Microsoft had recently released security updates to mitigate the Meltdown and Spectre vulnerabilities from its systems. However, it was found that these security updates impact the system performance of computers and servers.
Adding more to the difficulties, Microsoft has now said that it is offering Windows security updates released on January 3rd to only those devices that are running antivirus software from partners who have their software updated with January 2018 Windows operating system security update.
In its security notes, Microsoft stated that compatibility issues occur with the anti-virus applications which make unsupported calls into kernel memory of Windows. The unsupported calls make the device unable to boot, showing the blue screen errors (stop errors). Thus, the users running incompatible antivirus applications in their system won’t receive the security updates issued by Microsoft.
Microsoft and Intel had responded to the Meltdown and Spectre malicious actors which leak the private information of users from the kernel memory of their CPUs. Some of the anti-virus software use deep links in kernel memory to keep track on the system.
Microsoft has suggested all users to run only compatible and supported antivirus. The company provides built-in antivirus protection (Windows Defender Antivirus) for Windows 8.1 and Windows 10.
Windows 7 SP1 and Windows Server 2008 R2 SP1 don’t contain default antivirus installed, so users with these Windows versions must install some compatible antivirus like Microsoft Security Essentials.
As of now, Windows Defender Antivirus, System Center Endpoint Protection, and Microsoft Security Essentials are supported with security updates. Microsoft is working with other antivirus vendors to make them compatible with all Windows versions.