Patchday: Updates for Windows 7/Server 2008 R2 (August 10, 2021)

Update[German]As of August 10, Microsoft has released various updates for Windows 7 SP1 systems that are still in ESU support. Also with ESU Bypass v11 the whole thing still works. But these security updates are also available for Windows Server 2008 R2 with ESU support. Here is some information about the Monthly Rollup and Security only Updates for this operating system.


Advertising

Updates for Windows 7/Windows Server 2008 R2

For Windows 7 SP1 and Windows Server 2008 R2 SP1 a rollup and a security-only update have been released. However, these updates are only available for systems with ESU license (2nd year). The update history for Windows 7 can be found on this Microsoft page.

As of July 2020, all Windows updates disable the RemoteFX vGPU feature due to vulnerability  CVE-2020-1036 (see also KB4570006).

After installing this update, attempts to start virtual machines (VM) with RemoteFX vGPU enabled will fail. KB5003209 (Monthly Rollup) for Windows 8.1/Server 2012 R2.

Update installation requires either a valid ESU license for 2021, or ESU Bypass v11 (see).

KB5005088 (Monthly Rollup) for Windows 7/Windows Server 2008 R2

Update KB5005088 (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains (besides the security fixes from the previous month) improvements and bug fixes and addresses the following:

  • Changes the default privilege requirement for installing drivers when using Point and Print. After installing this update, you must have administrative privileges to install drivers. If you use Point and Print, see KB5005652, Point and Print Default Behavior Change, and CVE-2021-34481 for more information.
  • Addresses an issue in which Smart Card Authentication (PIV) fails on non-RFC compliant printers and scanners requiring smartcard authentication. For more information, see KB5005392.
  • This update also contains miscellaneous security improvements to internal OS functionality.

Details about the fixed vulnerabilities can be found on this page. This update is automatically downloaded and installed via Windows Update. The package is also available via Microsoft Update Catalog and is distributed via WSUS. Details about the requirements and known issues can be found in the KB article.

Regarding the point and print fix, I'm not so sure if this is really fixed (see).

KB5005089 (Security Only) for Windows 7/Windows Server 2008 R2

Update KB5005089 (Security-only update) steht für Windows 7 SP1 und Windows Server 2008 R2 SP1 mit ESU-Lizenz zur Verfügung. Das Update adressiert folgende Punkte.

  • Changes the default privilege requirement for installing drivers when using Point and Print. After installing this update, you must have administrative privileges to install drivers. If you use Point and Print, see KB5005652, Point and Print Default Behavior Change, and CVE-2021-34481 for more information.
  • Addresses an issue in which Smart Card Authentication (PIV) fails on non-RFC compliant printers and scanners requiring smartcard authentication. For more information, see KB5005392.
  • This update also contains miscellaneous security improvements to internal OS functionality.

The update is available via WSUS or in the Microsoft Update Catalog. To install the update, you must meet the prerequisites listed in the KB article and in the rollup update above. The update has the errors described in the KB article. In addition, Internet Explorer 11 security update KB5005036 from August 2021 should be installed (support for IE 11 is now ending). Be sure to install the latest Servicing Stack update beforehand.


Advertising

Similar article:
Microsoft Office Patchday (August 3, 2021)
Microsoft Security Update Summary (August 10, 2021)
Patchday: Windows 10-Updates (August 10, 2021)
Patchday: Updates for Windows 7/Server 2008 R2 (August 10, 2021)
Patchday: Windows 8.1/Server 2012-Updates (August 10, 2021)


Advertising

This entry was posted in Security, Update, Windows and tagged , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).