Five ideas to build a better IT security strategy in the enterprise
Antivirus firms are gradually adding support for Microsoft’s Windows patch for the Meltdown and Spectre attack methods that affect most modern CPUs.
As Microsoft warned this week, it’s not delivering its January 3 Windows security updates to customers if they’re running third-party antivirus, unless the AV is confirmed to be compatible with it.
Microsoft’s testing found some antivirus products were producing errors by making unsupported calls into Windows kernel memory, resulting in blue screen of death (BSOD) errors.
Third-party Windows antivirus products need to support Microsoft’s security update and set a Windows registry key for customers to receive the update via Windows Update.
To make matters more confusing, only some antivirus vendors are actually doing both, while others require admins to set the registry key themselves, using Microsoft’s instructions. Additionally, some antivirus companies haven’t completed compatibility testing.
Microsoft hasn’t said which antivirus products are compatible beyond its own Windows Defender and Microsoft Security Essentials. However, security researcher Kevin Beaumont has created a public spreadsheet that may help IT admins prepare for installing Microsoft’s mitigations for the attack techniques that affect CPUs from Intel, AMD and Arm, albeit to differing degrees.