Meltdown and Spectre – McAfee Product Compatibility Update

This article provides updated information to our blog post titled "Decyphering the Noise Around 'Meltdown' and 'Spectre'."

Recent updates to this article

Date	Update
October 31, 2019	Removed Data Exchange Layer 3.x product category tag.
September 26, 2019	Updated Active Response and Web Gateway categories to reflect current supported versions.
February 6, 2019	Updated Advanced Threat Defense Appliance information. Updated article to note that testing is complete.
January 4, 2019	Removed GTI Proxy Appliance from the "Appliance Compatibility for McAfee Products" list.
September 6, 2018	Updated the "Appliance Compatibility for McAfee Products" list to include Web Gateway 7.7.2. Changed all "patch" references to "update." NOTE: McAfee updates were previously referred to as patches.

McAfee has completed testing to ensure product compatibility with operating system patches related to “Spectre” and “Meltdown.” This document contains the status of our testing.



For more information about the “Spectre” and “Meltdown” attack methods, see our blog “Decyphering the Noise Around ‘Meltdown’ and ‘Spectre’”: https://securingtomorrow.mcafee.com/mcafee-labs/decyphering-the-noise-around-meltdown-and-spectre/. 
  Microsoft has requested security vendors to perform additional testing with their January 3 update, to ensure compatibility with that update.
Microsoft introduced a new registry key with this update to control if the update is available through the Windows Update service. 
 
Automated mechanism to deploy the registry key update
Starting with the January 10 DAT (3221.0) updates for Endpoint Security (ENS) 10.0.2 and later, the registry key will be automatically updated for customers.

NOTE: Safety Pulse, which is enabled by default, must be enabled to download ENS DAT 3221.0. ​

Starting with the January 12 DAT (8772), customers who use VirusScan Enterprise (VSE) 8.8 and receive DAT updates will have the registry key automatically updated.

The DAT adds the check for the registry key, and sets it if it is not present. Customers who have already set a registry key will not have any issues.

For customers using ENS 10.0.1 or earlier, see KB90180 - How to deploy the required registry key via automated executable.

NOTE: Microsoft no longer performs AV compatibility checks for supported Windows 10, 8.1, and 7 SP 1 devices. But, McAfee will continue to set this registry key to ensure compatibility for other devices. For more information, see the following Microsoft article: Important: Windows security updates and antivirus software.

Manual methods to deploy the registry key update
To receive patches through Windows Update, customers are advised to create the following new registry key:
   
In environments with Active Directory, this key can be deployed through GPO. Instructions on how to deploy through GPO are available at: https://technet.microsoft.com/en-us/library/cc753092%28v=ws.11%29.aspx
 
Customers who are not using Windows Update can directly download and apply the Windows Update from the Windows Update Catalog at: support.microsoft.com/en-us/help/323166/how-to-download-updates-that-include-drivers-and-hotfixes-from-the-win. 

NOTE: When you download Windows updates, Windows 7 operating systems must be updated to SP1 to pull updates from Microsoft Windows Update. 
 

Testing is complete for all McAfee products and no compatibility issues with the Microsoft update have been found.

Cloud services for McAfee and Skyhigh products: