More stuff broken amid Microsoft's efforts to fix Meltdown/Spectre vulns

This is going to take a while

More examples have emerged of security fixes for the Meltdown vulnerability breaking things.

Patching against CVE-2017-5753 and CVE-2017-5715 (Spectre) and CVE-2017-5754 (Meltdown) borks both the PulseSecure VPN client and Sandboxie, the sandbox-based isolation program developed by Sophos.

radiation symbol

Microsoft patches Windows to cool off Intel's Meltdown – wait, antivirus? Slow your roll


PulseSecure has come up with a workaround for affected platforms, which include Windows 10 and Windows 8.1 but not Windows 7.

Sandboxie has released an updated client to solve compatibility issues with an emergency fix from Microsoft, as explained here. We've asked Sophos for comment.

Compatibility with the same set of Microsoft fixes released last Wednesday (January 3), freezes some PCs with AMD chips, as previously reported.

These sorts of issues leave sysadmins (and to a lesser extent consumers) between a rock and a hard place. The critical Meltdown and Spectre vulnerabilities recently found in Intel and other CPUs represent a significant security risk. Because the flaws are in the underlying system architecture, they will be exceptionally long-lived.

Remediation work is necessary but complicated because anti-malware packages need to be tweaked before Microsoft's patches can be applied, as previously reported.

Unless the antivirus compatibility registry key is set, Windows Update will not delivery January's or any future security updates. Anti-malware software requires low-level access to the machine it runs on so tweaks need to be made to accommodate changes in memory handling that come with the Meltdown and Spectre fixes or else crashes can occur, Microsoft warned.

A Redmond support article clarifies that "customers will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities unless their antivirus software vendor sets [a particular] registry key".

Buckle up: it's going to be a bumpy ride even though some help is available.

Cybersecurity vulnerability manager Kevin Beaumont has put together a Windows antivirus patch compatibility spreadsheet here. ®

Similar topics

Other stories you might like

  • Lunar rocks brought to Earth by China's Chang'e 5 show Moon's volcanoes were recently* active

    * Just a couple of billion years

    The Moon remained volcanically active much later than previously thought, judging from fragments of rocks dating back two billion years that were collected by China's Chang’e 5 spacecraft.

    The Middle Kingdom's space agency obtained about 1.72 kilograms (3.8 pounds) of lunar material from its probe that returned to Earth from the Moon in December. These samples gave scientists their first chance to get their hands on fresh Moon material in the 40 years since the Soviet Union's Luna 24 mission brought 170 grams (six ounces) of regolith to our home world in 1976.

    The 47 shards of basalt rocks retrieved by Chang'e 5 were estimated to be around two billion years old using radiometric dating techniques. The relatively young age means that the Moon was still volcanically active up to 900 million years later than previous estimates, according to a team of researchers led by the Chinese Academy of Sciences (CAS).

    Continue reading
  • Centre for Computing History apologises to customers for 'embarrassing' breach

    Website patched following phishing scam, no financial data exposed

    The Centre for Computing History (CCH) in Cambridge, England, has apologised for an "embarrassing" breach in its online customer datafile, though thankfully no payment card information was exposed.

    The museum for computers and video games said it was notified that a unique email address used to book tickets via its website "has subsequently received a phishing email that looked like it came from HSBC."

    "Our investigation has revealed that our online customer datafile has been compromised and the email addresses contained within are now in the hands of spammers," says the letter to visitors from Jason Fitzpatrick, CEO and trustee at CCH dated 19 October.

    Continue reading
  • Ancient with a dash of modern: We joined the Royal Navy to find there's little new in naval navigation

    Following the Fleet Navigating Officers' course

    Boatnotes II The art of not driving your warship into the coast or the seabed is a curious blend of the ancient and the very modern, as The Reg discovered while observing the Royal Navy's Fleet Navigating Officers' (FNO) course.

    Held aboard HMS Severn, "sea week" of the FNO course involves taking students fresh from classroom training and putting them on the bridge of a real live ship – and then watching them navigate through progressively harder real-life challenges.

    "It's about finding where the students' capacity limit is," FNO instructor Lieutenant Commander Mark Raeburn told The Register. Safety comes first: the Navy isn't interested in having navigators who can't keep up with the pressures and volume of information during pilotage close to shore – or near enemy minefields.

    Continue reading

Biting the hand that feeds IT © 1998–2021