Security Updates for Windows 7/8.1 (March 13, 2018)

Windows Update[German]Microsoft released various (security) updates for Windows 7 SP1 and Windows 8.1 as well as the corresponding server versions on March 13, 2018. Here is an overview .


Advertising


Updates for Windows 7 SP1/Server 2008 R2 SP1

Updates KB4088875 and KB4088878 have been released for Windows 7 SP1 and Windows Server 2008 R2 SP1. The update history for Windows 7 may be found on this Microsoft page.

KB4088875 (Monthly Rollup) for Windows 7/Windows Server 2008 R2 SP1

Update KB4088875 (March 13, 2018, Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains improvements and bug fixes that were already included in the update from the previous month. The update addresses the following:

  • Addresses issue where Internet Explorer is unresponsive in certain scenarios when a Browser Helper Object is installed.
  • Updates legacy Document Mode cell visibility in Internet Explorer.
  • Addresses issue where Internet Explorer stops working in certain printing scenarios.
  • Addresses issue where Internet Explorer stops working when using F12-based developer tools.
  • Provides cumulative Spectre and Meltdown protections for 32-Bit (x86) and 64-Bit (x64) versions of Windows except the KB4078130 update that was offered to disable mitigation against Spectre Variant 2.
  • Security updates to Internet Explorer, the Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Windows Installer, and Windows Hyper-V.

In addition to the various fixes for Internet Explorer, the cumulative patches against Spectre and Meltdown as well as for 32 and 64 bit are also integrated. The update is automatically provided and installed via Windows Update. The update is also available via Microsoft Update Catalog.

Ugly bugs are coming with this update

Microsoft lets you choose between plague and cholera. Because the update has some ‘steep side effects’, which make the patch as a no go.

  • After installing this update, SMB servers may leak memory. Microsoft is working on a resolution and will provide an update in an upcoming release.
  • A Stop error occurs if this update is applied to a 32-Bit (x86) machine with the Physical Address Extension (PAE) mode disabled. Microsoft is working on fixing this issue, and this update is, therefore, currently made available to machines with the Physical Address Extension (PAE) mode enabled.
  • A Stop error occurs on machines that don’t support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2). Microsoft is working on a resolution and will provide an update in an upcoming release.

Also note: Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.


Advertising

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\QualityCompat\

The REG_DWORD value cadca5fe-87d3-4b96-b7fb-a231484277cc need to be set to “0x00000000”. Contact your antivirus manufacturer to verify that their software is compatible and that they have set the following REGKEY on the computer.

There is another undokumented issue: During installing this update, virtual network adapters vNICs loses its static IP configuration (see my German blog Post here).

KB4088878 (Security Only) for Windows 7/Windows Server 2008 R2 SP1

Update KB4088878 (Security-only update) is available for Windows 7 SP1 and Windows Server 2008 R2 SP1. The update addresses the following:

  • Provides cumulative Spectre and Meltdown protections for 32-Bit (x86) and 64-Bit (x64) versions of Windows except the KB4078130 update that was offered to disable mitigation against Spectre Variant 2.
  • Security updates to the Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Windows Installer, and Windows Hyper-V.

The update is available for download via WSUS and in the Microsoft Update Catalog. Again, the update is only applied if the registry entry mentioned in the above update section is available. Regarding the known bugs, the same applies as for the update mentioned in the previous section.

If you are using this update, you must install the cumulative security update for Internet Explorer KB4089187.

Updates for Windows 8.1/Server 2012 R2

For Windows 8.1 and Windows Server 2012 R2 the update KB4088876 and the update KB4088879 have been released. The update history for Windows 8.1 can be found on this Microsoft page.

KB4088876 (Monthly Rollup) for Windows 8.1/Server 2012 R2

Update KB4088876 (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes contained in the rollup of the previous month. It also addresses the following topics.

  • Addresses issue where Internet Explorer is unresponsive in certain scenarios when a Browser Helper Object is installed.
  • Updates legacy Document Mode cell visibility in Internet Explorer.
  • Addresses issue where Internet Explorer stops working in certain printing scenarios.
  • Addresses issue where Internet Explorer stops working when using F12-based developer tools.
  • Addresses issue in Internet Explorer that caused the Outlook web app to slow down under certain circumstances.
  • Addresses issue where customers sometimes can’t sign in to Windows 2012 R2 servers when using a custom credential provider on a console or RDP.
  • Provides cumulative Spectre and Meltdown protections for 32-Bit (x86) and 64-Bit (x64) versions of Windows except the KB4078130 update that was offered to disable mitigation against Spectre Variant 2.
  • Security updates to Internet Explorer, the Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Windows Installer, and Windows Hyper-V.

Similar to Windows 7 bugs have been fixed in Internet Explorer. The update also includes all patches against Spectre and Meltdown. It should be noted that this update is only offered if the installed antivirus solution has been adapted by the manufacturer and the registry entry has been set in the KB contribution or above. The package is offered via Windows Update and via Microsoft Update Catalog.

KB4088879 (Security-only update) for Windows 8.1/Server 2012 R2

Update KB4088879 (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses the following items.

  • Addresses issue where customers sometimes can’t sign in to Windows 2012 R2 servers when using a custom credential provider on a console or RDP.
  • Provides cumulative Spectre and Meltdown protections for 32-Bit (x86) and 64-Bit (x64) versions of Windows except the KB4078130 update that was offered to disable mitigation against Spectre Variant 2.
  • Security updates to the Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Windows Installer, and Windows Hyper-V.

The update is available for download via WSUS and in the Microsoft Update Catalog. Again, the update is only applied if the registry entry mentioned in the above Windows 7 Update section is available.

If you are using this update, you must install the cumulative security update for Internet Explorer KB4089187.

Similar articles
Adobe Flash Player Update to Version 29.0.0.113
Microsoft Patchday Summary March 13, 2018
Security Updates for Windows 7/8.1 (March 13, 2018)
Patchday: Windows 10 Updates (March 13, 2018)
Microsoft Office Patchday (March 13, 2018)
Network issues with Updates KB4088875 / KB4088878


Advertising


This entry was posted in Update, Windows and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *