Patchday: June 2018 Updates for Windows 7/8.1/Server

Windows Update[English]On June 12, 2018 Microsoft released several (security) updates (KB4284826, KB4284867) for Windows 7 SP1 and other updates (KB4284815, KB4284878) for Windows 8.1 and the corresponding server versions. Here is an overview of these updates.


Advertising

Updates for Windows 7/Windows Server 2008 R2

For Windows 7 SP1 and Windows Server 2008 R2 SP1, a rollup and a security-only update have been released. The update history for Windows 7 can be found on this Microsoft page.

KB4284826 (Monthly Rollup) for Windows 7/Windows Server 2008 R2

Update KB4284826 (June 12, 2018, Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains improvements and bug fixes that were already included in the previous month's update. Among other things, the update addresses the Spectre vulnerabilities including the following items:

  • Provides support to control use of Indirect Branch Prediction Barrier (IBPB) on some AMD processors (CPUs) for mitigating CVE-2017-5715, Spectre Variant 2 when switching from user context to kernel context. (See AMD Architecture Guidelines for Indirect Branch Control and AMD Security Updates for more details). For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable use of IBPB on some AMD processors (CPUs) for mitigating Spectre Variant 2 when switching from user context to kernel context.
  • Provides protections from an additional subclass of speculative execution side channel vulnerability known as Speculative Store Bypass (CVE-2018-3639). These protections aren't enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use this guidance document to enable mitigations for Speculative Store Bypass (CVE-2018-3639) in addition to the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
  • Increased the Internet Explorer cookie limit from 50 to better align with industry standards.
  • Improves the reliability of Internet Explorer when using geolocation.
  • Security updates to Internet Explorer, Windows apps, Windows Server, Windows storage and filesystems, Windows wireless networking, and Windows virtualization and kernel.

The update is automatically downloaded and installed by Windows Update. It can also be downloaded from the Microsoft Update Catalog. Microsoft continues to report a known problem: A stop error occurs on computers that do not support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2). That should be fixed sometime.

The second issue has also been known for months: There is a problem with third-party Windows and software that refers to a missing file (oem<number>.inf). For this reason, the network interface controller will not work after installing this update. I picked up the topic in the blog post Windows 7 SP1 network bug (KB4103718/KB4103712) . Microsoft recommends updating the network driver as a workaround.

KB4284867 (Security Only) for Windows 7/Windows Server 2008 R2

Update KB4284867 (Security-only update) is available for Windows 7 SP1 and Windows Server 2008 R2 SP1. The update addresses the same points as those listed in KB4103718. The described stop error also occurs. The update is available via WSUS or in the Microsoft Update Catalog.


Advertising

Updates for Windows 8.1/Windows Server 2012 R2

For Windows 8.1 and Windows Server 2012 R2 a rollup and a security-only update have been released. The update history for Windows 8.1 can be found on this Microsoft page.

KB4284815 (Monthly Rollup) for Windows 8.1/Server 2012 R2

Update KB4284815 (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes that were included in the rollup for the previous month. It also addresses the following items.

  • Addresses an issue where firmware updates cause devices to go into BitLocker recovery mode when BitLocker is enabled, but Secure Boot is disabled or not present. This update prevents firmware installation on devices in this state. Administrators can install firmware updates by:
    • 1. Temporarily suspending BitLocker.
    • 2. Immediately installing firmware updates before the next OS startup.
    • 3. Immediately restarting the device so that BitLocker doesn't remain in the suspended state.
  • Permits a band-capable disk that has only one partition, and it is an MSR partition, to convert to a dynamic disk.
  • Increases the Internet Explorer cookie limit from 50 to better align with industry standards.
  • Improves the reliability of Internet Explorer when using geolocation.
  • Security updates to Internet Explorer, Windows apps, remote code execution, Windows Server, Windows storage and filesystems, and Windows wireless networking.

This update is automatically downloaded and installed from Windows Update, but is also available in the Microsoft Update Catalog. There are no known issues with this update.

KB4284878 (Security-only update) for Windows 8.1/Server 2012 R2

Update KB4284878 (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses only one item.

Security updates to Windows apps, remote code execution, Windows Server, Windows storage and filesystems, and Windows wireless networking.

The update is available via WSUS or within the Microsoft Update Catalog. There are no know issues.

Similar articles:
Adobe Flash Player version 30.0.0.113 available
Flash-Update KB4287903 for Windows released
Flash-Update KB4287903: Install issues with WSUS
Microsoft Office Patchday (June 5, 2018)
Windows 10 V1803: Update KB4338548 released
Microsoft Security Update Summary for June 12, 2018
Windows 10 V1511-1607: Privacy notification update KB4134662, KB4134663 and KB4134659Microsoft Office Patchday (5. Juni 2018)
Patchday: June 2018 Updates for Windows 7/8.1/Server
Patchday: Windows 10 updates June 12, 2018
Microsoft patchday: More updates (June 12, 2018)


Advertising

This entry was posted in Security, Update, Windows and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).