For Windows User: How to make sure your Windows gets the right patches coming to it

For Windows User: How to make sure your Windows gets the right patches coming to it

Sometimes we are a little worried about updates coming to our Windows PC, is it really an official update or vice versa? Perhaps writing from one of these experts can help you to at least secure your Windows PC from malware attacks.

From Gregg Keizer, ITNEWS - The Windows emergency security updates issued by Microsoft earlier this month came with an unprecedented prerequisite - a new key stored in the operating system's registry - that antivirus vendors were told to generate after they'd guaranteed their code wouldn't trigger dreaded Blue Screens of Death (BSoD) when users apply the patches.

The demands confused customers, and fueled a flood of support documents and an avalanche of web content. Those who heard about the Meltdown and Spectre vulnerabilities struggled to figure out whether their PCs were protected, and if not, why not. Millions more, not having gotten wind of the potential threat, carried on without realizing that their PCs might be barred from receiving several months' worth of security updates.

Here are the steps Windows users can take to insure their PCs continue to receive security updates.

1. Check antivirus status, update antivirus

While Microsoft hasn't told customers which antivirus (AV) vendors have broken rules and made unauthorized calls to the kernel - the reason why the company's patches, which modify the kernel, may provoke BSoDs when certain AV software is loaded into memory - or even tracked the progress AV vendors made toward compliance, someone has.

Security researcher Kevin Beaumont publicly posted a spreadsheet listing more than 40 of the most popular AV products (link: here), and has updated it as vendors have released updates. Beaumont's spreadsheet indicates whether the vendor generates the registry key, is compatible with the January Windows updates, and in most cases, he provided links to the AV makers' explanatory documentation.

For Windows User: How to make sure your Windows gets the right patches coming to it
Kevin Beaumont

Beaumont's tracker has been invaluable to Windows users, who can use it to ascertain AV status before (or after) grabbing the latest antivirus program update, and read accompanying information.

2. Check the Windows Registry

The most important requirement - really, the only requirement - to receive January's security update is the presence of the Windows registry key antivirus vendors are to create to "attest to the compatibility of their applications," as Microsoft put it earlier this month. Verifying that this key exists takes only moments. It's a good idea to confirm that it's present after scoping out and updating AV, but before applying January's Windows update.

In Windows, launch the registry editor (Regedit.exe) by typing REGEDIT in the search box (Windows 10) or in the Run box (Windows 7). The Run box will appear after pressing the Windows key at the same time as the r key.

Approve Regedit's launch by selecting "Yes" in the ensuing User Account Control pop-up.

The key will be within this folder:

Click on the QualityCompat folder to open it. (To avoid have to root through layers of nested subfolders, simply copy the folder name above, then paste it into the field immediately under the menus in the registry editor.)

Inside the folder should be the key, identified as cadca5fe-87d3-4b96-b7fb-a231484277cc under the "Name" column, and REG_DWORD under the "Type" column.

If the key is there, close the editor by selecting "Exit" from the "File" menu.

3. Add the key manually

If the installed antivirus product didn't generate the key - some did not initially, but most have now complied - if there's no AV on the system, the user must set the key.

Note: Before monkeying with the registry, back it up. See this Microsoft support document for how-to info.

Use the same instructions under the previous section to launch Regedit and navigate to the folder: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat

Right-click the QualityCompat folder (also called a "subkey"), and choose "New/DWORD (32-bit) Value" from the menu.

In the field under the "Name" column - initially, this will read "New Value #1" - enter or copy/paste this: cadca5fe-87d3-4b96-b7fb-a231484277cc

Exit the registry editor.

4. Add the key with an automated tool

Microsoft may have left users to dive into the registry on their own, but others offered tools that generated the compatibility key correctly.

Trend Micro, for example, posted a download link to what it labeled ALLOW REGKEY, an archived file in .zip format. (On the page reached from the link above, look for "OPTION 1: Download and run ALLOW REGKEY.reg to let Windows receive 2018 1B update.")

Run the tool as described on Trend Micro's page.

May this article helps you.

Source: ITNEWSSenior Reporter Gregg Keizer covers Windows, Office, Apple/enterprise, web browsers and web apps for Computerworld.

No comments

Powered by Blogger.