Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Removes Antivirus Registry Key Check for Windows 10 Users (bleepingcomputer.com)

Posted by msmash on from the better-late-than-never dept.

Microsoft has backtracked on a decision it took back in January when it conditioned that computers without a special registry key would not receive any more security updates. From a report: That particular "requirement" was introduced as part of the Meltdown and Spectre patching process. At the time, Microsoft said that antivirus vendors would have to add a key to the Windows Registry to signal that they are compatible with Microsoft's original Meltdown and Spectre patches. This was a big issue at the time because Microsoft detected during testing that some antivirus vendors would inject code into parts of the kernel that the company was trying to patch against Meltdown and Spectre flaws.

6 of 38 comments (clear)

  1. Makes Sense by ErstO · · Score: 4, Interesting

    it does not really sound like a backtrack, but more like we do not need to do this anymore, now that the antivirus programs stopped using those parts of the kernel that the patch needed.

  2. Holy Cow by SuperKendall · · Score: 3, Insightful

    This was a big issue at the time because Microsoft detected during testing that some antivirus vendors would inject code into parts of the kernel that the company was trying to patch against Meltdown and Spectre flaws.

    This is really bringing me back to the old days of Microsoft Windows...

    Never have Mac and Linux and BSD and well, all other OS users ever been so glad as not to be a part of the Mother of All Cluster Fucks that is Windows. And we were pretty glad before.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  3. I'm all for hating Microsoft... by ckatko · · Score: 5, Interesting

    ...but screw A/V vendors even more. There are countless devs on huge projects like Firefox and Chrome that talk about how horrible A/V vendors treat your system and even INJECT new vulnerabilities into your system.

    https://it.slashdot.org/story/...

    https://www.theregister.co.uk/...

  4. Finally, a feature we can get behind ... by _Sharp'r_ · · Score: 3, Interesting

    Finally, a way to actually turn off updates until we want them in Windows 10 and MS comes back and takes the feature away. Sheesh!

    --
    The party of stupid and the party of evil get together and do something both stupid and evil, then call it bipartisan.
  5. Uh ... by thomst · · Score: 2

    Antivirus vendors' products are injecting their own code "into parts of the kernel" that Microsoft was trying to patch? And Microsoft allows this?

    No third-party software should ever be allowed to patch an OS kernel - any OS kernel. Ever.

    (Yes, yes, I know. Kernel patching has been SOP for all kinds of Windows software for decades now. But, c'mon - Windows 10 was supposed to have been designed from the ground up to be secure. Permitting the OS kernel to be patched by third parties, even with user permission required, is a fundamental security design flaw that no OS architect should allow ...

    --
    Check out my novel.
    1. Re:Uh ... by Trogre · · Score: 2

      Okay, thegarbz, I've seen a lot of Microsoft apologist posts coming from you recently. Would you care to explain to us lay people exactly what is happening here, if it's not OS kernel patching by third parties.

      Take all the time you need.

      Or should we just congratulate you on your new job now and ask you to say hi to Satya?

      --
      "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife