Intelligent CISO Issue 02 | Page 35

If machines stop receiving updates , check if your antivirus vendor is compatible and if they have done the proper due diligence in setting this registry key .

PREDICTIVE INTELLIGENCE

If machines stop receiving updates , check if your antivirus vendor is compatible and if they have done the proper due diligence in setting this registry key .

End users and businesses should therefore take note . If machines stop receiving updates , check if your antivirus vendor is compatible and if they have done the proper due diligence in setting this registry key .
Machines that are not set are going to fall out of your patch cycle .
In addition , if you use a third-party patch solution , they need to honour this setting as well because future updates could cause issues to the host if anti-virus is not compatible and newer Windows updates are applied . A vicious dependency and circle .
It is the first time relying on the new Windows Update process has had a glitch due to the flaws in Intel
A single update versus potentially dozens allows for time savings and an easier patch cycle . Hence , ‘ a patch in time saved nine ’ as a pun on the old cliché
But here is the messy part . Malware executing with the proper privileges could tamper with this registry key as well and revert an acceptable state to stop updates in the future .
This could allow a persistent presence that may be resolved with future
Windows updates . Essentially , this technique controls future Windows updates and provides a vehicle with tampering with the entire process ; something that has not been implemented before in Windows to control when updates should stop due to incompatibility . microcode . Patching individual issues is no longer possible and we must complete them as one patch ( stitch ) every month once we have confirmed they will be applied correctly . You ’ ve been warned . It is worth checking your environment to make sure you can still receive patches too . u www . intelligentciso . com | Issue 02
35