MS pushed the Meltdown patch ahead of time, and there’s this notification:
Due to an issue with some versions of Anti-Virus software, this fix is only being made applicable to the machines where the Anti virus ISV have updated the ALLOW REGKEY.
Contact your Anti-Virus AV to confirm that their software is compatible and have set the following REGKEY on the machine
Key="HKEY_LOCAL_MACHINE"Subkey=“SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat”
Value Name=“cadca5fe-87d3-4b96-b7fb-a231484277cc”
Type="REG_DWORD”
Data="0x00000000”
So how does CFW fare regarding that? May it be one of those that block it? (I’m still on 8.4, if it counts.)
It works, no issues with anything, looking through update threads for v10 I keep seeing issues. Also 32-bit Win 7, doesn’t seem like you test much on it lately. And definitely not keen on the forced auto updates introduced recently (10.0.2.6396 I see). Plus, until recently there was no way to directly install just the FW, was it? And I’m still not seeing FW-only offline installer.
Nothing I can point to since I never tried v10. Just extremely wary of taking the risk when I see other reports and what I have works so well as it is.
So… hoping against hope it may work with 8.4 somehow, or just get a small patch to just fix the issue itself and not change anything else, I don’t know. This is all just a shocker…
My Windows 10 machine has not been updated, so I found this article:
Important information regarding the Windows security updates released on January 3, 2018 and anti-virus software
Overview
Microsoft has identified a compatibility issue with a small number of anti-virus software products.
The compatibility issue is caused when anti-virus applications make unsupported calls into Windows kernel memory. These calls may cause stop errors (also known as blue screen errors) that make the device unable to boot. To help prevent stop errors caused by incompatible anti-virus applications, Microsoft is only offering the Windows security updates released on January 3, 2018 to devices running anti-virus software from partners who have confirmed their software is compatible with the January 2018 Windows operating system security update.
If you have not been offered the security update, you may be running incompatible anti-virus software and you should follow up with your software vendor.
Microsoft has been working closely with anti-virus software partners to ensure all customers receive the January Windows security updates as soon as possible.
Due to an issue with some versions of Anti-Virus software, this fix is only being made applicable to the machines where the Anti virus ISV has updated the ALLOW REGKEY.
Contact your Anti-Virus AV to confirm that their software is compatible and have set the following REGKEY on the machine
Key="HKEY_LOCAL_MACHINE"Subkey=“SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat”
Value Name=“cadca5fe-87d3-4b96-b7fb-a231484277cc”
Type="REG_DWORD”
Data="0x00000000”
Comodo tested and the latest stable release, 6420, is compatible with the Meltdown and Specter update from Microsoft. To be able to get the update with 6420 a registry key needs to be created.
The release notes of the CIS 10.1.0.6474 RC instruct how to create that registry key:
I have attached the text file with the registry to this post for convenience.
Download the txt file, remove the .txt extension and execute the .reg file. Confirm when Windows asks for confirmation. Your system is now ready to receive the Meltdown and Specter update KB4056892.
I don’t know if a reboot is required. I cannot test it because I am using a Windows 10 Insider build and as far as I can know there is no patch for that version.
I would always do a reboot after a Registry change
It also may be advisable to get the referenced MS Update from the Update Catalogue > download it and run it manually. I did that a couple of hours ago after the CIS update and everything ran just fine
As stated by umesh from the v10.1.0.6474 - RC beta release topic, both current production and lastest beta are compatible with the Microsoft updates to address the Meltdown vulnerability.