Today is the second Tuesday of the month, which can only mean one thing: it's Patch Tuesday, a monthly holiday for us nerds that love to update our PCs. While Microsoft released updates for all versions of Windows 10, it also releases updates for older versions of the OS, like Windows 7, Windows 8.1, Windows Server 2008, and Windows Server 2012.
First up, if you're on Windows 8.1 or Windows Server 2012 R2, you'll get KB4343898, which is this month's monthly rollup. You can manually download it here, and it contains the following fixes:
Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS Editions.)
Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
Addresses an issue that may prevent your device from starting up properly if you install KB3033055 (released September 2015) after installing any Monthly Rollup dated November 2017 or later.
As usual, there's a security-only update that you can install instead. KB4343888 can be manually downloaded here.
If you're on Windows Server 2012 (not R2), you'll get KB4343901, which can be manually downloaded here. It contains the following fixes:
Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Server guidance KB article. (These registry settings are disabled by default for Windows Server OS editions.)
Provides protections against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 32-Bit (x86) versions of Windows.
The security-only update is KB4343896, which can be manually downloaded here.
Finally, those on Windows 7 SP1 and Windows Server 2008 R2 SP1 will get KB4343900, which can be manually downloaded here. It contains the following fixes:
Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
Provides protections against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 32-Bit (x86) versions of Windows.
There's also a known issue to be aware of on this one:
| Symptom | Workaround |
|---|---|
| There is an issue with Windows and third-party software that is related to a missing file (oem<number>.inf). Because of this issue, after you apply this update, the network interface controller will stop working. |
|
The security-only update is KB4343899, and you can grab that here. There are no known issues with that one.
8 Comments - Add comment