(http://i.postimg.cc/Y9p4B5MQ/win10patchtuesday-1050x600.png)
Windows 7 and Windows 8.1 remains supported, at least for now, which means Microsoft has also released a number of security updates and other fixes for the older operating systems.
For users on Windows 7 SP1 or Windows Server 2008 R2 SP1, Microsoft is pushing out KB4493472 (http://support.microsoft.com/en-us/help/4493472/windows-7-update-kb4493472) with the following fixes and improvements:
■ Provides protection against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers. These protections are enabled by default for the Windows Client but disabled by default for Windows Server. For Windows Client (IT Pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable or disable these mitigations for VIA-based computers.
■ Addresses an issue that causes the error “0x3B_c0000005_win32k!vSetPointer” when the kernel mode driver, win32k.sys accesses an invalid memory location.
■ Addresses an issue in which netdom.exe fails to run, and the error, “The command failed to complete successfully” appears.
■ Addresses an issue that may prevent Custom URI Schemes for Application Protocol handlers from starting the corresponding application for local intranet and trusted sites on Internet Explorer.
■ Addresses an issue that may cause authentication issues for Internet Explorer 11 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logins.
■ Security updates to Windows Kernel, Windows Server, Graphics Component, Windows Input and Composition, Windows Datacenter Networking, Windows MSXML, and the Microsoft JET Database Engine.
It also comes with the following fixes:
(http://i.postimg.cc/MHx9SrNR/Capture.png)
You can manually download it here (http://www.catalog.update.microsoft.com/Search.aspx?q=KB4493472).
If you prefer the security-only update (KB4493448 (http://support.microsoft.com/en-us/help/4493448/windows-7-update-kb4493448)), that brings:
■ Provides protection against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers. These protections are enabled by default for the Windows Client but disabled by default for Windows Server. For Windows Client (IT Pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable or disable these mitigations for VIA-based computers.
■ Addresses an issue in which netdom.exe fails to run, and the error, “The command failed to complete successfully” appears.
■ Addresses an issue that may cause authentication issues for Internet Explorer 11 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logins.
■ Security updates to Windows Kernel, Windows Server, Graphics Component, Windows Input and Composition, Windows Datacenter Networking, Windows MSXML, and the Microsoft JET Database Engine.
You can manually download it here (http://www.catalog.update.microsoft.com/Search.aspx?q=KB4493448).
Users on Windows 8.1 and Windows Server 2012 R2, are getting KB4493446 (http://support.microsoft.com/en-us/help/4493446/windows-8-1-update-kb4493446) which brings the following fixes and improvements:
■ Provides protection against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers. These protections are enabled by default for the Windows Client but disabled by default for Windows Server. For Windows Client (IT Pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable or disable these mitigations for VIA-based computers.
■ Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
■ Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
■ Addresses an issue with Custom URI Schemes for Application Protocol handlers, which may not start the corresponding application for local intranet and trusted sites on Internet Explorer.
■ Addresses an issue that may cause authentication issues for Internet Explorer 11 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logins.
■ Security updates to Windows Storage and Filesystems, Windows Server, Microsoft Graphics Component, Windows Input and Composition, Windows Datacenter Networking, Windows Kernel, Windows MSXML, Windows SQL components, and the Microsoft JET Database Engine.
This update also has one known issue:
(http://i.postimg.cc/sf4rhFVk/1.png)
(http://i.postimg.cc/9FQvwrg9/2.png)
You can manually download it here (http://www.catalog.update.microsoft.com/Search.aspx?q=KB4493446).
If you prefer the security-only update (KB4493467 (http://support.microsoft.com/en-us/help/4493467/windows-8-1-update-kb4493467)) that brings:
■ Provides protection against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers. These protections are enabled by default for the Windows Client but disabled by default for Windows Server. For Windows Client (IT Pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable or disable these mitigations for VIA-based computers.
■ Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
■ Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
■ Addresses an issue that may cause authentication issues for Internet Explorer 11 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logins.
■ Security updates to Windows Storage and Filesystems, Windows Server, Microsoft Graphics Component, Windows Input and Composition, Windows Datacenter Networking, Windows Kernel, Windows MSXML, Windows SQL components, and the Microsoft JET Database Engine.
It has the same issues as the full cumulative update. You can manually download it here (http://www.catalog.update.microsoft.com/Search.aspx?q=KB4493467).
For those on Windows Server 2012 Microsoft is pushing out KB4493451 (http://support.microsoft.com/en-us/help/4493451/windows-server-2012-update-kb4493451) with the following fixes and improvements:
■ Addresses an issue that causes the error “0x3B_c0000005_win32k!vSetPointer” when the kernel mode driver, win32k.sys accesses an invalid memory location.
■ Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
■ Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
■ Addresses an issue that may cause authentication issues for Internet Explorer 10 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logins.
■ Addresses an issue that may prevent Custom URI Schemes for Application Protocol handlers from starting the corresponding application for local intranet and trusted sites on Internet Explorer.
■ Security updates to Windows Storage and Filesystems, Windows Server, Microsoft Graphics Component, Windows Input and Composition, Windows Datacenter Networking, Windows Kernel, Windows MSXML, and the Microsoft JET Database Engine.
You can manually download it here (http://www.catalog.update.microsoft.com/Search.aspx?q=KB4493451).
If you prefer the security-only update (KB4493450 (http://support.microsoft.com/en-us/help/4493450/windows-server-2012-update-kb4493450)) that brings the following fixes and improvements:
■ Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
■ Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
■ Addresses an issue that may cause authentication issues for Internet Explorer 10 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal logins logons.
■ Security updates to Windows Storage and Filesystems, Windows Server, Microsoft Graphics Component, Windows Input and Composition, Windows Datacenter Networking, Windows Kernel, Windows MSXML, and the Microsoft JET Database Engine.
The Windows Server 2012 updates have the same known issue as the Windows 8.1 updates. You can manually download it here (http://www.catalog.update.microsoft.com/Search.aspx?q=KB4493450).
source (http://mspoweruser.com/patch-tuesday-for-windows-7-and-8-1-brings-a-number-of-security-fixes-changelog/)