Microsoft Security Update Conflicts with Antivirus Software
Microsoft January 2018 security updates conflict with certain antivirus software. The problem happens when an incompatible antivirus program makes unsupported calls into Windows kernel memory. The unsupported call can cause a “stop error” commonly known as the infamous “blue screen of death.” This device wont boot after the security patch is applies.
As a result of the incompatibility, updates won’t push to certain devices with incompatible antivirus software. In other words, your machine won’t receive any future security patches if Microsoft things your software is not compatible!
The security update was rolled out on 3 January 2018.
Software manufacturers must indicate that their antivirus program is compatible by editing a registry key. The settings are listed below.
Which Antivirus Software is Incompatible?
Software from Avast, Avira, EMSI, ESET, F-Secure, Kaspersky, Malwarebytes, Symantec, CrowdStrike, Endgame, McAfee, SentinalOne, and Trend Micro are compatible with the patch. The list of antivirus apps is numerous. Security researcher Kevin Beaumont out together a list of antivirus products that are both compatible with Microsoft’s CPU update and have the required Windows registry key set. Once the registry key is set, then MS security updates will resume.
Windows Defender Antivirus, System Center Endpoint Protection, and Microsoft Security Essentials are all compatible.
According to the Microsoft support website, the correct registry to set is:
Note: Customers will not receive the January 2018 Windows security updates (or any subsequent Windows security updates) and will not be protected from security vulnerabilities unless and until their antivirus software vendor sets the following registry key:
Key=”HKEY_LOCAL_MACHINE” Subkey=”SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat” Value=”cadca5fe-87d3-4b96-b7fb-a231484277cc” Type=”REG_DWORD”
Consumers can also set the registry themselves if they have the knowledge to do so. OF course, an error here can cause a device not to run properly.