Microsoft Removes Antivirus Registry Key Check for Windows 10 Users (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

Microsoft Removes Antivirus Registry Key Check for Windows 10 Users (bleepingcomputer.com)

Posted by msmash on Wednesday March 14, 2018 @02:10PM from the better-late-than-never dept.

Microsoft has backtracked on a decision it took back in January when it conditioned that computers without a special registry key would not receive any more security updates. From a report: That particular "requirement" was introduced as part of the Meltdown and Spectre patching process. At the time, Microsoft said that antivirus vendors would have to add a key to the Windows Registry to signal that they are compatible with Microsoft's original Meltdown and Spectre patches. This was a big issue at the time because Microsoft detected during testing that some antivirus vendors would inject code into parts of the kernel that the company was trying to patch against Meltdown and Spectre flaws.

38 comments

Min score:

Reason:

Sort:

Can't have users deciding by Anonymous Coward · 2018-03-14 14:19 · Score: 1

Can't let users have the power of deciding when to install updates now, can they? Gotta close that loophole. Microsoft knows best.
1. Re:Can't have users deciding by Anonymous Coward · 2018-03-18 22:36 · Score: 0
  
  Can't let users have the power of deciding when to install updates now, can they? Gotta close that loophole. Microsoft knows best.
  exactly... plus it emphasized that the way you pay for windows 10 is by using it... not buying it... its users are the products
  they should just take the final step and admit what is already the reality, that windows 10 is free to install and use and that you pay for it each time you use it... with your private life!
Makes Sense by ErstO · 2018-03-14 14:24 · Score: 4, Interesting

it does not really sound like a backtrack, but more like we do not need to do this anymore, now that the antivirus programs stopped using those parts of the kernel that the patch needed.
Holy Cow by SuperKendall · 2018-03-14 14:37 · Score: 3, Insightful

This was a big issue at the time because Microsoft detected during testing that some antivirus vendors would inject code into parts of the kernel that the company was trying to patch against Meltdown and Spectre flaws.
This is really bringing me back to the old days of Microsoft Windows...
Never have Mac and Linux and BSD and well, all other OS users ever been so glad as not to be a part of the Mother of All Cluster Fucks that is Windows. And we were pretty glad before.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
1. Re: Holy Cow by Anonymous Coward · 2018-03-14 22:30 · Score: 0
  
  I don't think you really understand how browser updates work.
2. Re:Holy Cow by thegarbz · 2018-03-15 07:48 · Score: 0
  
  and well, all other OS users ever been so glad as not to be a part of the Mother of All Cluster Fucks that is Windows.
  Not sure what windows has to do with anything. Are you glad because you're in the minority of no interest and don't run anti-virus software, or are you glad that kernel updates would break your software and no attempt is made to keep your software working after an update?
Legal HOW?? by Anonymous Coward · 2018-03-14 14:50 · Score: 0

Seriously what the fuck?
How on earth are people supposed to keep track of shit like this? We literally have BLOCKED updates because they are evil, how much more of this crap needs to happen before Government steps in?? It's not even a joke any more.
Fuck Windows 10. by Anonymous Coward · 2018-03-14 14:54 · Score: 0

Windows 10 is still a huge pile of shit and anyone who uses it is a moron who deserves all of the headache and loss of security/privacy that it brings.
Fuck Windows 10 by Anonymous Coward · 2018-03-14 14:55 · Score: 0

Windows 10 is still a huge pile of shit and anyone who uses it is a moron who deserves all of the headaches and loss of security/privacy that it brings.
Microsoft not obeying the wishes of users? by Anonymous Coward · 2018-03-14 14:55 · Score: 0

The hell you say! It is almost like they are an abusive corporate entity that does not have the best interest of anyone but themselves in mind and in fact will harm or destroy anything they can reach out and touch.
P.S. go linux today and never look back, it will be the greatest decision you ever made in your life and you will have no regrets
Take that you buillies by Anonymous Coward · 2018-03-14 14:58 · Score: 0

The bulling tactics of MS failed, yay for common sense
Backtracked? No. Temporary. by Anonymous Coward · 2018-03-14 15:04 · Score: 0

Backtracked? No. It was only ever temporary
Honestly. The days of Microsoft pandering to people that won't move are gone.
Code injection, hey? by Anonymous Coward · 2018-03-14 15:32 · Score: 0

Microsoft detected during testing that some antivirus vendors would inject code into parts of the kernel that the company was trying to patch against Meltdown and Spectre flaws.

And people wonder why the already-unstable Windows operating system crashes even more when you install an anti-virus tool on it?
I'm all for hating Microsoft... by ckatko · 2018-03-14 17:23 · Score: 5, Interesting

...but screw A/V vendors even more. There are countless devs on huge projects like Firefox and Chrome that talk about how horrible A/V vendors treat your system and even INJECT new vulnerabilities into your system.
https://it.slashdot.org/story/...
https://www.theregister.co.uk/...
WSUS by l0n3s0m3phr34k · 2018-03-14 17:46 · Score: 1

How does this affect Windows systems that receive all their updates via WSUS?
Finally, a feature we can get behind ... by _Sharp'r_ · 2018-03-14 18:44 · Score: 3, Interesting

Finally, a way to actually turn off updates until we want them in Windows 10 and MS comes back and takes the feature away. Sheesh!

--
The party of stupid and the party of evil get together and do something both stupid and evil, then call it bipartisan.
1. Re:Finally, a feature we can get behind ... by drinkypoo · 2018-03-15 05:06 · Score: 1
  
  Finally, a way to actually turn off updates until we want them in Windows 10 and MS comes back and takes the feature away. Sheesh!
  The left hand reacheth for your wallet, and the right hand flippeth thou the bird.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
And if the AV is still incompatible.. by w.hamra1987 · 2018-03-14 19:56 · Score: 1

what happens then? Guess I gotta brace myself for a wave of new frustrated customers :D

--
my sig pwns your sig
Close by Anonymous Coward · 2018-03-14 20:05 · Score: 0

If only I could choose what updates/when to install them instead.
So does this mean.. by CptLoRes · 2018-03-14 21:44 · Score: 1

That if I stay on Win7 and don't add this key, Microsoft will leave me alone unless I manually want to update something? Don't know about you, but this sounds like a really nice feature to me..
Microsoft terrible at control by Anonymous Coward · 2018-03-14 21:49 · Score: 0

Microsoft wants control of everything in Windows 10 and they are terrible at doing it. What's more secure then users using third party paid security suites? Not like Microsoft doesn't admit Defender is basic security and not something that competes with third party paid security or does it? Microsoft has made Windows worse not better by obsessing over control and it has not made it more stable or better and certainly not more secure.
No way! by drinkypoo · 2018-03-14 22:55 · Score: 1

Microsoft said they would do one thing and then did another? That's only exactly what they do literally every goddamned time.

--
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Missing the actual story? by BinaryTB · 2018-03-15 01:05 · Score: 1

"some antivirus vendors would inject code into parts of the kernel"

That's the more important part of the story.
Uh ... by thomst · 2018-03-15 01:09 · Score: 2

Antivirus vendors' products are injecting their own code "into parts of the kernel" that Microsoft was trying to patch? And Microsoft allows this?
No third-party software should ever be allowed to patch an OS kernel - any OS kernel. Ever.
(Yes, yes, I know. Kernel patching has been SOP for all kinds of Windows software for decades now. But, c'mon - Windows 10 was supposed to have been designed from the ground up to be secure. Permitting the OS kernel to be patched by third parties, even with user permission required, is a fundamental security design flaw that no OS architect should allow ...

--
Check out my novel.
1. Re:Uh ... by Anonymous Coward · 2018-03-15 05:01 · Score: 0
  
  MS has offered APIs for anti-viral needs for some time, but not all of the providers used them.
2. Re:Uh ... by thegarbz · 2018-03-15 07:56 · Score: 1
  
  Permitting the OS kernel to be patched by third parties,
  
  I don't think you understand what is happening here.
3. Re:Uh ... by Trogre · 2018-03-15 08:12 · Score: 2
  
  Okay, thegarbz, I've seen a lot of Microsoft apologist posts coming from you recently. Would you care to explain to us lay people exactly what is happening here, if it's not OS kernel patching by third parties.
  Take all the time you need.
  Or should we just congratulate you on your new job now and ask you to say hi to Satya?
  
  --
  "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
4. Re:Uh ... by Hognoxious · 2018-03-15 08:56 · Score: 1
  
  Maybe Lennart Poettering refused to give him a reach-around?
  
  --
  Confucius say, "Find worm in apple - bad. Find half a worm - worse."
5. Re:Uh ... by thegarbz · 2018-03-16 07:55 · Score: 1
  
  I've seen a lot of Microsoft apologist posts coming from you recently
  Then you're not paying attention. I am an equal opportunity disagreer of stupid posts on Slashdot. Microsoft is not special in any regard.
  
  if it's not OS kernel patching by third parties
  3rd parties don't patch the windows kernel. What plenty of third parties do is use both documented and undocumented APIs to elevate their software access to the point where they access the kernel memory space. Kind of the only way to really discover and protect against rootkits. One of these methods is incompatible with the solution to Spectre.
  If you thought anyone was "patching" then pretty much every minor windows update would break the software. Interestingly you know what does patch OS kernels? Some open source software.
6. Re:Uh ... by thegarbz · 2018-03-16 07:57 · Score: 1
  
  Maybe Lennart Poettering refused to give him a reach-around?
  Nah man, I can't get it up right now on account of just finishing up on your mama's* face.
  *No one is ever too old for a your mama joke.
I thought by Anonymous Coward · 2018-03-15 01:37 · Score: 0

Microsoft had stopped letting the Kernel get modified by non-Microsoft entities. This is a new kind of horrifying.
Why are comments not appearing on Slashdot by Anonymous Coward · 2018-03-15 01:52 · Score: 0

Articles show 0 comments even though the comment count says otherwise, and after comments are posted they just disappear
Frist Psot!!!pne by Anonymous Coward · 2018-03-15 03:31 · Score: 0

I wish the summary provided a bit more information and explained why MS backtracked.
They didn't backtrack by thegarbz · 2018-03-15 07:53 · Score: 1

Microsoft put the check in place for compatibility reasons. Yet they have clearly said in the article and the original announcement that the reason they are dropping this flag is because their vendors did exactly what the registry key was designed to do: Get vendors to update their software or admit they are leaving users at risk.
Vendors chose to update their software, registry key is now superfluous. That a backtrack doesn't make.