Author Topic: MS Security Update for Meltdown  (Read 45844 times)

0 Members and 1 Guest are viewing this topic.

Offline moroni

  • Avast team
  • Poster
  • *
  • Posts: 634
MS Security Update for Meltdown
« on: January 05, 2018, 12:21:21 PM »
UPDATE [Jan 9] Microsoft has pushed the update to Win 8.1 as well. Users of Avast should receive the updates automatically for all the supported versions of Windows.

--------------------------------------------------

UPDATE [Jan 8] Microsoft is the pushing security updates in stages. As of now, Avast users of Win 7, Win 10 RS2 and Win 10 RS3 are getting security updates automatically, other versions will follow soon.

--------------------------------------------------
Hi everyone,

Please be aware that AVAST is compatible with the MS Security Update for the Intel Vulnerability called "Meltdown" since December 2017, and is also storing the required registry key (since January 3rd 2018). Users of AVAST should not have any issues receiving the patch via Windows Update.

More info at https://support.avast.com/en-ww/article/253/

« Last Edit: January 09, 2018, 07:59:22 PM by moroni »

Offline pdkent2002

  • Newbie
  • *
  • Posts: 19
Re: MS Security Update for Meltdown
« Reply #1 on: January 05, 2018, 03:05:31 PM »
Maybe I shouldn't be having trouble, but I am.  I'm using Win 10 Home, 1709 (build 16299.125), Avast Free Antivirus 17.9.2322 (Build 17.9.3761.0) with virus definition 180105-0.  My firewall is the Windows 10 built-in firewall left at the MS default settings.  Forcing a Windows update indicates that I'm up to date.  However, my last update was installed in mid-December.  Similarly, forcing updates to the Avast program and virus definitions also indicates that I'm up to date.  However, no sign of the MS patch for Meltdown.  Suggestions please!
Peter

Offline pdkent2002

  • Newbie
  • *
  • Posts: 19
Re: MS Security Update for Meltdown
« Reply #2 on: January 05, 2018, 03:15:29 PM »
Further information, I checked my registry and do not have the key I'm supposed to have.  Please advise.  Peter
CORRECTION:  I was looking in the wrong place in the registry.  I do have the required key.  However, MS update isn't providing the patch.  Should I wait until Tuesday or manually download and install the patch now?
« Last Edit: January 05, 2018, 05:04:13 PM by pdkent2002 »

Offline suk

  • Avast team
  • Jr. Member
  • *
  • Posts: 29
Re: MS Security Update for Meltdown
« Reply #3 on: January 05, 2018, 06:22:16 PM »
It looks like Microsoft is pushing the patch quite slowly (it was not offered on my computer either).
If you want to install it manually without waiting, you can get the cumulative update for Win10 from https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892 - there is a link to Microsoft Update Catalog website.

Offline TheOwner

  • Sr. Member
  • ****
  • Posts: 303
Re: MS Security Update for Meltdown
« Reply #4 on: January 05, 2018, 06:26:57 PM »
Hello, I expect this fix at patch tuesday (second tuesday in month).
« Last Edit: January 05, 2018, 06:28:38 PM by TheOwner »

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 83751
  • No support PMs thanks
Re: MS Security Update for Meltdown
« Reply #5 on: January 05, 2018, 06:52:58 PM »
Hello, I expect this fix at patch tuesday (second tuesday in month).

This is more what I would expect of MS, whilst this is a vulnerability, in the past MS still waited until patch Tuesday and on occasion even longer before patching.  As has been mentioned the actual patch for this is within a KB that includes other stuff also.  So I'm not so sure how much urgency MS are putting into this.

Not to mention this isn't an immediate issue, first your computer would also have to be infected to take advantage of the vulnerability.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.595) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline Michal256

  • Jr. Member
  • **
  • Posts: 30
Re: MS Security Update for Meltdown
« Reply #6 on: January 05, 2018, 07:13:17 PM »
The point is the vulnerability can be exploited using JavaScripts embedded in malicious sites. The patch from MS also contains fixes to IE and Edge, meaning MS should be interested in releasing it to all end users ASAP.

Mozilla have released a hotfix with adjustments for browser config to minimize the exploitation possibilities, and Google have published their settings recommendations. IE and Edge can't be updated separately though, given how MS now handles patching.

Offline pdkent2002

  • Newbie
  • *
  • Posts: 19
Re: MS Security Update for Meltdown
« Reply #7 on: January 05, 2018, 07:14:55 PM »
I just discovered why some of us may not be getting the patch via MS Update even if we've verified that we have the required registry key.  I downloaded from the Intel web site their SA-00086 chip tester that they developed specifically to determine if a user's processor is vulnerable. I've attached the report for my Dell PC, which is approximately 5 yrs old.  Surprise:  I'm supposedly not vulnerable!!  Perhaps there's something my my registry that enables MS to detect that and determine that I don't need a patch.  You can download the tool directly from Intel at: https://downloadcenter.intel.com/download/27150?v=t   The page that provides documentation is:
https://www.intel.com/content/www/us/en/support/articles/000025619/software.html  Maybe you'll be in luck also.   Peter

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6497
  • When you think you know, Think Again
Re: MS Security Update for Meltdown
« Reply #8 on: January 05, 2018, 07:16:41 PM »
Got tired of waiting.
Downloaded and Installed Cumulative Update for Win 10 64Bit from MS.
All went smoothly. :)
***HP ENVY 15K LT W10 Pro 2004 64Bit/750GB HD/16GB Ram/Avast Premium 20.8.2427b/Secureline VPN v.5.7.5118b/ADU v.20.1b/ASB v.85b/SANDBOXIE/Prey Project
**HP Compaq 8510p LT W10 Pro 2004 64Bit/1TB HD/8GB Ram/Avast Premium 20.8.2427b/ADU v.20.1b/SANDBOXIE/Prey Project/HotSpot Shield VPN
     
*Dell Inspiron XPsp4 PRO 32Bit/Avast(since 2002)18.8.2356/WP/Comodo FW 3.14/Secureline/Comodo IceDragon v.40
LAYERED SECURITY SOFTWARE PROTECTION

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 83751
  • No support PMs thanks
Re: MS Security Update for Meltdown
« Reply #9 on: January 05, 2018, 07:24:16 PM »
@  pdkent2002
It isn't so much what you have in registry to determine your need for the patch, but that your AV would support the patch if issued.

The Intel tool is checking your CPU to see if it is vulnerable and it is in more 'modern' CPUs with the vulnerability/flaw.  I suspect your CPU, like mine (Core2Duo E8300) predates this determination of a modern CPU.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.595) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline Rundvleeskroket

  • Sr. Member
  • ****
  • Posts: 308
Re: MS Security Update for Meltdown
« Reply #10 on: January 05, 2018, 07:50:46 PM »
Surprise:  I'm supposedly not vulnerable!!

Yes you are!

This tool checks for a vulnerability in the Intel Management Engine. That is a completely separate problem from both Meltdown and Spectre.
« Last Edit: January 05, 2018, 07:52:22 PM by Rundvleeskroket »

Offline rjsattler

  • Newbie
  • *
  • Posts: 4
Re: MS Security Update for Meltdown
« Reply #11 on: January 05, 2018, 08:02:23 PM »
Still not getting the Win10 patches for this security issue - on every PC I have Avast installed on. Avast is up to date on all of them. I have rebooted them multiple times. So, I take issue with your confidence that Avast is compatible!

I removed Avast from one of them and guess what - after rebooting the system (required to complete the uninstall of Avast) - UPDATES began immediately.

And for those with Malwarebytes installed as well (I have it on all my PC's), the computer I mention here has Malwarebytes installed and running before, during and after deleting Avast. No issues with that software preventing the update.

MS has no vested interest in putting people in a queue for this particular update. It was ready as of yesterday, your computer should have already downloaded and installed it. If yours did not, your antivirus is most likely getting in the way. I do not condone uninstalling any AntiVirus product as I did. I only did it to find out if Avast was stopping the update. You can draw your own conclusions.

EDIT: add additional info regarding Malwarebytes and remove some salty language :)
UPDATE: I responded to some questions, you can find them on Page 3, Reply #34 (link below)
click here
« Last Edit: January 06, 2018, 04:54:44 AM by rjsattler »

Offline jiri.sochurek

  • Newbie
  • *
  • Posts: 1
Re: MS Security Update for Meltdown
« Reply #12 on: January 05, 2018, 08:27:49 PM »
Ihave Avast Pro antivirus 17.9.2322 build 17.9.3761.0 but do not have Allow Regkey. Even i do not have file QualityCompat!!! I do not understand.
« Last Edit: January 05, 2018, 08:33:46 PM by jiri.sochurek »

Offline TwasSnood

  • Newbie
  • *
  • Posts: 13
Re: MS Security Update for Meltdown
« Reply #13 on: January 05, 2018, 08:51:26 PM »
I removed Avast from one of them and guess what - after rebooting the system (required to complete the uninstall of Avast) - UPDATES began immediately.

And for those with Malwarebytes installed as well (I have it on all my PC's), the computer I mention here has Malwarebytes installed and running before, during and after deleting Avast. No issues with that software preventing the update.

Exactly what happened for me, and I use MBAM as well.

Offline safeman

  • Newbie
  • *
  • Posts: 3
Re: MS Security Update for Meltdown
« Reply #14 on: January 05, 2018, 09:03:42 PM »
Still not getting the Win10 patches for this security issue - on every PC I have Avast installed on. Avast is up to date on all of them. I have rebooted them multiple times. So, I take issue with your confidence that Avast is compatible!

I removed Avast from one of them and guess what - after rebooting the system (required to complete the uninstall of Avast) - UPDATES began immediately.

And for those with Malwarebytes installed as well (I have it on all my PC's), the computer I mention here has Malwarebytes installed and running before, during and after deleting Avast. No issues with that software preventing the update.

MS has no vested interest in putting people in a queue for this particular update. It was ready as of yesterday, your computer should have already downloaded and installed it. If yours did not, your antivirus is most likely getting in the way. I do not condone uninstalling any AntiVirus product as I did. I only did it to find out if Avast was stopping the update. You can draw your own conclusions.

EDIT: add additional info regarding Malwarebytes and remove some salty lanquage :)

I too have Malwarebytes and Avast. Like you I uninstalled Avast and left Malwarebytes installed. I have Win 10 build 1709 (Fall Creators Update). After my computer restarted I did an manual update check and immediately the update started downloading and installed perfectly. Apparently Windows Defender is the component that Microsoft requires for the security patch to work correctly. I am leaving Avast uninstalled for now.