Patch Tuesday: Here's what's new for Windows 7 and Windows 8.1

Today is the second Tuesday of the month, which means that it is time for Patch Tuesday. While all versions of Windows 10 (excluding version 1511, the first feature update) received cumulative updates today, older versions of Windows such as Windows 7 and 8.1 too received updates.

To start off, if you’re running Windows 7 or Windows Server 2008 R2 SP1, you should receive monthly rollup KB4516065. The update also contains fixes from KB4512514. You can also download the update manually from here. The list of improvements and fixes in this update include:

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows (CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130). Use the registry settings as described in the Windows Client and Windows Server articles. (These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions.)
  • Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Fundamentals, Windows Kernel, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, the Microsoft JET Database Engine, Windows Server, and the Microsoft Scripting Engine.

However, there is one known issue in this update:

Symptom

Workaround

VBScript in Internet Explorer 11 should be disabled by default after installing KB4507437 (Preview of Monthly Rollup) or KB4511872 (Internet Explorer Cumulative Update) and later. However, in some circumstances, VBScript may not be disabled as intended.

To mitigate this issue, follow these steps:

  1. In Internet Explorer 11 select the Tools icon or press and hold the alt key on your keyboard and press the letter x to see the menu.
  2. Select Internet Options.
  3. Select the Security tab.
  4. Select the Internet icon in the Select a zone to view or change security settings field.
  5. Select the Default Level button.
  6. Select the Ok button to accept settings and close the dialog.
  7. Close Internet Explorer 11. On the next start, VBScript will be disabled.

We are working on a resolution and will provide an update in an upcoming release.


The security-only update, KB4516033, brings with it the same improvements and fixes and can be downloaded manually from here. This update, as usual, is not available through Windows Update and needs to be installed manually. The company notes that users check that they have installed the updates listed in the ‘recommended updates’ area of the “How to get this update’ section before installing these patches for Windows 7.

Next up, those on Windows 8.1 or Windows Server 2012 R2 should receive monthly rollup KB4516067, which can also be downloaded manually from here. The fixes and improvements for this update include:

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows (CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130). Use the registry settings as described in the Windows Client and Windows Server articles. (These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions.)
  • Security updates to the Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Kernel, Windows Input and Composition, Windows Media, Windows Fundamentals, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, the Microsoft JET Database Engine, and Windows Server.

This update also has one known issue that users might want to check out before updating:

Symptom

Workaround

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

Microsoft is working on a resolution and will provide an update in an upcoming release.


The security-only update for these versions, KB4516064, brings with it almost all the fixes and improvements from the monthly rollup and can be downloaded manually from here.

Report a problem with article
1564582302_20h1v3-5
Next Article

Microsoft releases Windows Server Insider Preview build 18975

wikipedia_logo
Previous Article

Wikimedia announces reception of $2.5 million donation after DDOS attack on Wikipedia

11 Comments - Add comment

Advertisement