Yes, targets that either has no AV or out of date AV installed will not be offered deployment, this is directly related to require registry.
Please see these docs:
Let us know if you have any questions.
You mean that targets that just have OLD Antivirus won't be offered the patch, correct?
Servers that have NO Antivirus would be fine and would be offered the patch, correct?
OK, so I found it. IF you DON'T have any Antivirus running on your servers, you can manually set the registry to receive the patch:
Customers without Anti-Virus
Microsoft recommends all customers protect their devices by running a supported anti-virus program. Customers can also take advantage of built-in anti-virus protection, Windows Defender for Windows 10 devices or Microsoft Security Essentials for Windows 7 devices. These solutions are compatible in cases where customers can’t install or run anti-virus software. Microsoft recommends manually setting the registry key in the following section to receive the January 2018 security updates.
You are correct. If no AV is installed, the registry key would be needed to make the OOB patches available for deployment. This part is mentioned in one of the documents previously mentioned in this feed.
Microsoft is requiring a registry to be on every machine that has no Anti-Virus or outdated Anti-Virus.