance Hit Running Windows Programs On Linux With KPTI @ Phoronix
- HP recalls even more laptop batteries because, you know, fire @ The Inquirer
Win10 automatically installed
Win10 automatically installed the KB4056892 patch for me yesterday, had no problems whatsoever with Eset AV.
Mine installed via Windows
Mine installed via Windows Update, but Bitdefender stopped working after it’s second self-update. I’m now using Windows Defender, after uninstalling B.D.free-edition, which is a pity, since I loved how much it did while I never knew it was there. The certificates it used were annoying, especially since it pops up a web-page on install/uninstall, then complains that browsers must be shut down so it can continue the installation/uninstallation process…
Lots of folks still using
Lots of folks still using windows 7 and 8.1 And askwoody and others are so damn focused on windows 10 with their incomplete information.
Lots of older PC/Laptops can’t even use windows 10 and most folks rarely update their OS on older hardware because the driver support for older graphics, on laptops mainly, does not play so nice with any newer OS versions and the Laptops’ OEMs are sure not going to be offering any help there also.
The anitvirus/firewall folks are not doing enough customer outreach on their own and there are a lot of folks using the older versions of the respective makers antivirus products and firewall products and not much news from the makers of these products concerning all this OS patching and their products compatability with the new windows OS patches.
There are planty of folks that get a free virus/firewall product license included with their cable/Internet service provider’s service and those older versions of firewall/virus software are not auto-updating to the latest version and folks do not pay much attantion! So who knows if that windows patch will ever be enabled on their systems even if it’s installed because their anti-virus software may be out of date but still enabled because its comes from the Cable/ISP as a special antivirus/firewall suite with the cable/ISP company’s branding on it also so it never goes out of service if that Cable/ISP contract is kept paid up!
Windows is not going to enable that registry setting unless the Antivirus/Firewall suite enables it so there may be a lot of systems with the windows OS patch staged but not enabled becuse of older Antivirus/Firewall software that may never have the update to work with the new patched Windows kernel!
IF hackers cant do any harm
IF hackers cant do any harm by online as they must access the machine physically why should we worry about to install the windows patch