Quantcast
Channel: Ivanti User Community : All Content - Patch Manager
Viewing all articles
Browse latest Browse all 1121

Important information on detection logic for the Intel 'Meltdown' security vulnerability

$
0
0

Overview

 

Microsoft has identified a severe compatibility issue with a small number of anti-virus software products.

 

We highly suggest all customers review these issues here:  https://support.microsoft.com/en-us/help/4072699

 

Due to to possible BSOD issues that may occur when installing this update on system with out of date AV software, we will be adding a detection prerequisite as Windows Update does:

Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"

Value="cadca5fe-87d3-4b96-b7fb-a231484277cc"

Type="REG_DWORD”

 

If key does not exist you will be offered the detection only version of this patch.

 

This means that the associated patch for a system will not be remediated unless the Registry key is present. This mirrors how the patches are handled by Microsoft. Full details regarding the offering of the patch, and options if the Registry key is missing, are located in the Microsoft article here: https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released

 

The patches will be offered for deployment if the key exists.

Affected patches:

  • MS18-01-IE Q4056568
  • MS18-01-SO7 Q4056897
  • MS18-01-SO8 Q4056899
  • MS18-01-SO81 Q4056898
  • MS18-01-W10 Q4056888, Q4056890, Q4056891, Q4056892, Q4056893

Affected CVEs:

  • CVE-2017-5753
  • CVE-2017-5715
  • CVE-2017-5754

 

Link to Security bulletin advisory:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002


Viewing all articles
Browse latest Browse all 1121