Important: Windows security updates and antivirus software


Overview


Microsoft has identified a compatibility issue with Microsoft's Windows security updates released in January 2018 and a small number of antivirus software products.

The compatibility issue arises when antivirus applications make unsupported calls into Windows kernel memory. These calls may cause stop errors (also known as blue screen errors) that make the device unable to boot. To help prevent these stop errors, Microsoft is currently only offering the January and February 2018 Windows security updates to devices that are running antivirus software that is from antivirus software vendors who have confirmed that their antivirus software is compatible by setting a required registry key.

April 10, 2018 Status Update

We are lifting the AV compatibility check for Windows security updates for supported Windows 7 SP1 and Windows 8.1 devices via Windows Update. We continue to require that AV software be compatible, and in cases where there are known issues of AV driver compatibility, we will block those devices from updates to avoid any issues. We recommend customers check with their AV provider on compatibility of their installed AV software product.

March 13, 2018 Status Update

Our recent work with our anti-virus (AV) partners on compatibility with Windows updates has now reached a sustained level of broad ecosystem compatibility.  Based on our analysis of available data, we are now lifting the AV compatibility check for the March 2018 Windows security updates for supported Windows 10 devices via Windows Update.  We continue to require that AV software is compatible and in cases where there are known issues of AV driver compatibility, we will block those devices from updates to avoid any issues. We recommend customers check with their AV provider on compatibility of their installed AV software product.

More information


Windows Defender Antivirus, System Center Endpoint Protection, and Microsoft Security Essentials are compatible with the 2018 Windows security updates and have set the required registry key.

Windows 10, Windows 8.1, Windows Server 2012 R2 and Windows Server 2016 Customers

Microsoft recommends all customers protect their devices by running a compatible and supported antivirus program. Customers can take advantage of built-in antivirus protection, Windows Defender Antivirus, for Windows 8.1 and Windows 10 devices or a compatible third-party antivirus application.

Windows 7 SP1 and Windows Server 2008 R2 SP1 Customers

In a default installation of Windows 7 SP1 or Windows Server 2008 R2 SP1, customers will not have an antivirus application installed by default. In these situations, Microsoft recommends installing a compatible and supported antivirus application such as Microsoft Security Essentials or a third-party anti-virus application. 

Customers without Antivirus

In cases where customers can't install or run antivirus software, Microsoft recommends manually setting the registry key as described below in order to receive the latest Windows security updates.

Setting the Registry Key

Note: Customers running Windows 8.1 and earlier versions will not receive the January 2018 Windows security updates (or any subsequent Windows security updates) and will not be protected from security vulnerabilities unless and until their antivirus software vendor sets the following registry key:

Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD”

Data="0x00000000”

 

Frequently asked questions


Q1: Why are some antivirus solutions incompatible with the January - March, 2018, security updates?

A1: During testing, we discovered that some third-party applications have been making unsupported calls into Windows kernel memory that cause stop errors (also known as bluescreen errors) to occur.

Microsoft has assembled the following resources to help potentially impacted customers:

Q2: What is Microsoft doing to help mitigate issues caused by these unsupported applications?

A2: To help protect our customers from "blue screen" errors and unknown scenarios, Microsoft is requiring all antivirus software vendors to attest to the compatibility of their applications by setting a Windows registry key.

Q3: How long will Microsoft require setting a registry key to receive the Windows security updates?

A3: As of April 10, 2018, we are lifting the AV compatibility check for Windows security updates for supported Windows 7 SP1 and Windows 8.1 devices via Windows Update. As of March 13, 2018 Microsoft is lifting the AV compatibility check for the March 2018 Windows security updates for supported Windows 10 devices via Windows Update. We continue to require that AV software is compatible and in cases where there are known issues of AV driver compatibility, we may block those devices from receiving Windows updates to avoid any issues.

Q4: I have a compatible antivirus application but I’m not being offered the Windows security updates. What do I do?

A4: In some cases, it may take time for Windows security updates to be delivered to systems, particularly for devices that have been turned off or not connected to the Internet (offline). After they are turned on again, these systems should receive updates from their antivirus software providers. Customers who still experience problems 24 hours after ensuring that their devices have proper Internet connectivity should contact their antivirus software vendor for additional troubleshooting steps.

Q5: My antivirus software is not compatible. What should I do?

A5: Microsoft has been working closely with antivirus software partners to help all customers receive the 2018 Windows security updates as soon as possible. See the status update sections ealier in this article for more information. If you are not being offered this month’s security update, Microsoft recommends that you contact your antivirus software provider.

Q6: I have a compatible antivirus software application, but I still experienced a bluescreen. What should I do?

A6: Microsoft has assembled the following resources to help potentially affected customers: