Menu
Microsoft lifts security update embargo on Windows 10

Microsoft lifts security update embargo on Windows 10

But Windows 7 and 8.1 PCs must still contain approved antivirus to receive post-Spectre/Meltdown patches

Microsoft has lifted the security update blockade on Windows 10 PCs that do not have approved anti-virus (AV) software, but kept the no-patches-for-you rule in place for the more popular Windows 7.

The update roadblock was assembled in early January, when Microsoft issued mitigations against the Spectre and Meltdown vulnerabilities.

Those vulnerabilities stemmed from design flaws in virtually all modern processors made by Intel, AMD and ARM. According to Microsoft, the security updates could brick PCs equipped with AV software that had improperly tapped into kernel memory.

To prevent customers' machines from encountering "stop errors" - Microsoft's euphemism for "Blue Screen of Death" or BSOD - during installation of the security updates, the Redmond, Washington company said that AV vendors had to self-certify that their code was compatible with the Spectre/Meltdown patches.

Microsoft also required AV developers to signal that compatibility by writing a new key to the Windows Registry. If the key was not present, the updates would not download and install.

Bottom line, a Windows PC sans an approved anti-virus package would not be patched. Microsoft put it in stark terms: "Customers will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities unless their AV software vendor sets the following registry key [emphasis added]."

At the time, Microsoft would not say how long the AV rule would be maintained. Instead, it offered a nebulous until-we-say-so timeline.

"Microsoft will continue to enforce this requirement until there is high confidence that the majority of customers will not encounter device crashes after installing the security updates," a support document stated.

Chris Goettl, product manager with client security and management vendor Ivanti, said of the block, "I think it will be at least a few patch cycles."

Goettl nailed it, at least for Windows 10, because on Tuesday Microsoft said it had lifted the embargo. "Our recent work with our AV partners on compatibility with Windows updates has now reached a sustained level of broad ecosystem compatibility," the firm said in a different support document.

"Based on our analysis of available data, we are now lifting the AV compatibility check for the March 2018 Windows security updates for supported Windows 10 devices via Windows Update."

In cases where Microsoft knows that the AV software was incompatible with the updates, it will continue to block the latter from reaching affected PCs.

Though the update barrier was removed for Windows 10, it will remain in place for Windows 7 and Windows 8.1.

Users of those editions must continue to have a compatible AV package on board, one that sets the registry key. Alternately, customers can add the registry key themselves by following the "Setting the Registry Key" instructions here.

Because the Windows 10 security updates are cumulative - they include not just the current month's patches, but all patches issued previously - by applying the March collection, users will again have an up-to-date system.

It was unclear how long Microsoft would maintain the update restriction on Windows 7 and Windows 8.1. In a FAQ refreshed this week, the company repeated its vague timeline.

"Microsoft will continue to enforce this requirement for older versions of Windows until there is high confidence that the majority of customers will not encounter device crashes after installing the Windows security updates," one answer read.

"I'll share more details in the weeks ahead on AV compatibility for older versions of Windows," added John Cable, director of program management on the Windows servicing and delivery team, in a blog post Tuesday.

Windows 7 has been the most affected by the update stoppage; it was the only edition that did not come with a Microsoft-made AV package.

And by blocking security updates from reaching Windows 7 systems, Microsoft affected the biggest-possible audience: During February, Windows 7 powered 48 per cent of all Windows PCs, a user share larger than either Windows 10's (39 per cent) or Windows 8/8.1's (eight per cent).

And as part of this week's Patch Tuesday rollout, said Microsoft's Cable, Windows 7 x86 and Windows 8.1 x86 were patched against the Meltdown vulnerability.

Only the systems with compatible AV software, and a properly-set registry key, will receive those updates, however.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags CloudMicrosoftWindowsWindows 7Windows 10

Featured

Slideshows

Reseller News kicks off awards season in 2019 with Judges' Lunch

Reseller News kicks off awards season in 2019 with Judges' Lunch

The 2019 Reseller News Innovation Awards has kicked off with the Judges Lunch in Auckland with 70 judges in the voting panel. The awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors. Photos by Christine Wong.

Reseller News kicks off awards season in 2019 with Judges' Lunch
Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomed 2018 inductees - Chris Simpson, Kendra Ross and Phill Patton - to the third running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing landscape of the technology industry in New Zealand, while outlining ways to attract a new breed of players to the ecosystem. Photos by Gino Demeer.

Reseller News welcomes industry figures for 2019 Hall of Fame lunch
Upcoming tech talent share insights at inaugural Emerging Leaders Forum 2019

Upcoming tech talent share insights at inaugural Emerging Leaders Forum 2019

The channel came together for the inaugural Reseller News Emerging Leaders Forum in New Zealand, created to provide a program that identifies, educates and showcases the upcoming talent of the ICT industry. Hosted as a half day event, attendees heard from industry champions as keynoters and panelists talked about future opportunities and leadership paths and joined mentoring sessions with members of the ICT industry Hall of Fame. The forum concluded with 30 Under 30 Tech Awards across areas of Sales, Entrepreneur, Marketing, Management, Technical and Human Resources. Photos by Gino Demeer.

Upcoming tech talent share insights at inaugural Emerging Leaders Forum 2019
Show Comments