[morsch]

Bizarre.

Customers without Antivirus

In cases where customers can’t install or run antivirus software, Microsoft recommends manually setting the registry key as described below in order to receive the January 2018 security updates.

[testplzignore]

Sounds like Microsoft can't tell the difference between "has AV installed that will break" and "has no AV installed", which makes sense. It's probably infeasible to reliably fingerprint all existing AV software.

[Slansitartop]

> Sounds like Microsoft can't tell the difference between "has AV installed that will break" and "has no AV installed", which makes sense. It's probably infeasible to reliably fingerprint all existing AV software.

For something like this, I think best-effort bad-AV detection would have been best. Seems pretty insane to disable security patching because they can't be 100% certain that you have a compatibly AV.

[anonymfus]

Incompatibility here means unbootable state.

[Slansitartop]

But it also means that people with perfectly acceptable configurations are left in an insecure state, without an unexpected magic incantation (a registry hack) that most probably will never know about.

Disabling security patches is not acceptable in current year without A LOT of nasty and annoying warnings.

[sundvor]

It makes sense though. Only AV programs that comply may set the setting. Without a compliant AV program, there's nothing to do that set - unless you do it manually.