Patchday: Updates for Windows 7/8.1/Server (August 14, 2018)

Windows Update[German]On August 14, 2018 Microsoft released several (security) updates (KB4343900, KB4343899) for Windows 7 SP1 and other updates (KB4343898, KB4343888 ) for Windows 8.1 and the corresponding server versions. Here is an overview of these updates.


Advertising

Updates for Windows 7/Windows Server 2008 R2

For Windows 7 SP1 and Windows Server 2008 R2 SP1, a rollup and a security-only update have been released. The update history for Windows 7 can be found on this Microsoft page.

KB4343900 (Monthly Rollup) for Windows 7/Windows Server 2008 R2

Update KB44343900 (August 14, 2018, Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains improvements and bug fixes that were already included in the previous month’s update. The update addresses the following:

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Provides protections against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 32-Bit (x86) versions of Windows.

These are updates that are intended to close Spectre vulnerabilities or cure the consequences of such updates. Note the notes on turning Windows Client and Windows Server registry settings on or off.

The update is automatically downloaded and installed by Windows Update. It can also be downloaded from the Microsoft Update Catalog.

Note: The original article sayed: This update has (since many months) a known issue. The NIC (network interface controller) no longer works due to a missing third-party.inf file. The remedy is to reinstall the NIC via the device manager. Hours after publishing, Microsoft has removed that known issue, so it seems to be fixed.

KB4343899 (Security Only) for Windows 7/Windows Server 2008 R2

Update KB4343899 (Security-only update) steht is available for Windows 7 SP1 and Windows Server 2008 R2 SP1. The update addresses the same points as the KB4343900 update above.


Advertising

The update is available via WSUS or in the Microsoft Update Catalog. There are no known problems. When installing the Security Only Update you must also install KB4343205 for IE.

Updates for Windows 8.1/Windows Server 2012 R2

For Windows 8.1 and Windows Server 2012 R2 a rollup and a security-only update have been released. The update history for Windows 8.1 can be found on this Microsoft page.

KB4343898 (Monthly Rollup) for Windows 8.1/Server 2012 R2

Update KB4343898 (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes that were included in the rollup for the previous month. It also addresses the following items.

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS Editions.)
  • Ensures that Internet Explorer and Microsoft Edge support the preload=”none” tag.
  • Addresses an issue that may prevent your device from starting up properly if you install KB3033055 (released September 2015) after installing any Monthly Rollup dated November 2017 or later.

This update is automatically downloaded and installed from Windows Update, but is also available in the Microsoft Update Catalog. No issues are known.

KB4343888 (Security-only update) for Windows 8.1/Server 2012 R2

Update KB4343888 (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses the following item.

Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS Editions.)

The update is available via WSUS or in the Microsoft Update Catalog. Microsoft is currently not aware of any errors. When installing the Security Only Update you also need to install KB4343205 for IE.

Similar articles:
Security update for Adobe Acrobat/Reader
Microsoft Office Patchday (August 7, 2018)
Windows 10 Updates KB4295110/KB4023057 (08/09/2018)
Microsoft Security Update Summary August 14, 2018
Patchday Windows 10-Updates (August 14, 2018)
Patchday: Updates for Windows 7/8.1/Server (August 14, 2018)
Patchday Microsoft Office Updates (August 14, 2018)
Microsoft Patchday: Other Updates (August 14, 2018)


Advertising


This entry was posted in Security, Update, Windows and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *