Current definitions in Patch and Compliance referencing Support for the Intel 'Meltdown' Security Vulnerability

For the latest information regarding the Meltdown and Spectre vulnerabilities see this article: A comprehensive guide to the Meltdown and Spectre vulnerabilities

Affected patches:

How to Scan and/or Repair against a custom group

Additional Information

Due to to possible BSOD issues that may occur when installing this update on system with out of date AV software, we will be adding a detection prerequisite as Windows Update does:

Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"

Value="cadca5fe-87d3-4b96-b7fb-a231484277cc"

Type="REG_DWORD”

If key does not exist you will be offered the detection only version of this patch.

This means that the associated patch for a system will not be remediated unless the Registry key is present. This mirrors how the patches are handled by Microsoft. Full details regarding the offering of the patch, and options if the Registry key is missing, are located in the Microsoft article here: https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released

An Example of the detection only definition being returned will contain "DETECT" in the definition name and under Patch Required it will say: No repair action specified There is also no patch information provided

An Example of the definition where the regkey is detected and you will be able to remediate

Support for the Intel 'Meltdown' security vulnerability KB4058702

Important information on detection logic for the Intel 'Meltdown' security vulnerability