Microsoft Patch Release - 1/3/18


  • Anonymous
  • 0 replies
On Wednesday, January 3, Microsoft released a patch to address a number of issues, including a reported CPU vulnerability issue.  Webroot has tested current shipping versions of Webroot SecureAnywhere 9.0.18.xx and has confirmed compatibility with this patch. 
 
You can learn more about the patch at the  Microsoft support page, and download the patch from the Microsoft catalog. 
 
To deploy it immediately, please follow the instructions for setting the REGKEY as described in the Microsoft support page article.  Microsoft has also published additional information about why they require setting a registry key here.
 
Within the next week we will begin releasing a new Webroot SecureAnywhere version 9.0.19.xx that, along with a number of planned enhancements, will also set the REGKEY automatically.  But until that version is available, please set the REGKEY manually as described by Microsoft.
 
We have posted an article in the Webroot Knowledge Base with detailed instructions on how to manually set the required registry key so that your device will ready for the patch the next time it checks for updates, or when you download it from the Microsoft catalog.  We will provide an automated utility shortly.

41 replies

Userlevel 7
Badge +7
Thanks for this very useful information. :catwink:
Userlevel 7
Badge +7
Thank you for the article in the Webroot Knowledge Base
 
I successfully installed the KB4056892 patch.
.
 
Userlevel 5
Badge +24
In case you're like me and manage multiple sites that don't all use webroot - most of mine do :D, then you may find this handy patch compatibility sheet useful.  Credit to Kevin Beaumont (A good follow on Twitter: @GossiTheDog).
 
http://bit.ly/MeltdownPatchCompat
 
 
Userlevel 7
Badge +7
@ wrote:
@ case you're like me and manage multiple sites that don't all use webroot - most of mine do :D, then you may find this handy patch compatibility sheet useful.  Credit to Kevin Beaumont (A good follow on Twitter: @GossiTheDog).
 
http://bit.ly/MeltdownPatchCompat
 
 
This is very useful. THX
Userlevel 5
Badge +24
Another tidbit worth sharing...
 @Hackerfantastic posted a link to this little Google Chrome configuration via Twitter, and Jake Williams (@MalwareJake on Twitter) mentioned it in a SANS webcast this afternoon:
 
Since Meltdown & Spectre are memory based, and since a practical exploit of Spectre would be browser based, you can enable site isolation:  https://support.google.com/chrome/answer/7623121?hl=en-GB
 
 
On Wednesday, January 3, 2018 Microsoft released a patch to address a number of issues, including a reported CPU vulnerability issue. Webroot has tested the current released versions of Webroot SecureAnywhere 9.0.18.xx and has confirmed compatibility with this patch. There is no issue with Webroot or our products.
 
Please note that Webroot’s compatibility with the patch does not mean that Webroot is addressing the hardware vulnerability caused by a design flaw in processor chips.
 
You can learn more about the patch at the Microsoft support page, and download the patch from the Microsoft catalog. 
 
If you choose to deploy it immediately, Microsoft requires that a registry key is set before you do so. Additional information from Microsoft on this requirement can be found here. To set the REGKEY, please follow the instructions for setting as described in the Microsoft support page article.
Webroot will release a file that contains the necessary Registry Key settings which will make the process simpler to execute.  When this file is available, we will update the Webroot Knowledge Base article to include how-to steps and further information.
 
Within the next week we will release a new Webroot SecureAnywhere version, 9.0.19.xx that, along with a number of planned enhancements, will set the REGKEY automatically. 
 
If you have questions or concerns, please open a Support ticket so that we can assist you.
 
 
Userlevel 7
Badge +7
ktitterington wroteWithin the next week we will release a new Webroot SecureAnywhere version, 9.0.19.xx that, along with a number of planned enhancements, will set the REGKEY automatically. 
 
Hello @
Beta testers get preview version?
Userlevel 7
Badge +56
https://community.webroot.com/t5/Security-Industry-News/Kernel-memory-leaking-Intel-processor-design-flaw-forces-Linux/m-p/310170#M39598
 

Userlevel 7
Badge +26
Hi @
Yes, we are trying to get the By invite version (9.0.19) to our Beta group later today or latest by tomorrow. I will post an update when we are ready. 
 
Thanks
Pawani
 
Userlevel 7
Badge +7
Hi @ 
This is great, long ago there was a beta update. We are looking forward to great enthusiasm. 
 
Userlevel 5
Badge +24
Sorry, but this post seems a bit contradictory to me, and I need it to be very clear so that I can communicate an appropriate action to my clients & technicians:
 
Paragraph #1 says there is no issue on current versions (9.0.18.xx) & the Microsoft patch, but further down it says "if you choose to deploy it immediately, Microsoft requires that a registry key is set before you do so".
 
If I'm running webroot 9.0.18.XX on the following systems: Windows 7, 8.1, 10 / Server Editions 2008, 2008R2, 2012, 20012R2 and 2016; do I deploy the M$ patch or hold it until Webroot can set the proper registry value?  I really don't feel up to modifying and confirming a registry edit to 1,000 clients spread across a significant geographic area.  
UPDATE: Webroot released an automatic registry export tool to make the process simpler to execute. The file, and step-by-step instructions are on the Webroot Knowledge Base article.
Userlevel 7
Badge +26
Hi @
On January 3, Microsoft issued a patch to address a number of issues, including a potential CPU vulnerability. Some AV software seem to be incompatible with the changes in the patch and hence the AV vendors are asked to verify their software's compatibility with the patch and help their customers set a registry key if they are good. 
Webroot has tested current shipping versions of Webroot SecureAnywhere 9.0.18.xx and confirmed compatibility with this patch. 
 
This simply means that you being a Webroot Anti virus customer is good to get the patch from Microsoft. 
 
We will be releasing our next version(9.0.19.xx), that sets the registry key automatically without any action at your end but that may take a few days. 
 
You could simply choose to wait for the next version of WSA that will take care of everything for you but will leave your machines vulnerable to the potential CPU issue that the microsoft patch is addressing until we are able to fully release our next version. 
 
If you don't want to wait till our new version is released, you can set the required registry to be able to get the MS patch using a quick tool we have built to help you in this interim period. 
The file, and step-by-step instructions are on the Webroot Knowledge Base article.
 
Hope this helps. Please feel free to reach out if you still have questions/concerns. 
 
Thanks
Pawani
 
 
 
Userlevel 7
Badge +36
Webroot Beta updated overnight. v9.0.19.36.......Windows update sprung into action. So far so good!
Userlevel 4
Badge +7
If you have another av that would change the key, you do not have to wait, i guess? 
Userlevel 7
Badge +36
If you are certain the other AV will add the Registry keys you would be good to go. Just disable Webroot first.
Userlevel 4
Badge +7
Ok, thanks and have a good weekend.
Userlevel 7
Badge +36
You are welcome Denis, and have an enjoyable experience in the Community!
Do you have an estimated date that webroot will be updated such that it updates the registry key?
Userlevel 7
Badge +56
We Beta Testers are testing it right now so it should be out soon.
Thank you for the feedback.  Do you think it will be available over the weekend?  I won't be available next week, so if it isn't going to be available by this weekend, then I'll probably take another approach rather than waiting for the webroot updae.  Thanks again.
Userlevel 7
Badge +56
No not on the Weekends so hopefully very early next week. Have you seen this just download and it will install the needed key in the registry.  https://answers.webroot.com/Webroot/ukp.aspx?pid=12&app=vw&vw=1&login=1&json=1&solutionid=2837
I subscribe to Windows Secrets, a well known technical newsletter devoted to the Windows environment.  Today, I received a special issue regarding this virus.  In the issue, the author talks about the anti-virus vendor's responsibility for modifying the registry key in preparation for the patch.  Here's a portion of the newsletter:
 
Because this is a kernel update that interacts with antivirus utilities, there is a big "BUT" in how you might get this update: You'll receive it once your antivirus vendor has proven that it can handle the update. The proof will be adding a registry key to the operating system. If this registry key is not added, you won't get the update offered up to you.
If you want to visually see if your systems are prepared for this update, you can click on Start, type in regedit and click to approve the elevated prompt. Then you'll need to drill down to review the following registry key. Note that each bullet point represents a level you'll need to drill down to:
  • HKEY_LOCAL_MACHINE
  • SOFTWARE
  • Microsoft
  • Windows
  • CurrentVersion
  • QualityCompat
In the right-hand side in the registry, look for the value as shown below:
  • Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
  • Type="REG_DWORD”
  • Data="0x00000000”
If you see these values, your antivirus vendor has updated itself and it's safe to install this patch. If you don't see this registry value, this means your system (and, therefore, your antivirus vendor) is not ready for this update. Do not manually enter this key, nor manually download this update from the catalog site to install this update.
 
For this reason, I am looking to Webroot to make the necessary change to my computer in support of the patch install by Microsoft.  If Webroot is taking a different approach, then I would appreciate some direct communication from Webroot regarding the action I should take in respect of this issue.  Thanks.
 
John
To further elaborate on my previous comment, the Microsoft Support page  cited in the Webroot post states the following:
 
"Contact your Anti-Virus AV to confirm that their software is compatible and have set the following REGKEY on the machine..."
 
Please note that even Microsoft is expecting the anti-virus vendor to (1) confirm compatibility and (2) set the correct registry key.  Webroot...are you going to do this or not?
 
John
 
 
Userlevel 7
Badge +56
@ wrote:
To further elaborate on my previous comment, the Microsoft Support page  cited in the Webroot post states the following:
 
"Contact your Anti-Virus AV to confirm that their software is compatible and have set the following REGKEY on the machine..."
 
Please note that even Microsoft is expecting the anti-virus vendor to (1) confirm compatibility and (2) set the correct registry key.  Webroot...are you going to do this or not?
 
John
 
 
Hi John,
 
Have you read the info I posted above? We Beta Testers are testing a version that will do just that so hopefully soon it will be released to all consumers, but Webroot has a work around and you just have to download a file and run it and it with add the Reg Key then it will allow the MS Patch to install so please see here and follow the instructions: https://answers.webroot.com/Webroot/ukp.aspx?pid=12&app=vw&vw=1&login=1&json=1&solutionid=2837
 
Thanks,
 
Daniel

Reply