Protect Endpoint Security managed clients from Meltdown and Spectre vulnerabilities

Document created by asmith Employee on Jan 16, 2018Last modified by jyamada on Jan 23, 2019
Version 3Show Document
  • View in full screen mode

On January 3, 2018, the Google Project Zero team reported they had discovered three variants of a hardware bug with important ramifications. You can read their blogpost, Reading privileged memory with a side-channel.

 

The three variants are:

 

Microsoft has released security updates to help mitigate Meltdown and Spectre vulnerabilities.

 

Prepare for security updates

To confirm Microsoft's security updates are compatible with your environment, Microsoft needs a registry key from your antivirus. To allow Microsoft's security updates on your endpoints, see the instructions for your product.

 

Protect your client machines in Malwarebytes Endpoint Security 

Malwarebytes Endpoint Security does not register with the Windows Action Center. As a result, Malwarebytes Endpoint Security cannot create or change the registry key Microsoft uses to verify your anti-virus is compatible.  However, you can create or change the registry key manually or use a Microsoft antivirus to retrieve a registry key for this update. Refer to Microsoft's article, Windows security updates released January 3, 2018, and antivirus software.

 

Install security updates

Install the latest security updates from Microsoft on each endpoint. Your endpoints can check for updates automatically using your Group Policy or registry. Refer to Microsoft's article How to configure automatic updates by using Group Policy or registry settings.

 

Additional information

Attachments

    Outcomes