Looks like your wish was granted.
https://securingtomorrow.mcafee.com/mcafee-labs/decyphering-the-noise-around-meltdown-and-spectre/
That Altf4. That is a start but not a statement of compatibility of McAfee products with Microsoft's patches. The closest they came to stating that was in this paragraph (bolding mine):
Microsoft has released an out-of-cycle patch because of this disclosure: https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892. Due to the nature of any patch or update, we suggest first applying manual updates on noncritical systems, to ensure compatibility with software that involves the potential use of low-level operating system features. McAfee teams are working to ensure compatibility with released patches where applicable.
Still waiting for official confirmation of compatibility. At best, McAfee will be expected to release the means to add the registry key that the Microsoft update requires. They might do that through a DAT file. I have learned in the past from McAfee that they can actually include software changes in DAT files. So, it is conceivable from that information that they could add the registry key without requiring a hotfix or any product patch. That would be great as there would be no outage or mass upgrade project required for installed McAfee products.
I have been testing the patches manually on Server 2008 R2 (VSE 8.8 P9, Agent 5.0.6.220) and Server 2012 R2 (VSE 8.8 Repost P4 with SYSCORE HF, Agent 4.8.0.1500) and so far no issues. No BSOD on reboot. I also ran an OnDemand scan on both systems and that ran without issue.
Note that when you install the Microsoft Update it does add the first of the 2 noted mitigation registry keys (https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-spec...😞
Switch | Registry Settings |
To enable the mitigations reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f |
It does not add the second key. Both the Enable and Disable have the same key and value so my spidey sense says that key's value is set by default and the registry key does not need to be declared in the registry explicitly.
Official KB per our rep: https://kb.mcafee.com/agent/index?page=content&id=KB90167
Says they're still testing. Thanks to the above for their testing results. We're starting to manually roll out the patch and test ourselves to stay ahead.
I really hope they release the registry key soon so I can update Windows.
I just ran some commands from the bleeping computer article to check if I'm in trouble.
Pleasse let me know if McAfee NS9100 is affected by Meltdown/Spectre
Perhaps it's too soon to ask but I'm wondering what people running McAfee Security Center should do, as it isn't included in the list of compatible products in the KB article.
The Microsoft patch isn't appearing in my WU. I can't tell if that's because the registry key hasn't been added but if that's the case, is there a chance the key will be included in a future McAfee update?
The first detections in virustotal
Microsoft Just Put Out a New "2018-01 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4056894) " , on website, "January 4, 2018—KB4056894 (Monthly Rollup)" which downloaded [I did not install yet - my setting is to download but not auto-install] to my Windows7 Pro computer with McAfee Total Protection...and I did Not add the registry key that supposedly was required to get the download
HOWEVER - THEY GIVE CAUTIONARIES in the "More Information" on microsoft support site [ https://support.microsoft.com/en-us/help/4056894/windows-7-update-kb4056894 ]
shown below** - so there is a Microsoft monthly rollup with multiple items included and we are supposed to ask McAfee about compatibility before installing it !!
McAfee, meanwhile, has info for enterprise folk but no update for others.... So this is now More Than Question of the Jan 3 Meltdown patch by microsoft... but in-fact can we install the Rollup???
I can find no comment on community regarding this rool-up which did download.... and it seems like this download of rollup happens whether or not the registry key was there
So To McAfee: What About This Issue of Rollup Installation
_________________
**
" Known issues in this update
Symptom | Workaround |
Due to an issue with some versions | Contact your Anti-Virus AV to Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value Type="REG_DWORD” Data="0x00000000” |
Hi
I downloaded and installed the new Microsoft update through windows update on my pc running windows 7 home premium it took a while but in the windows update it says it installed succesfully. I suppose it´s ok. I realy don´t understand what Microsoft means . If they mean that it can´t be installed without that registry key or if they mean that it won´t work wirhout that key? Anyone who knows.
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: