Important information on detection logic for the Intel 'Meltdown' security vulnerability

Version 8

    Overview

     

    Microsoft has identified a severe compatibility issue with a small number of anti-virus software products.

    We highly suggest all customers review these issues here:  https://support.microsoft.com/en-us/help/4072699

    Due to to possible BSOD issues that may occur when installing this update on system with out of date AV software, we will be adding a detection prerequisite:

    Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"

    Value="cadca5fe-87d3-4b96-b7fb-a231484277cc"

    Type="REG_DWORD”

     

    • The patches will be offered for deployment if the key exists.
    • If key does not exist you will be offered the detection only version of this patch.

     

    Affected patches:

     

    • MS18-01-IE Q4056568 - Cumulative Updates for Internet Explorer
    • MS18-01-SO7 Q4056897 - Security Only Update for Windows 7 and Server 2008 R2
    • MS18-01-SO8 Q4056899 - Security Only Update for Server 2012
    • MS18-01-SO81 Q4056898 - Security Only Update for Windows 8.1 and 2012 R2
    • MS18-01-W10 Q4056888, Q4056890, Q4056891, Q4056892, Q4056893 - Cumulative Update for Windows 10 and Server 2016

     

    Affected CVEs:

     

    • CVE-2017-5753
    • CVE-2017-5715
    • CVE-2017-5754

     

    Link to Security bulletin advisory:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

     

    Additional Information

     

    How to scan for specific patches: How To: Include or Exclude Specific Patches in Scan Results

    How to deploy these patches:  How To: Deploy Windows Security OOB updates released January 3, 2018

    How to add the registry using Security Tool IVA18-002 Q4072699: Security Tool: Implement the QualityCompat registry key that enables Windows security updates released on January 3, 2018

    Affected Products

     

    Ivanti Patch for Windows Servers 9.3.x

    Shavlik Protect 9.2.x