{"id":5321,"date":"2018-03-31T00:07:00","date_gmt":"2018-03-30T22:07:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=5321"},"modified":"2021-11-30T06:58:47","modified_gmt":"2021-11-30T05:58:47","slug":"update-kb4100480-for-windows-7-server-2008-r2-03-29-2018","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2018\/03\/31\/update-kb4100480-for-windows-7-server-2008-r2-03-29-2018\/","title":{"rendered":"Update KB4100480 for Windows 7\/Server 2008 R2 (03\/29\/2018)"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/02\/Update.jpg\" align=\"left\">[<a href=\"https:\/\/www.borncity.com\/blog\/2018\/03\/30\/windows-7-server-2008-r2-update-kb4100480-29-3-2018\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]Microsoft released an out of band security update KB4100480 for Windows 7, Windows Server 2008 R2 and the embedded version of Windows 7 on March 29, 2018. <\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/ssl-vg03.met.vgwort.de\/na\/a47c26fef4804f4b8e1f952408f08e95\" width=\"1\" height=\"1\">Update KB4100480 is a Windows kernel update that closes the CVE-2018-1038 vulnerability. This update fixes an Elevation of Privilege vulnerability in the Windows kernel of the 64-bit (x64) version of Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1.<\/p>\n<h2>Fix for CVE-2018-1038 <\/h2>\n<p>This vulnerability is documented in <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/CVE-2018-1038\" target=\"_blank\" rel=\"noopener\">CVE-2018-1038<\/a>. Users must apply this update to be fully protected against this vulnerability if their computers were updated in January 2018 or later by applying any of the following updates.<\/p>\n<ul>\n<li>4056897 January 3, 2018\u2014KB4056897 (Security-only update)\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4056894\/windows-7-update-kb4056894\" target=\"_blank\" rel=\"noopener\">4056894<\/a> January 4, 2018\u2014KB4056894 (Monthly Rollup)\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4073578\/unbootable-state-for-amd-devices-in-windows-7-sp1-windows-server-2008 target=\" _blank??>4073578<\/a> Unbootable state for AMD devices in Windows 7 SP1 and Windows Server 2008 R2 SP1\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4057400\/windows-7-update-kb4057400\" target=\"_blank\" rel=\"noopener\">4057400<\/a> January 19, 2018\u2014KB4057400 (Preview of Monthly Rollup)\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4074598\/windows-7-update-kb4074598\" target=\"_blank\" rel=\"noopener\">4074598<\/a> February 13, 2018\u2014KB4074598 (Monthly Rollup)\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4074587\/windows-7-update-kb4074587\" target=\"_blank\" rel=\"noopener\">4074587<\/a> February 13, 2018\u2014KB4074587 (Security-only update)\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4075211\/windows-7-update-kb4075211\" target=\"_blank\" rel=\"noopener\">4075211<\/a> February 22, 2018\u2014KB4075211 (Preview of Monthly Rollup)\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4091290\/march-1-2018-kb4091290\" target=\"_blank\" rel=\"noopener\">4091290<\/a> March 1, 2018\u2014KB4091290\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4088875\/windows-7-update-kb4088875\" target=\"_blank\" rel=\"noopener\">4088875<\/a> March 13, 2018\u2014KB4088875 (Monthly Rollup)\n<li>4088878 March 13, 2018\u2014KB4088878 (Security-only update)\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4088881\/windows-7-update-kb4088881\" target=\"_blank\" rel=\"noopener\">4088881<\/a> March 23, 2018\u2014KB4088881 (Preview of Monthly Rollup) <\/li>\n<\/ul>\n<p>The patch is rolled out via Windows Update and WSUS, but is also available for download in the <a href=\"http:\/\/www.catalog.update.microsoft.com\/Search.aspx?q=KB4100480\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a>. Microsoft says there are no known problems. I got feedback from German blog readers, who claiming a delayed boot of machines and broken network connections.<\/p>\n<h2>Microsoft sends out security warning<\/h2>\n<p>Microsoft has sent out the following security warning for the update.<\/p>\n<blockquote>\n<p>The following CVE has been added to the March 2018 Security Updates:  <\/p>\n<p>* CVE-2018-1038 <br \/>Revision Information:<br \/>&#8211; <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\" target=\"_blank\" rel=\"noopener\">https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/a> <br \/>&#8211; Version: 1.0 <br \/>&#8211; Reason for Revision: Information published. <br \/>&#8211; Originally posted: March 29, 2018 <br \/>&#8211; Updated: N\/A &#8211; Aggregate CVE Severity Rating: Important<\/p>\n<\/blockquote>\n<h2>2nd fix for TotalMeltdown<\/h2>\n<p>January\/February patches released to close the meltdown vulnerability had led to an even larger vulnerability (see <a href=\"https:\/\/borncity.com\/win\/2018\/03\/28\/windows-7-jan-feb-2018-patches-opens-total-meltdown-vulnerability\/\">Windows 7 Jan.\/Feb. 2018 patches opens Total Meltdown vulnerability<\/a>). This should be fixed with the March update. On Twitter Ulf Frisk announces that this update fixes the TotalMeltdown bug:<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"de\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/TotalMeltdown?src=hash&amp;ref_src=twsrc%5Etfw\">#TotalMeltdown<\/a> OOB patches available now! No longer ZERO-DAY! APPLY PATCHES NOW! (Win7\/2008R2) CVE-2018-1038 . Awesome turnaround time and support from <a href=\"https:\/\/twitter.com\/msftsecresponse?ref_src=twsrc%5Etfw\">@msftsecresponse<\/a>! Super impressive work given the time frame!<a href=\"https:\/\/t.co\/TcVVMBDEPl\">https:\/\/t.co\/TcVVMBDEPl<\/a> <a href=\"https:\/\/t.co\/n0FpD8nP5X\">pic.twitter.com\/n0FpD8nP5X<\/a><\/p>\n<p>\u2014 Ulf Frisk (@UlfFrisk) <a href=\"https:\/\/twitter.com\/UlfFrisk\/status\/979470561964449794?ref_src=twsrc%5Etfw\">29. M\u00e4rz 2018<\/a><\/p><\/blockquote>\n<p><span id=\"preservef31dad1984d942f2810dc8dfe50a94a3\" class=\"wlWriterPreserve\"><SCRIPT charset=\"utf-8\" src=\"https:\/\/platform.twitter.com\/widgets.js\" async><\/SCRIPT><\/span> <\/p>\n<p>Ulf Frisk wrote in an addendum to his <a href=\"http:\/\/blog.frizk.net\/2018\/03\/total-meltdown.html\" target=\"_blank\" rel=\"noopener\">blog post<\/a>:<\/p>\n<blockquote>\n<p>2018-03-28: Found out that the March patches only partially resolved the vulnerability. Contacted MSRC again<\/p>\n<p>2018-03-29: <a href=\"https:\/\/web.archive.org\/web\/20201101182603\/https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-1038\" target=\"_blank\" rel=\"noopener\">OOB security update<\/a> released by Microsoft. <a href=\"https:\/\/web.archive.org\/web\/20201101182603\/https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-1038\" target=\"_blank\" rel=\"noopener\">CVE-2018-1038<\/a>. Apply immediately if affected!.<\/p>\n<\/blockquote>\n<h2>Shall I install this update?<\/h2>\n<p>Ulf Frisk recommends to install this update, and I would say: The update should be installed promptly to close the zero-day vulnerability. But I suggest to create a system image backup before you install the update. If you have problems, you can uninstall the update from the Control Panel. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Microsoft released an out of band security update KB4100480 for Windows 7, Windows Server 2008 R2 and the embedded version of Windows 7 on March 29, 2018.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,22,2],"tags":[1347,195,194],"class_list":["post-5321","post","type-post","status-publish","format-standard","hentry","category-security","category-update","category-windows","tag-kb4100480","tag-update","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/5321","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=5321"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/5321\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=5321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=5321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=5321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}