Microsoft removes the AV compatibility check for the March 2018 Windows security updates

In the Patch Tuesday event in January this year, along with the release of the Meltdown and Spectre security patches, Microsoft announced a new strategy: If the device runs incompatible anti-virus software, it will refuse to receive subsequent security updates. In the Patch Tuesday event in February of this year, Microsoft once again carried out maintenance and upgrades.

According to this strategy, Windows 10 will adjust the anti-virus compatibility of the current device before getting updates. The system will first detect the existence of the corresponding key in the registry, if it does not exist then it will prevent the installation of security updates. However, in the March Patch Tuesday event, Microsoft abandoned this strategy.

Microsoft explained:

“The compatibility issue arises when antivirus applications make unsupported calls into Windows kernel memory. These calls may cause stop errors (also known as blue screen errors) that make the device unable to boot.

…Our recent work with our anti-virus (AV) partners on compatibility with Windows updates has now reached a sustained level of broad ecosystem compatibility.  Based on our analysis of available data, we are now lifting the AV compatibility check for the March 2018 Windows security updates for supported Windows 10 devices via Windows Update.  We continue to require that AV software is compatible and in cases where there are known issues of AV driver compatibility, we will block those devices from updates to avoid any issues.”

Although this strategy has been canceled, Microsoft said it will continue to advance the compatibility review in the future, just like the previous patch Tuesday event launched to determine whether there are some problems with the computer. At present, most anti-virus products are compatible with the Windows 10 system. Therefore, such problems should not occur, and it is not ruled out that Microsoft may review it in the future.

Source: Microsoft

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy

Written by

@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.