×
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
user_82004
Former Member
Message 1 of 29

What is McAfee's response to the Intel Meltdown flaw?

Microsoft has published the following article:

https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-securit...

That article states that there is a known issue with their patch for the recent Intel security vulnerability (Meltdown) with AV vendor products. Microsoft says to check with your vendor to see if they are affected and if so what the vendor's response is. As well, the vendor is expected to set a registry key on compliant systems which allows the Microsoft patch to be offered for install.

What is McAfee's official response? Does it depend on McAfee's AV product? If so what is the matrix of compatibility (McAfee AV product, version, notes, etc.)?

Looking for an official corporate response from McAfee on this one. Appreciate the help!

28 Replies
Hayton
Reliable Contributor
Reliable Contributor
Message 2 of 29

Re: What is McAfee's response to the Intel Meltdown flaw?

I see nothing yet.  There might be some discussion in the McAfee blogs, I'll monitor those and let you know if I see anything relevant.

ollyrice
Contributor
Message 3 of 29

Re: What is McAfee's response to the Intel Meltdown flaw?

My WSUS server has the patches but isn't installing them without the registry key. Looks like an McAfee update is needed.

user_82004
Former Member
Message 4 of 29

Re: What is McAfee's response to the Intel Meltdown flaw?

Yes, the Microsoft article states that in order for the update to install (or be offered is what they wrote) the registry key must be set. One could do that themselves or an AV product might be able to do it if it has the ability and access to do so on the target systems.

What matters though is whether McAfee's products are compatible already or if a hotfix/new release is needed to be installed before installing the Microsoft Update.

One can simply set the registry key but if the installed McAfee product is not compatible expect the system to BSOD as published by Microsoft.

mcdave
Contributor III
Message 5 of 29

Re: What is McAfee's response to the Intel Meltdown flaw?

FYI: We did some tests on a Win7 & Win 10 both with the VSE 8.8
The Ms patch doesn't get provided via the normal distribution processes (WSUS and/or direct from Microsoft) but manually downloading & installing the Ms patches worked fine (and without the registry key).

user_82004
Former Member
Message 6 of 29

Re: What is McAfee's response to the Intel Meltdown flaw?

That sounds promising! Did you (have to) manually add the registry key first before installing the MS update? Which release of VSE 8.8 are you running (e.g. Patch 9)?

From the way Microsoft worded its bulletin, it said that without the registry key the update "would not be offered". That makes me think that the Windows Update process checks for it when it enumerates what all is installed and to determine what to pull down to install. However, if we manually download the patch and manually install the patch, does the patch have a check coded into it to look for the registry key (too) and prevent the install if the key is not correct/found?

mcdave
Contributor III
Message 7 of 29

Re: What is McAfee's response to the Intel Meltdown flaw?

We're running VSE8.8 with Patch9.
We simply ran a downloaded KB manually WITHOUT the regkey, so that that the installation process of the patch itself doesn't verify against the regkey.
The keycheck seems to only happen during the missing patches verification and is "not offered" (listed) if the key is missing.

ollyrice
Contributor
Message 8 of 29

Re: What is McAfee's response to the Intel Meltdown flaw?

I've applied the registry key to a test VM (Win7) and WSUS is pushing the patch now (kb4056897).

Rebooted ok, no bluescreen although I'm using Endpoint Security 10.5 rather than VSE.

user_82004
Former Member
Message 9 of 29

Re: What is McAfee's response to the Intel Meltdown flaw?

Thanks for the info - that is what I expected, based on Microsoft's bulletin wording.

No blue screens? Nice! How many systems have you upgraded so far?

Curious to hear from McAfee officially. Wondering if it is VSE version dependent?

Which version of Agent are you running? 5.0.6.220?

Appreciate your collaboration on this!

user_82004
Former Member
Message 10 of 29

Re: What is McAfee's response to the Intel Meltdown flaw?

Great evidence Ollyrice! Thanks! Curious to know of a Windows Server system that has been upgraded.

How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community