• Patch Lady – so I don’t get it

    Posted on April 12, 2019 at 20:24 CDT by Comment in the Forums

    By now you’ve seen the headlines… we have three antivirus documented as being down for the count when it comes to Windows 7 and 8.1 (and corresponding Server OS as well).  Per https://support.microsoft.com/en-us/help/4493448 , Sophos, Avira and Avast all are causing issues, with machines unresponsive.  Avast in particular has the nasty side effect of “additionally you may be unable to log in or log in after an extended period of time”.

    Yet in the patches there doesn’t see to be any extreme changes to the kernel (that my honestly untrained eyes) can see that would cause three pretty common antivirus engines to be totally making computers unusable.

    https://support.microsoft.com/en-us/help/4493472 (the monthly rollup KB) lists ArcaBit as another impacted one.

    Windows 10 1809 also refers to an issue with ArcaBit antivirus.  I am not seeing that reported on any other Windows 10 platform.

    In the cumulative update model it’s a bit harder to tell what exactly Microsoft is fixing.  Dustin Childs (ex-MSRC webcasts/blogger now at Zero day) lists out the patches in their “code” style not in the patch style.  Normally kernel code changes are the most historically and notoriously at fault for interactions with antivirus.  Because A/V hooks into the kernel, changes to that code often has ripple effects.

    Both kernel bugs this month (here and here) don’t give me clues that they might be the ones triggering all of these failures.

    Bottom line I’m giving you no answers tonight, just big warnings.  Don’t install updates just yet… but you knew that one already.

    Uncategorized , ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.