Important information on detection logic for the Intel 'Meltdown' security vulnerability

Version 5

    Verified Product Versions

    Endpoint Manager 9.6Endpoint Manager 2016.x

    Overview

     

    Microsoft has identified a severe compatibility issue with a small number of anti-virus software products.

     

    We highly suggest all customers review these issues here:  https://support.microsoft.com/en-us/help/4072699

     

    Due to to possible BSOD issues that may occur when installing this update on system with out of date AV software, we will be adding a detection prerequisite as Windows Update does:

    Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"

    Value="cadca5fe-87d3-4b96-b7fb-a231484277cc"

    Type="REG_DWORD”

     

    If key does not exist you will be offered the detection only version of this patch.

     

    This means that the associated patch for a system will not be remediated unless the Registry key is present. This mirrors how the patches are handled by Microsoft. Full details regarding the offering of the patch, and options if the Registry key is missing, are located in the Microsoft article here: https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released

     

    The patches will be offered for deployment if the key exists.

    Affected patches:

    • MS18-01-IE Q4056568
    • MS18-01-SO7 Q4056897
    • MS18-01-SO8 Q4056899
    • MS18-01-SO81 Q4056898
    • MS18-01-W10 Q4056888, Q4056890, Q4056891, Q4056892, Q4056893

    Affected CVEs:

    • CVE-2017-5753
    • CVE-2017-5715
    • CVE-2017-5754

     

    Link to Security bulletin advisory:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

     

    Please note that this reg key will be required for the February 2018 cumulative patches that replace these listed in this document and reg key will be needed for all replaced monthly patches for the foreseeable future as well.