Kaspersky has put the blame squarely on Microsoft (opens in new tab) after a recent Windows 10 update (KB4524244 (opens in new tab)) meant to further protect against an attack that exploited a vulnerable version of the Kaspersky Rescue Disk software has caused more system crashes. The security company claimed that it had already patched the vulnerability in August 2019.
Microsoft recently had to cancel a Windows 10 update after it caused issues and broke features on users’ computers. According to Kaskpersky, Microsoft updated its UEFI signatures list to revoke certain UEFI signatures that were being used with older and maliciously modified versions of the Kaspersky Rescue Disk.
Kaspersky said that its software is not at fault for the update incompatibility. Microsoft may have been right to revoke the UEFI signature that was being abused by attackers, but the main issue here seems to be that Microsoft didn’t bother to also warn Kaspersky about it so Kaspersky could take the necessary steps to support the new UEFI signature.
This isn’t the first time Kaspersky as well as other companies have accused Microsoft (opens in new tab) of not communicating well enough about changes that impact third-party developers, which often results in various software conflicts and system crashes for users. Microsoft may also get little sympathy from users, considering how many issues its updates have caused over the past year or so.
According to Kaspersky, if the new Windows 10 update hasn’t caused you an issue, then you won’t need to remove it. Microsoft also said that the update won’t be re-issued, but that fixes for the new bugs will be coming soon.