The reports indicate that the Microsoft patches will successfully apply, but will cause system disruptions. For this reason Microsoft is no longer offering the security patches until the security vendors certify their products to be compatible with the patches. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) recommends that organisations consult Microsoft's support website and the support websites of their OEM device manufacturers and security product vendors for specific advice relating to patching for these vulnerabilities.
For more information, please refer to:
- Guidance for patching Windows workstations: Microsoft: Windows client guidance for IT pro's to protect against speculative execution side-channel vulnerabilities
- Guidance for patching and activating mitigations on Windows servers: Microsoft: Windows security updates released January 3, 2018, and antivirus software
- Windows patch schedule and links to OEM vendor firmware updates: Microsoft: Protect your Windows devices against Spectre and Meltdown
- Unofficial list of security software that supports Windows updates: Microsoft Windows January 2018+ antivirus security update compatibility matrix