You're security conscious. You're aware of the threats. You like to run a tight ship.
You install the latest security patches, and - of course - you run an up-to-date anti-virus.
Well, things just got a heck lot more complicated for users of some anti-virus programs.
That's because Microsoft has said that customers who are running certain anti-virus products will not receive its bundle of January 2018 security patches (including mitigations against the Spectre and Meltdown CPU flaws) unless their products certify that they don't make unsupported calls into Windows kernel memory.
According to Redmond, some security products jump through some hoops and perform double somersaults to bypass the Kernel Patch Protection built into the operating system. And unfortunately, those techniques, are incompatible with Microsoft's latest patches - and cause computers to blue screen.
So, Microsoft is demanding that anti-virus products certify that their software work with its fixes by adding a registry key every time they startup.
More details of the issue can be found in this blog post by researcher Kevin Beaumont, including a link to a spreadsheet he is maintaining of which anti-virus products are setting the Registry key.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Meltdown+and+Spectre+Attacks
More details of the issue can be found in this blog post by researcher Kevin Beaumont, including a link to a spreadsheet he is maintaining of which anti-virus products are setting the Registry key.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Meltdown+and+Spectre+Attacks
https://gustmeesde.wordpress.com/2014/12/16/browser-sind-das-einfallstor-fur-malware-sind-eure-browser-up-to-date/
https://gustmeesde.wordpress.com/2014/12/26/programme-die-auf-jeden-neuen-pc-und-smartphones-gehoren/