Jump to content

About update package 1.0.3624 - Meltdown / Spectre


Recommended Posts

Hi there,

I'm using Malwarebytes 3.3.1.2183.

I see that Meltdown / Spectre Vulnerabilites are supposed to be mitigated by Microsoft hotfixes (KB4056892-97) patches, and before the patch, the AV companies are strictly instructed to prepare the system for the patch. I read "HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc" registry key is added to system during patching process.

What i would like to know:

Isn't Microsoft creating that key if we install the hotfix patch? Or Malwarebytes creating the key during 1.0.3624 update?

What behaviours would happen if i update Malwarebytes update package version to 1.0.3624 and DO NOT INSTALL Microsoft hotfix on KB4056897? Will i still have this key or any registry/filesystem modification, if i just update Malwarebytes update package to 1.0.3624? I just want to get latest malware database definitions as well.

Thanks for the tip!

Link to post
Share on other sites

5 minutes ago, Porthos said:

We are still working in the other topic, No need to start a new topic. ;)

? OK, but i have a lot of questions and trying to figure them out quickly. That is why this is another topic with another content at all, you know. This issue (Meltdown/Spectre) is fairly hot problem that is being discussed around a lot of communities, really made me concern, and just would like to know whether latest update package would cause problems on machines without Microsoft patch.

Edited by kimiraikkonen
Link to post
Share on other sites

12 minutes ago, kimiraikkonen said:

DO NOT INSTALL Microsoft hotfix on KB4056897?

It will force install if your computer does not have any incompatible software.  Your Malwarebytes, since you use the free version can not affect the patch because it has no real-time protection.

3 minutes ago, kimiraikkonen said:

is fairly hot problem that is being discussed around a lot of communities, really made me concern.

That  Microsoft vulnerability has been around for years. It is always best practice to keep all you software up to date including Windows. That is why they force automatic updates.

Link to post
Share on other sites

16 minutes ago, Porthos said:

If you have not already read this please. it answers a lot of questions.

https://blog.malwarebytes.com/security-world/2018/01/meltdown-and-spectre-what-you-need-to-know/

I appreciate your effort sir, Really. I knew dcollins, AdvancedSetup on forum and now you, really great staff. :)

However if i disable automatic updates, Windows can't force this patch until installing manually through Microsoft Catalog as far as i know.

I read the blog post yesterday, thanks for the link though. :)

However my main question is still unclear, clicking on Check for Updates on Malwarebytes is meant to install update package 1.0.3624 as far as i read the official Malwarebytes document. Eventhough i suspend and delay MS patch installation for a while, will Malwarebytes still make changes to the system? 

I also knew "update packages" are actually known to contain malware definition lists, formerly labeled "database updates" which are not making changes to the system unlike "component package updates". That confused me a bit.

Link to post
Share on other sites

Definition updates are the database updates. These are released many times a day.

Cumulative updates are major program updates that install silently at least for paid users. You were behind on this on your computer.  These average every 3 months or so.

Then there are the FULL program updates that you have to install manually.when notified by MB.

1 hour ago, kimiraikkonen said:

However if i disable automatic updates

I would not recommend that. People not keeping up with Microsoft updates are a big reason ransomware spreads so far. 

I am still waiting on the below from the other thread.

2 hours ago, Porthos said:

You log still tells me you DID not follow the instructions and run the MB clean tool...

https://downloads.malwarebytes.com/file/mb_clean 

 

 

Link to post
Share on other sites

5 hours ago, Porthos said:

That  Microsoft vulnerability has been around for years.

Wait a minute.. I thought this was all from a Intel (chips) hardware vulnerability... ( the AV companies along with Microsoft, Apple and other vendors) have to come up with fixes to protect users.

Link to post
Share on other sites

Porthos and Firefox are spot on here with what they've said. Installing the database update 1.0.3624 will add the registry key to your system. It will not force install the windows update though. All the registry key being present does is tell windows update that your computer is ready for the update.

Link to post
Share on other sites

8 hours ago, dcollins said:

Porthos and Firefox are spot on here with what they've said. Installing the database update 1.0.3624 will add the registry key to your system. It will not force install the windows update though. All the registry key being present does is tell windows update that your computer is ready for the update.

Hi @dcollins. Today i updated Malwarebytes free edition by clicking "Check for Updates" and it updated "update package" to 1.0.3646, which seems newer than 1.0.3624. But it did NOT add registry key to the system. I looked with regedit, key wasn't there. Is it because of using free version and Premium trial has ended?

I also noticed that "update package" versions differ by version number and release date depending on whether Malwarebytes is free or Premium (paid) on corresponding machine, as far as i noticed on other computers in my environment.

Link to post
Share on other sites

If you're in free mode, this is correct, no registry key will be added. The only time the registry key is needed is if your security software is registered in Windows Action Center, which free Malwarebytes does not do.

As for the database version number, there is no distinction between free and premium there. We do however release a number of databases updates every day, so it could be one machine just isn't caught up yet.

Link to post
Share on other sites

2 hours ago, dcollins said:

If you're in free mode, this is correct, no registry key will be added. The only time the registry key is needed is if your security software is registered in Windows Action Center, which free Malwarebytes does not do.

Just a question for this as it may come up... So if someone is running the free version and say 1 month from now decides to purchase and go Premium and activates the MB3 software (when/how is the registry key added then)?  Does it get added as soon as on activates the product?  At next Database update?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.