{"id":8213,"date":"2019-01-09T00:56:15","date_gmt":"2019-01-08T23:56:15","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=8213"},"modified":"2019-03-21T07:11:14","modified_gmt":"2019-03-21T06:11:14","slug":"patchday-updates-for-windows-7-8-1-server-jan-8-2019","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/01\/09\/patchday-updates-for-windows-7-8-1-server-jan-8-2019\/","title":{"rendered":"Patchday: Updates for Windows 7\/8.1\/Server Jan. 8, 2019"},"content":{"rendered":"<p>[<a href=\"https:\/\/www.borncity.com\/blog\/2019\/01\/09\/patchday-updates-fr-windows-7-8-1-server-8-jan-2019\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]On January 8, 2019, Microsoft released various (security) updates for Windows 7 SP1 and other updates for Windows 8.1 as well as the corresponding server versions. Here is an overview of these updates.<\/p>\n<p><!--more--><\/p>\n<h2>Updates for Windows 7\/Windows Server 2008 R2<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg04.met.vgwort.de\/na\/141b81e2c82a45819f87cdd58e64e6f0\" alt=\"\" width=\"1\" height=\"1\" \/>For Windows 7 SP1 and Windows Server 2008 R2 SP1, a rollup and a security-only update have been released. The update history for Windows 7 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4009469\" target=\"_blank\" rel=\"noopener noreferrer\">this Microsoft page<\/a>.<\/p>\n<h3>KB4480970 (Monthly Rollup) for Windows 7\/Windows Server 2008 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480970\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480970<\/a> (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains improvements and bug fixes that were already included in last month's update. The update addresses the following:<\/p>\n<ul>\n<li>Provides protections against an additional subclass of speculative execution side-channel vulnerability known as <a href=\"https:\/\/web.archive.org\/web\/20190118032455\/https:\/\/blogs.technet.microsoft.com\/srd\/2018\/05\/21\/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639\/\" target=\"_blank\" rel=\"noopener noreferrer\">Speculative Store Bypass<\/a> (CVE-2018-3639) for AMD-based computers. These protections aren't enabled by default. For Windows client (IT pro) guidance, follow the instructions in <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4073119\" target=\"_blank\" rel=\"noopener noreferrer\">KB4073119<\/a>. For Windows Server guidance, follow the instructions in <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4072698\" target=\"_blank\" rel=\"noopener noreferrer\">KB4072698<\/a>. Use these guidance documents to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).<\/li>\n<li>Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:<\/li>\n<li>\"New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.\"<\/li>\n<li>Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.<\/li>\n<\/ul>\n<p>This update is automatically downloaded and installed by Windows Update. The package is also available via <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB4480970\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a>. Installation requires that the latest SSU is already installed.<\/p>\n<blockquote><p>Note: The KB article again mentions that the update has the known problem for many months that the NIC (network interface controller) no longer works due to a missing third-party .inf file. A remedy is to reinstall the NIC via the device manager.<\/p><\/blockquote>\n<h3>KB4480960 (Security Only) for Windows 7\/Windows Server 2008 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480960\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480960<\/a> (Security-only update) is available for Windows 7 SP1 and Windows Server 2008 R2 SP1. The update addresses the same issues as the Monthly Quality Rollup Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480970\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480970<\/a>.<\/p>\n<p>The update is available via WSUS or in the <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB448096\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a>. If you install the update, you must first install the latest Servicing Stack Update (SSU, <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3177467\" target=\"_blank\" rel=\"noopener noreferrer\">KB3177467<\/a>). If you install the Security Only Update, you must also install <a href=\"https:\/\/support.microsoft.com\/en-sg\/help\/4480965\/cumulative-security-update-for-internet-explorer\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480965<\/a> for IE.<\/p>\n<h2>Updates for Windows 8.1\/Windows Server 2012 R2<\/h2>\n<p>For Windows 8.1 and Windows Server 2012 R2 a rollup and a security-only update have been released. The update history for Windows 8.1 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4009470\/windows-8-1-windows-server-2012-r2-update-history\" target=\"_blank\" rel=\"noopener noreferrer\">this Microsoft page<\/a>.<\/p>\n<h3>KB4480963 (Monthly Rollup) for Windows 8.1\/Server 2012 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480963\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480963<\/a> (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes that were included in the previous month's rollup. It also addresses the following issues.<\/p>\n<ul>\n<li>Provides protections against an additional subclass of speculative execution side-channel vulnerability known as <a href=\"https:\/\/web.archive.org\/web\/20190118032455\/https:\/\/blogs.technet.microsoft.com\/srd\/2018\/05\/21\/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639\/\" target=\"_blank\" rel=\"noopener noreferrer\">Speculative Store Bypass<\/a> (CVE-2018-3639) for AMD-based computers. These protections aren't enabled by default. For Windows client (IT pro) guidance, follow the instructions in <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4073119\" target=\"_blank\" rel=\"noopener noreferrer\">KB4073119<\/a>. For Windows Server guidance, follow the instructions in <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4072698\" target=\"_blank\" rel=\"noopener noreferrer\">KB4072698<\/a>. Use these guidance documents to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).<\/li>\n<li>Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:<\/li>\n<li>\"New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.\"<\/li>\n<li>Security updates to Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.<\/li>\n<\/ul>\n<p>This update is automatically downloaded and installed by Windows Update, but is also available from the <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB4480963\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a>. After you install this update, third-party applications may have difficulty authenticating hotspots. Microsoft is investigating this issue.<\/p>\n<h3>KB4480964 (Security-only update) for Windows 8.1\/Server 2012 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480964\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480964<\/a> (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses the same items as update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4480963\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480963<\/a> (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2).<\/p>\n<p>The update is available via WSUS or in the <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB4467703\">Microsoft Update Catalog<\/a>. According to Microsoft there are no known problems. If the Security Only Update is installed, <a href=\"https:\/\/support.microsoft.com\/en-sg\/help\/4480965\/cumulative-security-update-for-internet-explorer\" target=\"_blank\" rel=\"noopener noreferrer\">KB4480965<\/a> need also be installed for IE.<\/p>\n<p><strong>Similar articles:<br \/>\n<\/strong><a href=\"https:\/\/borncity.com\/win\/2019\/01\/04\/microsoft-office-patchday-january-2-2019\/\">Microsoft Office Patchday (January 2, 2019)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/01\/05\/office-2010-updates-for-january-2019-has-been-pulled\/\">Office 2010 Updates for January 2019 has been pulled<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/01\/09\/microsoft-security-update-summary-january-8-2019\/\">Microsoft Security Update Summary (January 8, 2019)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/01\/09\/patchday-updates-for-windows-7-8-1-server-jan-8-2019\/\">Patchday: Updates for Windows 7\/8.1\/Server Jan. 8, 2019<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]On January 8, 2019, Microsoft released various (security) updates for Windows 7 SP1 and other updates for Windows 8.1 as well as the corresponding server versions. Here is an overview of these updates.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,22,2],"tags":[1775,1774,1772,1771,3,195,17,23,159],"class_list":["post-8213","post","type-post","status-publish","format-standard","hentry","category-security","category-update","category-windows","tag-kb4480960","tag-kb4480963","tag-kb4480964","tag-kb4480970","tag-patchday","tag-update","tag-windows-7","tag-windows-8-1","tag-windows-server"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/8213","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=8213"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/8213\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=8213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=8213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=8213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}