As you’ll have read, two massive security bugs affecting millions of Intel, AMD and ARM processors have been uncovered. Codenamed Meltdown and Spectre, these are serious vulnerabilities, but the good news is the likes of Apple, Google and Microsoft have rushed out patches to address them.
Microsoft pushed out a rare, off-schedule emergency fix for Windows 10 (with fixes for Windows 7 and 8.x expected shortly), but the bad news is it may not be compatible with your system.
The problem is the fix is incompatible with what Microsoft is calling a "small" number of anti-virus software products. We don’t know how small, or what products are affected, but if you’re running one of those programs, you won’t be offered the patch as it could lead to Blue Screen of Death errors that would leave your PC unable to boot.
The compatibility issue is caused when anti-virus applications make unsupported calls into Windows kernel memory. These calls may cause stop errors (also known as blue screen errors) that make the device unable to boot. To help prevent stop errors caused by incompatible anti-virus applications, Microsoft is only offering the Windows security updates released on January 3, 2018 to devices running anti-virus software from partners who have confirmed their software is compatible with the January 2018 Windows operating system security update.
The company adds that customers with incompatible AV software can protect their systems by using its own Windows Defender on Windows 10, or Microsoft Security Essentials on Windows 7, as these are compatible.
The software giant also requires all anti-virus software vendors to "attest to the compatibility of their applications" by setting the following Windows registry key:
Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD”
If you have a compatible antivirus program, but still aren’t being offered the patch, Microsoft says:
In some cases, it may take time for security updates to be delivered to systems, particularly for devices that have been turned off or not connected to the Internet (offline). After they are turned on again these systems should receive updates from their anti-virus software providers. Customers still experiencing problems 24 hours after ensuring their devices have proper internet connectivity should contact their anti-virus software vendor for additional troubleshooting steps.
Lastly, if you have installed the patch and are suffering from blue screen errors, Microsoft recommends you check out these pages: