In response to BSOD errors, Microsoft paused rolling out Meltdown and Spectre patches to AMD devices. If an antivirus solution on other boxes is not compatible, then you won't be getting Windows security patches. Credit: Project Zero Since Microsoft released the Meltdown and Spectre patches, complaints have been pouring in from people who have AMD computers that crashed to a Blue Screen of Death (BSOD) after the patches were installed. This morning, Microsoft temporarily suspended the rollout of those security patches for computers that have AMD CPUs.“Microsoft has reports of customers with some AMD devices getting into an unbootable state after installing recent Windows operating system security updates,” Microsoft announced.The company further said:“After investigating, Microsoft has determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown. To prevent AMD customers from getting into an unbootable state, Microsoft will temporarily pause sending the following Windows operating system updates to devices with impacted AMD processors at this time:” January 3, 2018—KB4056897 (Security-only update)January 9, 2018—KB4056894 (Monthly Rollup)January 3, 2018—KB4056888 (OS Build 10586.1356)January 3, 2018—KB4056892 (OS Build 16299.192)January 3, 2018—KB4056891 (OS Build 15063.850)January 3, 2018—KB4056890 (OS Build 14393.2007)January 3, 2018—KB4056898 (Security-only update)January 3, 2018—KB4056893 (OS Build 10240.17735)January 9, 2018—KB4056895 (Monthly Rollup)Microsoft said it is working with AMD to resolve the problems and will resume the delivering the patches to AMD devices via Windows Update as soon as possible.Of course, that is assuming the antivirus being used on those computers is even compatible with the patches. Microsoft previously said if you didn’t receive the out-of-band security update, then your antivirus was incompatible. No more Windows security patches until antivirus is compatibleMicrosoft then added a big detail to that caveat: Customers running incompatible antivirus will not only fail to receive the fix for Spectre and Meltdown, but they will not receive any Windows security patches until the antivirus solution is compliant.Until the antivirus vendor sets the required registry key, “customers will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities.”Security researcher Kevin Beaumont compiled a spreadsheet to document which antivirus products have set the required registry key.He explained that the problem in the incompatible antivirus solutions – even next-gen endpoint solutions — lies in the way those solutions bypass Kernel Patch Protection.Beaumont wrote:To be honest, some of the techniques are similar to ones used by rootkits — Kernel Patch Protection was introduced by Microsoft a decade ago to combat rootkits, in fact. Because some anti-virus vendors are using very questionable techniques they end up cause systems to ‘blue screen of death’ — aka get into reboot loops. This shouldn’t be possible in the latest operating systems, but some anti-virus vendors have managed it by taking themselves into the hypervisor — or “hardware assisted” as you’ll sometimes read in marketing material. Antivirus makers really shouldn’t be messing with systems like this.That doesn’t mean affected customers should kick their antivirus solution to the curb; many are working on setting the required registry key, which will certify to Microsoft that it is compliant. A rushed fix could cause problems down the road. Other vendors have recommended manually setting the registry key. If, however, monthly Windows patches continue to be blocked, then the first place to look for the hold up is your antivirus vendor. If you don’t know if your computer is protected against Meltdown and Spectre, you could check by following these steps. You could also manually set the required registry key, but Microsoft warned that borking something in the Registry Editor might require reinstalling Windows. Related content news Dow Jones watchlist of high-risk businesses, people found on unsecured database A Dow Jones watchlist of 2.4 million at-risk businesses, politicians, and individuals was left unprotected on public cloud server. By Ms. Smith Feb 28, 2019 4 mins Data Breach Hacking Security news Ransomware attacks hit Florida ISP, Australian cardiology group Ransomware attacks might be on the decline, but that doesn't mean we don't have new victims. A Florida ISP and an Australian cardiology group were hit recently. By Ms. Smith Feb 27, 2019 4 mins Ransomware Security news Bare-metal cloud servers vulnerable to Cloudborne flaw Researchers warn that firmware backdoors planted on bare-metal cloud servers could later be exploited to brick a different customer’s server, to steal their data, or for ransomware attacks. By Ms. Smith Feb 26, 2019 3 mins Cloud Computing Security news Meet the man-in-the-room attack: Hackers can invisibly eavesdrop on Bigscreen VR users Flaws in Bigscreen could allow 'invisible Peeping Tom' hackers to eavesdrop on Bigscreen VR users, to discreetly deliver malware payloads, to completely control victims' computers and even to start a worm infection spreading through VR By Ms. Smith Feb 21, 2019 4 mins Hacking Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe