Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Microsoft Security Windows

Microsoft Removes Antivirus Registry Key Check for Windows 10 Users (bleepingcomputer.com) 38

Microsoft has backtracked on a decision it took back in January when it conditioned that computers without a special registry key would not receive any more security updates. From a report: That particular "requirement" was introduced as part of the Meltdown and Spectre patching process. At the time, Microsoft said that antivirus vendors would have to add a key to the Windows Registry to signal that they are compatible with Microsoft's original Meltdown and Spectre patches. This was a big issue at the time because Microsoft detected during testing that some antivirus vendors would inject code into parts of the kernel that the company was trying to patch against Meltdown and Spectre flaws.
This discussion has been archived. No new comments can be posted.

Microsoft Removes Antivirus Registry Key Check for Windows 10 Users

Comments Filter:
  • by Anonymous Coward

    Can't let users have the power of deciding when to install updates now, can they? Gotta close that loophole. Microsoft knows best.

  • Makes Sense (Score:4, Interesting)

    by ErstO ( 1696262 ) on Wednesday March 14, 2018 @09:24PM (#56262939)
    it does not really sound like a backtrack, but more like we do not need to do this anymore, now that the antivirus programs stopped using those parts of the kernel that the patch needed.
  • Holy Cow (Score:4, Insightful)

    by SuperKendall ( 25149 ) on Wednesday March 14, 2018 @09:37PM (#56262959)

    This was a big issue at the time because Microsoft detected during testing that some antivirus vendors would inject code into parts of the kernel that the company was trying to patch against Meltdown and Spectre flaws.

    This is really bringing me back to the old days of Microsoft Windows...

    Never have Mac and Linux and BSD and well, all other OS users ever been so glad as not to be a part of the Mother of All Cluster Fucks that is Windows. And we were pretty glad before.

    • and well, all other OS users ever been so glad as not to be a part of the Mother of All Cluster Fucks that is Windows.

      Not sure what windows has to do with anything. Are you glad because you're in the minority of no interest and don't run anti-virus software, or are you glad that kernel updates would break your software and no attempt is made to keep your software working after an update?

  • by Chris Katko ( 2923353 ) on Thursday March 15, 2018 @12:23AM (#56263343)

    ...but screw A/V vendors even more. There are countless devs on huge projects like Firefox and Chrome that talk about how horrible A/V vendors treat your system and even INJECT new vulnerabilities into your system.

    https://it.slashdot.org/story/... [slashdot.org]

    https://www.theregister.co.uk/... [theregister.co.uk]

  • How does this affect Windows systems that receive all their updates via WSUS?
  • Finally, a way to actually turn off updates until we want them in Windows 10 and MS comes back and takes the feature away. Sheesh!

    • Finally, a way to actually turn off updates until we want them in Windows 10 and MS comes back and takes the feature away. Sheesh!

      The left hand reacheth for your wallet, and the right hand flippeth thou the bird.

  • what happens then? Guess I gotta brace myself for a wave of new frustrated customers :D

  • Comment removed based on user account deletion
  • Microsoft said they would do one thing and then did another? That's only exactly what they do literally every goddamned time.

  • "some antivirus vendors would inject code into parts of the kernel"

    That's the more important part of the story.
  • by thomst ( 1640045 ) on Thursday March 15, 2018 @08:09AM (#56264087) Homepage

    Antivirus vendors' products are injecting their own code "into parts of the kernel" that Microsoft was trying to patch? And Microsoft allows this?

    No third-party software should ever be allowed to patch an OS kernel - any OS kernel. Ever.

    (Yes, yes, I know. Kernel patching has been SOP for all kinds of Windows software for decades now. But, c'mon - Windows 10 was supposed to have been designed from the ground up to be secure. Permitting the OS kernel to be patched by third parties, even with user permission required, is a fundamental security design flaw that no OS architect should allow ...

    • Permitting the OS kernel to be patched by third parties,

      I don't think you understand what is happening here.

      • by Trogre ( 513942 )

        Okay, thegarbz, I've seen a lot of Microsoft apologist posts coming from you recently. Would you care to explain to us lay people exactly what is happening here, if it's not OS kernel patching by third parties.

        Take all the time you need.

        Or should we just congratulate you on your new job now and ask you to say hi to Satya?

        • Maybe Lennart Poettering refused to give him a reach-around?

          • Maybe Lennart Poettering refused to give him a reach-around?

            Nah man, I can't get it up right now on account of just finishing up on your mama's* face.

            *No one is ever too old for a your mama joke.

        • I've seen a lot of Microsoft apologist posts coming from you recently

          Then you're not paying attention. I am an equal opportunity disagreer of stupid posts on Slashdot. Microsoft is not special in any regard.

          if it's not OS kernel patching by third parties

          3rd parties don't patch the windows kernel. What plenty of third parties do is use both documented and undocumented APIs to elevate their software access to the point where they access the kernel memory space. Kind of the only way to really discover and protect against rootkits. One of these methods is incompatible with the solution to Spectre.

          If you thought anyone was "p

  • Microsoft put the check in place for compatibility reasons. Yet they have clearly said in the article and the original announcement that the reason they are dropping this flag is because their vendors did exactly what the registry key was designed to do: Get vendors to update their software or admit they are leaving users at risk.

    Vendors chose to update their software, registry key is now superfluous. That a backtrack doesn't make.

Avoid strange women and temporary variables.

Working...