Here are list of questions related to Anti-Virus compatibility,
1. How to check Anti-Virus compatibility and identify our missing patches?
Deploy the latest Anti-Virus definition update to the machine's before deploying Microsoft security updates for Meltdown and Spectre. Once you update the Anti-Virus, it will set a registry key on the machine notifying Microsoft that it is compatible for the security updates.
2. Does Endpoint Central check for the registry key before deploying the patches?
Once you deploy the security updates, please follow the below steps,
3. How to get the script for identify do our machine's have compatible Anti-Virus registry key?
Please follow the below steps, to do the same.
4. If my computer does not have and Anti-Virus installed, can Endpoint Central still handle the registry key settings?
Yes, if there are no Anti-Virus installed in your computer, Endpoint Central will automatically handle the registry fixes and deploys security udpates following that.
5. I declined patches 23634 and 23636 from being deployed, due to the blue screen alert. Can I deploy them now?
Yes, these patches are good to go, provided that you have the latest anti-virus definition update installed.
6. I tried to run the Microsoft update and it prompts us to uninstall McAfee endpoint security, for Microsoft update to run successfully. Why?
This signifies that you have to install Mcafee's latest definition update to run the Microsoft update successfully.
7. Where can I find list of anti virus software's that are compatible with Microsoft security updates?
Kevin Beaumont, a cybersecurity researcher has shared a document, where you can find various all Anti-Virus software, and their compatibility towards Microsoft security updates.