Windows April Patch: the good, the bad and the ugly

Since 10 days is available the April Cumulative Update for Windows client and server but the latest patch for Windows 7 and Windows Server 2008 R2 fixes several issues to protect from Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) on computer with VIA chipset based.

This is good news, the bad news is that many users reported issues with their software antivirus. There are four the known vendors targeted: Sophos, Avira, AVG and McAfee.

About Sophos, the problem is the same detected on Windows 10 related to Sophos Endpoint Protection. Similar for Avira and AVG, where the synthom is OS instability and, in same cases, boot failure.

Different issue for McAfee, because the update causes slow boot performance or slow performance of Operating System on a computer with
McAfee Endpoint Security (ENS) Threat Prevention 10.x.

In this case the ugly is the latest April Patch that introduced an update for Client Server Runtime Subsystem (CSRSS) that causes the issues. Microsoft and antivirus vendors are working on to fix this big problem for end-users.

Your company uses one of these products? Could be better wait the next patch turn to see if the issue will be fixed.