Author Topic: Here’s what Patch Tuesday fixed in Windows 7 and 8.1 (changelog)  (Read 117 times)

Offline javajolt

  • Administrator
  • Hero Member
  • *****
  • Posts: 35125
  • Gender: Male
  • I Do Windows
    • windows10newsinfo.com
Microsoft did not just push out updates for Windows 10 and Windows Mobile yesterday, but also for the hundreds of millions of users still on Windows 7 and of course the much smaller number on Windows 8.1

For those users, here’s what’s been fixed and possibly broken by the update:

Those on Windows 7 SP1 and Windows Server 2008 R2 SP1 are getting KB4343900, which contains the following fixes:

• Provides protection against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)

• Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).

• Provides protection against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 32-Bit (x86) versions of Windows.



The security-only update is KB4343899 (with no known issues) can be downloaded here. The full version can be manually downloaded here.

Microsoft is also pushing out KB4343898  to Windows 8.1 or Windows Server 2012 R2, which brings:

Quote
• Provides protection against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS Editions.)

• Ensures that Internet Explorer and Microsoft Edge support the preload=”none” tag.

• Addresses an issue that may prevent your device from starting up properly if you install KB3033055 (released September 2015) after installing any Monthly Rollup dated November 2017 or later.

A version with just security updates can be downloaded here or the full KB4343898 can be downloaded here.

For Windows Server 2012 (not R2), Microsoft is sending out KB4343901, which brings:

Quote
• Provides protection against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Server guidance KB article. (These registry settings are disabled by default for Windows Server OS editions.)

• Provides protection against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 32-Bit (x86) versions of Windows.

The security-only update is KB4343896 can be manually downloaded here. The full update can be manually downloaded here.

source