Microsoft confirms some users shouldn”t hit the update now button for Windows 10 2004
Microsoft has finally started rolling out the long-awaited Windows 10 May 2020 Update, also known as Windows 10 2004. Overall I have been impressed with the security features that have been added, updated and tweaked in this significant Windows update. Not that all users will be able to update at all, and Microsoft has even warned certain users not to attempt to do so using the Update now button.
MORE FROM rev-conf.orgWindows 10 2004 Update Can Change Passwords To PINs: Here”s What It Means For Your SecurityBy Davey Winder
More update woes for Windows 10 users
Although Microsoft has already said that the Windows 10 2004 update is being rolled out in a measured and phased manner, and only available to those who seek to do so, it’s already starting to look problematic for some.
Windows 10 update failures and hiccups are nothing new; take the recent deleted files and blue screens problem, for example. John Cable, Microsoft”s director of program management for Windows servicing and delivery, has already stated that some users may not see the “download and install” option for the update if they have a device which “might have a compatibility issue for which a safeguard hold is in place until we are confident that you will have a good update experience.”
Now it seems one such set of users are those trying to update to Windows 10 2004 on a device that has the hypervisor-protected code integrity (HVCI) security feature enabled. HVCI uses the Microsoft Hyper-V hypervisor to protect against malicious code injection by virtualizing specific Windows kernel processes.
MORE FOR YOU
iOS 14.4.2: New Update Now Warning Issued To All iPhone Users
Why You Shouldn’t Use Google Chrome After New Privacy Disclosure
Swiss Verkada Camera Hacker Says Attacks Were “Easy, Fun Anarchism”—U.S. Files Charges Over Data Theft
MORE FROM rev-conf.orgWindows Security Alert: Core System File Zero-Days Confirmed UnpatchedBy Davey Winder
It would appear that users with HVCI enabled might be seeing this message when trying to update to Windows 10 2004: “Your PC settings need to be adjusted before upgrading to the latest version of Windows 10. Turn off memory integrity protection to continue.”
This is due, Microsoft has said, to incompatibilities with certain display drivers when the memory integrity protection is enabled. This is despite all the delays in rolling out the Windows 10 May 2020 Update, which were thought to be for reasons of additional testing following the discovery of a zero-day exploit.
Mitigating the Windows 10 2004 HVCI update problem
Users who are affected by the HVCI issue will have a “compatibility hold” put upon their ability to install or even get offered Windows 10 2004, according to Microsoft.
There is a workaround: turning off memory integrity in the Windows Security core isolation page and then updating all display/video drivers. In the meantime, Microsoft said it is working on a fix to be included in an upcoming update release.
MORE FROM rev-conf.orgMicrosoft Sounds Windows 10 “Exploitation More Likely” Alarm: Here”s Exactly What That MeansBy Davey Winder
However, Microsoft also said: “We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.”
I have reached out to Microsoft to ask how long this update might be in the coming, and will update this article when any further information is available.
I”m a three-decade veteran technology journalist and have been a contributing editor at PC Pro magazine since the first issue in 1994. A three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) I was also fortunate enough to be named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro called “Threats to the Internet.” In 2011 I was honored with the Enigma Award for a lifetime contribution to IT security journalism. Contact me in confidence at davey
happygeek.com if you have a story to reveal or research to share.