{"id":213562,"date":"2019-01-09T00:46:58","date_gmt":"2019-01-08T23:46:58","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=213562"},"modified":"2019-03-21T08:15:18","modified_gmt":"2019-03-21T07:15:18","slug":"patchday-updates-fr-windows-7-8-1-server-8-jan-2019","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2019\/01\/09\/patchday-updates-fr-windows-7-8-1-server-8-jan-2019\/","title":{"rendered":"Patchday: Updates f&uuml;r Windows 7\/8.1\/Server 8. Jan. 2019"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline; border-width: 0px;\" title=\"Update\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2015\/02\/Update.jpg\" alt=\"Windows Update\" width=\"54\" height=\"54\" align=\"left\" border=\"0\" \/>[<a href=\"https:\/\/borncity.com\/win\/2019\/01\/09\/patchday-updates-for-windows-7-8-1-server-jan-8-2019\/\" target=\"_blank\" rel=\"noopener noreferrer\">English<\/a>]Am 8. Januar 2019 hat Microsoft diverse (Sicherheits-)Updates f\u00fcr Windows 7 SP1 und weitere Updates f\u00fcr Windows 8.1 sowie die korrespondierenden Server-Versionen freigegeben. Hier der \u00dcberblick \u00fcber diese Updates.<\/p>\n<p><!--more--><\/p>\n<h2>Updates f\u00fcr Windows 7\/Windows Server 2008 R2<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg04.met.vgwort.de\/na\/d798a3c15f1f41b7b8b85cbb0ae8fd3e\" alt=\"\" width=\"1\" height=\"1\" \/>F\u00fcr Windows 7 SP1 und Windows Server 2008 R2 SP1 wurden ein Rollup und ein Security-only Update freigegeben. Die Update-Historie f\u00fcr Windows 7 ist auf <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4009469\" target=\"_blank\" rel=\"noopener noreferrer\">dieser Microsoft-Seite<\/a> zu finden.<\/p>\n<h3>KB4480970 (Monthly Rollup) f\u00fcr Windows 7\/Windows Server 2008 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480970\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480970<\/a> (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) enth\u00e4lt Verbesserungen und Bug-Fixes, die bereits im Update vom Vormonat enthalten waren. Das Update adressiert folgendes:<\/p>\n<ul>\n<li>Provides protections against an additional subclass of speculative execution side-channel vulnerability known as <a href=\"https:\/\/web.archive.org\/web\/20190118032455\/https:\/\/blogs.technet.microsoft.com\/srd\/2018\/05\/21\/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639\/\" target=\"_blank\" rel=\"noopener noreferrer\">Speculative Store Bypass<\/a> (CVE-2018-3639) for AMD-based computers. These protections aren't enabled by default. For Windows client (IT pro) guidance, follow the instructions in <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4073119\" target=\"_blank\" rel=\"noopener noreferrer\">KB4073119<\/a>. For Windows Server guidance, follow the instructions in <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4072698\" target=\"_blank\" rel=\"noopener noreferrer\">KB4072698<\/a>. Use these guidance documents to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).<\/li>\n<li>Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:<\/li>\n<li>\"New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.\"<\/li>\n<li>Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.<\/li>\n<\/ul>\n<p>Hier werden also u.a. die im Dezember 2018 publik gewordenen Seitenkanalangriffe versucht zu patchen.\u00a0Dieses Update wird automatisch von Windows Update heruntergeladen und installiert. Das Paket ist auch per <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB4480970\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a> erh\u00e4ltlich. Die Installation erfordert, dass das neuestes SSU bereits installiert ist.<\/p>\n<blockquote><p><strong>Anmerkung:<\/strong> Im KB-Beitrag steht erneut der Hinweis, dass das Update das seit vielen Monaten bekannt Problem hat, dass der NIC (network interface controller) wegen einer fehlenden Dritthersteller .inf-Datei nicht mehr funktioniert. Abhilfe schafft, den NIC \u00fcber den Ger\u00e4te-Manager neu installieren zu lassen.<\/p>\n<p>Gem\u00e4\u00df den nachfolgenden Kommentaren gibt es wohl Netzwerkprobleme nach der Installation des Updates (kein Zugriff auf Netzwerkfreigaben). Ich habe den Artikel\u00a0<a href=\"https:\/\/borncity.com\/blog\/2019\/01\/09\/netzwerkprobleme-mit-kb4480970-monthly-rollup\/\" rel=\"bookmark\">Netzwerkprobleme mit KB4480970 (Monthly Rollup)<\/a>\u00a0mit ersten Analysen und Hinweisen dazu ver\u00f6ffentlicht.<\/p><\/blockquote>\n<h3>KB4480960 (Security Only) f\u00fcr Windows 7\/Windows Server 2008 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480960\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480960<\/a>\u00a0(Security-only update) steht f\u00fcr Windows 7 SP1 und Windows Server 2008 R2 SP1 zur Verf\u00fcgung. Das Update adressiert die gleichen Punkte wie das Monthly Quality Rollup Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480970\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480970<\/a>.<\/p>\n<p>Das Update gibt es per WSUS oder im <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB4480960\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a>. Wenn Sie das Update installieren, ist vorher das das neueste Servicing Stack Update (SSU, <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3177467\" target=\"_blank\" rel=\"noopener noreferrer\">KB3177467<\/a>) zu installieren. Bei Installation des Security Only Update ist auch <a href=\"https:\/\/support.microsoft.com\/en-sg\/help\/4480965\/cumulative-security-update-for-internet-explorer\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480965<\/a> f\u00fcr den IE zu installieren.<\/p>\n<blockquote><p>Auch dieses Update verursacht Probleme mit Netzwerkfreigaben &#8211; siehe obiger Hinweis.<\/p><\/blockquote>\n<h2>Updates f\u00fcr Windows 8.1\/Windows Server 2012 R2<\/h2>\n<p>F\u00fcr Windows 8.1 und Windows Server 2012 R2 wurden ein Rollup und ein Security-only Update freigegeben. Die Update-Historie f\u00fcr Windows 8.1 ist auf <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4009470\/windows-8-1-windows-server-2012-r2-update-history\" target=\"_blank\" rel=\"noopener noreferrer\">dieser Microsoft-Seite<\/a> zu finden.<\/p>\n<h3>KB4480963 (Monthly Rollup) f\u00fcr Windows 8.1\/Server 2012 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480963\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480963<\/a> (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) enth\u00e4lt Verbesserungen und Fixes, die im Rollup des Vormonats enthalten waren. Zudem adressiert es die folgenden Punkte.<\/p>\n<ul>\n<li>Provides protections against an additional subclass of speculative execution side-channel vulnerability known as <a href=\"https:\/\/web.archive.org\/web\/20190118032455\/https:\/\/blogs.technet.microsoft.com\/srd\/2018\/05\/21\/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639\/\" target=\"_blank\" rel=\"noopener noreferrer\">Speculative Store Bypass<\/a> (CVE-2018-3639) for AMD-based computers. These protections aren't enabled by default. For Windows client (IT pro) guidance, follow the instructions in <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4073119\" target=\"_blank\" rel=\"noopener noreferrer\">KB4073119<\/a>. For Windows Server guidance, follow the instructions in <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4072698\" target=\"_blank\" rel=\"noopener noreferrer\">KB4072698<\/a>. Use these guidance documents to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).<\/li>\n<li>Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:<\/li>\n<li>\"New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.\"<\/li>\n<li>Security updates to Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.<\/li>\n<\/ul>\n<p>Dieses Update wird automatisch von Windows Update heruntergeladen und installiert, ist aber auch im <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB4480963\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a> erh\u00e4ltlich. Nach der Installation dieses Updates k\u00f6nnen Drittanbieteranwendungen Schwierigkeiten bei der Authentifizierung von Hotspots haben. Microsoft untersucht dieses Problem.<\/p>\n<h3>KB4480964 (Security-only update) f\u00fcr Windows 8.1\/Server 2012 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480964\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480964<\/a> (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) adressiert die gleichen Punkte wie Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480963\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480963<\/a> (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2).<\/p>\n<p>Das Update gibt es per WSUS oder im <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB4467703\">Microsoft Update Catalog<\/a>. Probleme sind laut Microsoft keine bekannt. Bei Installation des Security Only Update ist auch <a href=\"https:\/\/support.microsoft.com\/en-sg\/help\/4480965\/cumulative-security-update-for-internet-explorer\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480965<\/a> f\u00fcr den IE zu installieren.<\/p>\n<p><strong>\u00c4hnliche Artikel:<br \/>\n<\/strong><a href=\"https:\/\/borncity.com\/blog\/2019\/01\/04\/microsoft-office-patchday-2-januar-2019\/\">Microsoft Office Patchday (2. Januar 2019)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2019\/01\/09\/microsoft-security-update-summary-08-januar-2019-2\/\">Microsoft Security Update Summary (08. Januar 2019)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2019\/01\/09\/patchday-updates-fr-windows-7-8-1-server-8-jan-2019\/\">Patchday: Updates f\u00fcr Windows 7\/8.1\/Server 8. Jan. 2019<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2019\/01\/09\/patchday-windows-10-updates-8-januar-2019\/\">Patchday Windows 10-Updates (8. Januar 2019)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/?p=213601\">Patchday Microsoft Office Updates (8. Januar 2019)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2019\/01\/12\/microsoft-patchday-weitere-updates-zum-8-januar-2019\/\" rel=\"bookmark\">Microsoft Patchday: Weitere Updates zum 8. Januar 2019<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Am 8. Januar 2019 hat Microsoft diverse (Sicherheits-)Updates f\u00fcr Windows 7 SP1 und weitere Updates f\u00fcr Windows 8.1 sowie die korrespondierenden Server-Versionen freigegeben. Hier der \u00dcberblick \u00fcber diese Updates.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426,185,2557],"tags":[7385,7384,7382,7381,1229,4315,4294,4366,4364],"class_list":["post-213562","post","type-post","status-publish","format-standard","hentry","category-sicherheit","category-update","category-windows-server","tag-kb4480960","tag-kb4480963","tag-kb4480964","tag-kb4480970","tag-patchday","tag-update","tag-windows-7","tag-windows-8-1","tag-windows-server"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/213562","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=213562"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/213562\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=213562"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=213562"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=213562"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}