Patch Tuesday: Here's what's new for Windows 7 and 8.1
نوشته شده توسط : ashley

Today is Patch Tuesday, rogues Tuesday of a month, when Microsoft releases updates for a lot of supported versions of Windows. Using various cumulative updates for Windows 10, older versions got patched , too.

If you're concerning the oldest supported form of Windows, Windows 7 SP1 (or Windows Server 2008 R2 SP1), you will KB4338818. You can manually download it here, it contains the following fixes:

Provides protections for another person vulnerability involving side-channel speculative execution better-known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 64-Bit (x64) versions of Windows.

Updates Internet Explorer's Inspect Element feature to evolve to the policy that disables the launch of Developer Tools.

Addresses a major issue where DNS requests disregard proxy configurations in Traveler and Microsoft Edge.

Security updates to Internet Explorer, Windows apps, Windows graphics, Windows Shell, Windows datacenter networking, Windows wireless networking, and Windows virtualization.

Gleam known issue to consider:

Symptom

Workaround

There is an issue with Windows and third-party software related to a missing file (oem.inf). Because of this issue, after you apply this update, the network interface controller will stop working.
  1. To locate the network device, launch devmgmt.msc; it may appear under Other Devices.
  2. To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu.
    a. Alternatively, install the drivers for the network device by right-clicking the device and selecting Update. Then select Search automatically for updated driver software or Browse my computer for driver software.

There's also a security-only update, KB4338823, consisting of a subset about the fixes. That update does not contain any known issues.

In the event you're on Windows 8.1 or Windows Server 2012 R2, you will KB4338815. And it has the foregoing fixes:

Provides protections from a new subclass of speculative execution side-channel vulnerability also known as Speculative Store Bypass (CVE-2018-3639). These protections aren't enabled automatically. For Windows client (IT pro) guidance, refer to the instructions in KB4073119. For Windows Server guidance, refer to the manual in KB4072698. Make use of guidance document permit mitigations for Speculative Store Bypass (CVE-2018-3639) may be regularly mitigations that have had been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).

Provides support to **cr** regulate usage of Indirect Branch Prediction Barrier (IBPB) on some AMD processors (CPUs) for mitigating CVE-2017-5715, Spectre Variant 2 when switching from user context to kernel context. (See AMD Architecture Guidelines for Indirect Branch Control and AMD Security Updates for more information). For Windows client (IT pro) guidance, refer to the instructions in KB4073119. Make use guidance document help IBPB on some AMD processors (CPUs) for mitigating Spectre Variant 2 when switching from user context to kernel context.

Provides protections for the next vulnerability involving side-channel speculative execution named Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 64-Bit (x64) versions of Windows.

Updates Internet Explorer's Inspect Element feature to conform to the policy that disables the launch of Developer Tools.

Addresses problems where DNS requests disregard proxy configurations in Industry and Microsoft Edge.

Addresses an issue that causes a button to stop working following the user switches between local and remote sessions.

Security updates to Internet Explorer, Windows apps, Windows graphics, Windows Shell, Windows datacenter networking, Windows virtualization, and Windows kernel.

The security-only update is KB4338824. Neither belonging to the updates have a known issues.

Finally, those found on Windows Server 2012 is certain to get KB4338830, it contains the examples below fixes:

Provides protections from an extra subclass of speculative execution side-channel vulnerability described as Speculative Store Bypass (CVE-2018-3639). These protections aren't enabled automatically. For Windows client (IT pro) guidance, refer to the instructions in KB4073119. For Windows Server guidance, refer to the manual in KB4072698. Of one's guidance document equip mitigations for Speculative Store Bypass (CVE-2018-3639) for a few mitigations that have happen to be released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).

Provides support to manage usage of Indirect Branch Prediction Barrier (IBPB) on some AMD processors (CPUs) for mitigating CVE-2017-5715, Spectre Variant 2 when switching from user context to kernel context. (See AMD Architecture Guidelines for Indirect Branch Control and AMD Security Updates for more details). For Windows client (IT pro) guidance, refer to the manual in KB4073119. Utilize guidance document to enable IBPB on some AMD processors (CPUs) for mitigating Spectre Variant 2 when switching from user context to kernel context.

Provides protections other activities vulnerability involving side-channel speculative execution typically known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 64-Bit (x64) versions of Windows.

Security updates to Windows apps, Windows graphics, Windows datacenter networking, Windows virtualization, and Windows kernel.

The security-only update is KB4338820. Neither update for Windows Server 2012 has any known issues.





:: بازدید از این مطلب : 861
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : چهار شنبه 27 تير 1397 | نظرات ()
مطالب مرتبط با این پست
لیست
می توانید دیدگاه خود را بنویسید


نام
آدرس ایمیل
وب سایت/بلاگ
:) :( ;) :D
;)) :X :? :P
:* =(( :O };-
:B /:) =DD :S
-) :-(( :-| :-))
نظر خصوصی

 کد را وارد نمایید:

آپلود عکس دلخواه: