News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – new update for Windows 7 KB 4100480

    Posted on Susan Bradley Comment on the AskWoody Lounge

    Home Forums AskWoody blog Patch Lady – new update for Windows 7 KB 4100480

    Viewing 38 reply threads
    • Author
      Posts
      • #179097 Reply
        Susan Bradley
        AskWoody MVP

        Just sync’d up to my WSUS server is KB4100480.  Based on trying to follow the KB I can’t tell if this fixes the Spectre/Meltdown fix that introduced n
        [See the full post at: Patch Lady – new update for Windows 7 KB 4100480]

        Susan Bradley Patch Lady

        10 users thanked author for this post.
      • #179108 Reply
        MrBrian
        AskWoody_MVP

        Tweet from Total Meltdown vulnerability discoverer Ulf Frisk: “#TotalMeltdown OOB patches available now! No longer ZERO-DAY! APPLY PATCHES NOW! (Win7/2008R2) CVE-2018-1038 . Awesome turnaround time and support from @msftsecresponse! Super impressive work given the time frame! […]”

        1 user thanked author for this post.
        • #179111 Reply
          woody
          Da Boss

          Yep. Yesterday, Ulf said the original holes were plugged in the March Monthly Rollup. Now he says that they’re patched in this new security patch. And the new security patch says that it’s necessary if you installed the March Monthly Rollup because the Total Meltdown bug was introduced in the March Monthly Rollup.

          They also released it on Thursday afternoon, before many people are headed out for a three day weekend.

          This is ridiculous. I need a drink.

          10 users thanked author for this post.
        • #179115 Reply
          satrow
          AskWoody MVP

          “This update addresses an elevation of privilege vulnerability in the Windows kernel in the 64-Bit (x64) version of Windows. This vulnerability is documented in CVE-2018-1038. Users must apply this update to be fully protected against this vulnerability if their computers were updated in or after January 2018 by applying any of the following updates.”

          So does this patch also contain a patch for the original issue,or is it just a patch for the previous 11 patches?

          4 users thanked author for this post.
      • #179106 Reply
        anonymous
        Guest

        Ah, yeah… we’ve produced at least 11 botched up hotfixes in a row which made a gaping security hole out of a theoretical exploit, the most recent of them not even one week old yet, but 12th time’s the charm… absolutely trust us.

        5 users thanked author for this post.
      • #179116 Reply
        MrBrian
        AskWoody_MVP

        CVE-2018-1038 acknowledges Ulf Frisk.

        4 users thanked author for this post.
      • #179124 Reply
        woody
        Da Boss

        Kevin Beaumont explains:

        No, [this patch is] purely for that [“Total Meltdown”] security issue. I agree it’s not great, they have some really big stability issues in March update and this fix also brings those, while trying to fix a new issue introduced in January. So orgs are left having to roll known bad update again.

        Man. I hope it works.

        4 users thanked author for this post.
        • #179167 Reply
          T
          AskWoody Plus

          I want it confirmed if this fix really does introduce all the known issues from the march update because if it does then why is it ticked in windows update? The march rollup is unticked for some and not showing at all for others because of these quite serious flaws, yet this one is good to go? It makes no sense but nothing does these last few days.

          • #179187 Reply
            MrBrian
            AskWoody_MVP

            KB4100480 might have some of the issues present in the Windows 7 March 2018 Windows monthly rollup.

            1 user thanked author for this post.
      • #179125 Reply
        MrBrian
        AskWoody_MVP

        Separately, updates were also released today for “Stop error 0xAB when you log off a session.”

        2 users thanked author for this post.
      • #179132 Reply
        David F
        AskWoody Plus

        I think it’s fair to say that Microsoft are the problem, not the solution

        2 users thanked author for this post.
      • #179140 Reply
        anonymous
        Guest

        For Group B: should we uninstall the Jan and Feb security-only updates and not install the Mar security-only update. I am not sure by the description if KB4100480 replaces them, or not?

        • #179165 Reply
          T
          AskWoody Plus

          As far as i can tell (and it’s increasingly difficult to follow this mess), KB4100480 is only a fix for the flaw microsoft themselves introduced in the january, february and march updates. The so called “total meltdown” flaw. I don’t believe it includes any of march’s security patches but i may be wrong.

          edit: According to kevin beaumont’s tweet further up this fix brings with it all the flaws with the march update as well… i have a headache.

          2 users thanked author for this post.
        • #179188 Reply
          MrBrian
          AskWoody_MVP

          I wouldn’t expect that KB4100480 can be considered a replacement for any of the Windows security-only updates.

          3 users thanked author for this post.
      • #179158 Reply
        alpha128
        AskWoody Plus

        I just checked for updates and now my Windows Update resembles Susan’s screenshot, with three entries: KB4088875 (unchecked), KB4100480 (checked) and KB890830 (checked).

        Anxiously awaiting Woody’s guidance for navigating this minefield.

        P.S. I love the new faster server!

        2 users thanked author for this post.
        • #179355 Reply
          Bill C.
          AskWoody Plus

          I still only see the February rollup and the March Preview. I only saw KB4088875 once as checked, and then it was gone (and not hidden or installed), and KB4100480 does not appear, period, no matter if I hide the preview or not.

          Maybe it is because my PCI.SYS is version 6.1.7601.17514 dated 11/20/2010. WHo knows…

      • #179159 Reply
        anonymous
        Guest

        ohhhh!  I’m so confused.  Is it right to say I shouldn’t install “8875”  “8881”

        • #179389 Reply
          SueW
          AskWoody Plus

          Please don’t be so confused.  Just wait until Woody gives the go-ahead — MS-DEFCON 3 (or 4 or 5) — along with the link to his latest ComputerWorld article detailing his instructions.

          Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

          3 users thanked author for this post.
      • #179201 Reply
        James Bond 007
        AskWoody Lounger

        I would assume that this new emergency security update KB4100480, which was supposed to fix the Total Meltdown flaw introduced during Microsoft’s misguided attempts to fix the Meltdown flaw, does not correct the problems in the March 2018 security updates.

        Therefore I still stand my previous decision. I shall restore the December 2017 system images back onto my systems running Windows 7, and I shall stop patching them until I am satisfied that this mess has been resolved. If the mess is not resolved in the future then I shall just continue to run Windows 7 on the December 2017 patch level, and leave it at that. By doing this I also will not suffer any performance degradation brought by the Meltdown “fixes”.

        P.S. One of the above “anonymous” messages was posted by me. I have forgotten to login before I post. Please feel free to remove it.

        Hope for the best. Prepare for the worst.

        2 users thanked author for this post.
      • #179169 Reply
        anonymous
        Guest

        Just received – and read – this: Total Meltdown: How Microsoft’s Meltdown patch created an even bigger flaw for hackers

        The vulnerability affects Windows 7 and Windows Server 2008 R2, and gives complete memory access to hackers.

        By James Sanders | March 28, 2018

      • #179170 Reply
        anonymous
        Guest

        So it’s clearly a 64-bit only issue, in which case doesn’t affect me, being on 32-bit. Is it confirmed that the vulnerability itself was introduced on 64-bit only though? Or is it just that us on 32-bit aren’t getting the patch?

        As for the other one for the BSOD when you log off, I wonder if rebooting to install it counts as logging off, in which case how would one install it successfully? But maybe it doesn’t count and it’s only in case of simply logging off, not rebooting?

        — Cavalary

        1 user thanked author for this post.
      • #179210 Reply
        Pierre77
        AskWoody Plus

        So where do I stand? All I have is KB4100480 and 3 updates for Office 2010 as Important and KB4088881 shown as Optional. The latter is Preview for month March 2018. This is on my desktop.

        On my laptop which does not have Office it show KB4100480 as Important and KB4088881 as Optional (Preview for March 2018).

        Now scratching my head. Happy Easter from ‘Down Under”!

      • #179194 Reply
        anonymous
        Guest

        I am a group B installer and I will install this update now. Losing confidence in MS….

      • #179199 Reply
        anonymous
        Guest

        I would assume this emergency security update KB4100480, which was supposed to fix the Total Meltdown flaw introduced during Microsoft’s misguided attempts to fix the Meltdown flaw, does not correct the problems introduced by the March 2018 security updates.

        Therefore, I still stand by my previous decision. I will restore the December 2017 system images back on my systems running Windows 7, and I will stop patching them until I am satisfied that the mess has been resolved. If the mess is not resolved in the future, then I should just continue to run Windows 7 on the December 2017 patch level, and leave it at that. By doing that, I will also not suffer any performance degradations from the Meltdown patch.

        • #179229 Reply
          anonymous
          Guest

          I have installed all the Group B updates and I can’t detect any performance differences.

          The catch 22 is that if there are any performance degradations, then you are probably more secure.

          To me the Meltdown exploit is the nasty one and I would like to surf the web without protection, but it is all about risk ratings.

      • #179324 Reply
        mobartz
        AskWoody Lounger

        OK, this is frustrating.  I think their WSUS detection is botched.  I’ve approved KB4100480 for Win7 x64 and Server 2008R2.  It’s definitely been downloaded.  Three test Win 7 systems and a 2008R2 server check for updates and find zero.  But if I download KB4100480 from the catalog and run the .msu file manually, they install.

         

        So, if someone wants to protect their Windows 7 clients, the usual WSUS method provides no help.  Hopefully they will reissue with fixed detection soon.

        2 users thanked author for this post.
        • #179365 Reply
          anonymous
          Guest

          We’re seeing similar issues with out WSUS environment.  Of approximately 200 Win2008R2 systems all of which have installed more than at least one of the qualifying Jan-Mar updates only 18 are showing that KB4100480 is applicable.  On top of that, since we do utilize WSUS, nearly all of those 200 systems are patched identically.

          And there is a similar story with the Win7x64 systems.

          Something is fishy in Redmond.

          Jim

          2 users thanked author for this post.
      • #179335 Reply
        geekdom
        AskWoody Plus

        I installed KB4100480 and rebooted the computer. The system booted without error. The patch appears not to have borked my system.

        G{ot backup} TestBeta
        offline▸ Win10Pro 1909.18363.959 x64 i3-3220 RAM8GB HDD Firefox79.0 Windows{Image/Defender/Firewall}
        online▸ Win10Pro 1909.18363.959 x64 i5-9400 RAM16GB HDD Firefox80.0b4 Windows{Image/Defender/Firewall}
        3 users thanked author for this post.
      • #179337 Reply
        MrJimPhelps
        AskWoody_MVP

        Trying to figure out all of this gives me as big of a headache as doing my taxes every year.

        Group "L" (Linux Mint)
        with Windows 8.1 running in a VM
        2 users thanked author for this post.
      • #179350 Reply
        vordonkular
        AskWoody Plus

        Strange.  I’m in “Group B” with two Windows 7 x64 PCs.  Windows Update is set to check for updates, but let me decide what to download.  I’ve already installed the March 2018 security-only patches and Office 2010, IE 11 security patches.

        However, I’ve run Windows Update multiple times last night and this morning and all it shows on both PCs are the two .NET updates that have been sitting there for more than a month.  No sign of KB 4100480.  I assume I could grab the file from the MS Update Catalog and manually update it.  I wonder if MS is staggering the release of this patch.  I’m in the Midwest.

      • #179380 Reply
        TheOwner
        AskWoody Lounger

        This update makes boot faster for me.

        1 user thanked author for this post.
      • #179391 Reply
        Demeter
        AskWoody Plus

        A couple of Microsoft Update queries. Spent the past 3-4 days reading through all the posts on the vulnerabilities opened by installing 2018-01 & 2018-02 the Win 7 Security Updates. Have just installed KB4100480 to rectify the vulnerabilities with no problems encountered on reboot. However, Update had 4 other updates ticked as “important”: KB4033342 .Net Framework 4.7.1, KB2952664 Win7 x64 update, 03-2018 Win Malware Removal Tool, ( I know what this is) and finally, Synaptics Mouse 8/16/2017, 19.0.19.63, this one I have been unchecking for months. Are they that important? Since we’re at DEFCON 2 I’m not doing anything at the moment

      • #179396 Reply
        MrBrian
        AskWoody_MVP

        I compared the contents of KB4088875 x64 vs. KB4100480. (All three Catalog downloads of KB4100480 are identical.) KB4100480 contains a subset of the files in KB4088875 x64, with the exception of these files, which have newer versions in KB4100480 than in KB4088875 x64:

        ntoskrnl.exe

        ntkrnlpa.exe

        This is broadly consistent with abbodi86’s analysis.

        Here is a list of the files in KB4100480, excluding some types of files that aren’t important for the purposes of this post.

        2 users thanked author for this post.
        • #179401 Reply
          T
          AskWoody Plus

          It makes sense that KB4100480 would contain newer files than KB4088875 but now i’m curious as to the effect of installing KB4100480 before installing KB4088875 which i presume a lot us are going to be doing. Wouldn’t that result in older files overwriting the newer files? Provided anyone even wants to install the march update at this point but i’m just wondering if it’d be better installing KB4088875 (or the rollup) and then installing KB4100480.

          • #179403 Reply
            PKCano
            Da Boss

            The supersedence associated with Windows updating will retain the correct (newer) files correctly.

            1 user thanked author for this post.
            T
          • #179404 Reply
            MrBrian
            AskWoody_MVP

            The Windows servicing system is “smart” enough to handle situations like these without doing things like overwriting newer files with older files.

            1 user thanked author for this post.
            T
      • #179435 Reply
        laidbacktokyo
        AskWoody Lounger

        Well, well, well… I assume applying of this KB4100480 out-of-band patch as a good compromise if you wanna get win7sp1x64 kernel update regarding the Meltdown protection (and maybe the Spectre one but not for older CPUs!) option enabled but yet don’t wanna apply all these messy rollup and/or preview of rollup massive patches of 2018, so I gave it a try install onto win7sp1x64ultimate laptop without any of 2018 massive patches installed despite of the direct request of M$ to apply this patch only next to any of listed 2018 patches install.

        1. 1st attempt of install took a real while then win7 boot just frozen/failed > then tried to repair win7 launch w/o restore and got no errors as all 0x0 > then got a luck to boot thru F8 in safe mode > then reboot to normal and found that this patch install failed with status 0x80070643 > then 2nd try was all normal & successful.

        2. After install of this patch the InSpectre utility https://www.grc.com/inspectre.htm now of its revision #7 showed up Meltdown protection GOOD, Spectre one NO (no surprise with older CPUID 10676) & Performance SLOWER.

        3. Naturally I don’t wanna any performance lost against this fuzzy & yet incomplete protection at least due to its Spectre component is yet missed so I’ve disabled Meltdown protection by InSpectre utility. As it’s well known such disabling simply adds 2 keys to win7 registry:

        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverride’ with value 2 or 3 (if disabled) or 0 or 1 (if enabled back) and DWORD ‘FeatureSettingsOverrideMask’ with always 3 value.

        By default this InSpectre utility now sets 1st key to 2 that differs from recommended by M$ value of 3 by default (at least for servers!) However this 2 value almost immediately returns me single entries of both 2 issues of dwm.exe as ‘The Desktop Window Manager has encountered a fatal error (0x8898009b)’ as well as the leftover of one of already closed application window in win7 taskbar. Please refer to my earlier report(s) here:

        Friday night patch dump: KB 4088881, a flawed Win7 Monthly Rollup preview and KB 4089187, an IE fix

        So I’ve manually changed this value to 3 and both issues seem gone.

        Anyhow, at the moment this patch is left installed  – at least for extra testing but likely as permanent deployment.

        Rgds,

        P.S. I guess I got a clear confirmation that both reported by me issues of 2018 are linked not to windows components’ updating like a graphics one but the Meltdown/Spectre protection deployment in particular (and likely its subsequent disabling in win7 registry!)

         

        P.P.S. Also I didn’t apply the advised by M$ .vbs registry patch concerning HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCI  at all!

        • #179647 Reply
          laidbacktokyo
          AskWoody Lounger

          UPDATE:

          Extra testing report:

          1. Unfortunately I found that after install of KB4100480 both mentioned issues yet more or less chaotically occur with any possible win7 registry setting concerning disabling/enabling Meltdown protection:

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverride’ value = 3 (disabled)

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverride’ value = 2 (disabled)

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverride’ value = 0 (enabled)

          and even in case when both keys in charge are non-existed/deleted, i.e. their default status after KB4100480 install.

          2. The best available combination of registry setting found to avoid dwm.exe errors in log is:

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverride’ value = 2 (Meltdowm protection disabled in default way of InSpectre#7 Utility)

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverrideMask’ value = 3

          plus another extra registry key created manually:

          HKEY_CURRENT_USER\Software\Microsoft\Windows\DWM\ DWORD UseMachineCheck with a value of 0

          However the above combination seems a pretty much fragile way of patching, especially when windows leftovers issue rarely but yet occurs in same chaotic way, so finally I’ve removed this KB4100480 from win7 with even more fragile hope for better patching fun in coming April.

          Rgds,

          2 users thanked author for this post.
      • #179439 Reply
        laidbacktokyo
        AskWoody Lounger

        Sorry it seems some little mess with posting here now.

        I’ve posted a pretty long message. Then it first appeared posted, then vanished after a minor editing, and now if I try to post it again there is a notice of duplicate posting.

        Please check for solution if any.

        Thanks.

        UPDATE: Thanks it’s resolved now!

        • #179441 Reply
          PKCano
          Da Boss

          If you submit/edit/submit in too rapid succession, your post gets caught in the spambucket. I have retrieved both copies and will delete one of them.

          Slow down between submit-edit-submit operations and let the system process the change. 🙂

          3 users thanked author for this post.
      • #179506 Reply
        anonymous
        Guest

        I installed KB4100480 today, and now the websites I use are no longer saving my login information.  Could this update affect auto login information or is this just a coincidence?

        Any ideas/suggestions would be appreciated.  I’m ‘technically-challenged’ and not  sure how to proceed.

        • #179519 Reply
          Pierre77
          AskWoody Plus

          I use lastpass to keep track of my passwords. The only problem I seem to be having is with I/E 11. It keeps crashing at the moment but then it comes good. My default browser though is Google Chrome and Firefox as a standby. No solution I can think of – maybe a complete system shutdown and power up (Cold start)?

      • #179627 Reply
        anonymous
        Guest

        Win 7 SP1 HE, Group B, Haven’t installed March 2018 updates yet. Just installed KB4100480 (Total Meltdown Patch). All seems well thus far. Plan to wait for Defcon 3 or higher before installing rest of March’s patches.

      • #179725 Reply
        T
        AskWoody Plus

        Could i just ask those who haven’t installed either the january or february monthly rollups through windows update, were you offered KB4100480 through update? I wasn’t offered this and after a confusing few minutes i realised it’s most likely due to not having any monthly rollups installed, particularly january and february so all i see currently are the february rollup, the demon child KB2952664 and the malicious software removal tool for march.

        1 user thanked author for this post.
        • #179783 Reply
          MrBrian
          AskWoody_MVP

          As a test, I installed the March 2018 Windows security-only update, but didn’t have any of the other 10 updates listed at https://support.microsoft.com/en-us/help/4100480/windows-kernel-update-for-cve-2018-1038 installed. I rebooted and checked for Windows updates. I didn’t see KB4100480 listed.

          1 user thanked author for this post.
          T
          • #179799 Reply
            DrBonzo
            AskWoody Plus

            The way I read the link in your post, you should have been offered KB4100480. Do you agree?

            I have the January and February security only patches installed but have never been offered KB 4100480 in Windows Update even though It seems like I should have.

            • #179820 Reply
              Pierre77
              AskWoody Plus

              Only received the update on 31 March and only by constantly checking for updates. FYI I am in Australia so my time is UTC +10.

            • #179825 Reply
              MrBrian
              AskWoody_MVP

              I think this behavior is not a Microsoft mistake because Microsoft doesn’t list the security-only updates themselves on Windows Update. Hopefully KB4100480 will be added to the Group B list of updates.

              • #179844 Reply
                DrBonzo
                AskWoody Plus

                I think you’re saying that even though the MS support page for KB4100480 says it is offered through Windows Update, that it may not, in fact, be offered through Windows Update to machines that haven’t installed Rollups?

              • #179847 Reply
                MrBrian
                AskWoody_MVP

                @DrBonzo: That is indeed what I meant to convey.

                1 user thanked author for this post.
              • #179941 Reply
                abbodi86
                AskWoody_MVP

                KB4100480 will be superseded by the next security-only update (April)

      • #179830 Reply
        MrBrian
        AskWoody_MVP
      • #179854 Reply
        MrBrian
        AskWoody_MVP

        This post discusses whether KB4100480 likely contains each issue in KB4088875. KB4100480 contains a subset of the files in KB4088875 x64, with the exception of these files.

        Of the issues listed in KB4088875, these issues probably aren’t present in KB4100480:

        “After you install this update, security settings in some organizations that are running Windows 7 SP1 or Windows Server 2008 R2 may prevent Internet Explorer 11 from starting because of an invalid SHA1 certificate.”

        Reason: Doesn’t contain files related to Internet Explorer.

        “A new Ethernet Network Interface Card (NIC) that has default settings may replace the previously existing NIC, causing network issues after you apply this update. Any custom settings on the previous NIC persist in the registry but are unused.”

        Reason: Doesn’t contain file pci.sys that has been implicated in this issue. The list of files in KB4100480 (excluding some file types that aren’t important for the purposes of this site) is at https://pastebin.com/jnTDbtx5.

        “Static IP address settings are lost after you apply this update.”

        Reason: Doesn’t contain file pci.sys that has been implicated in this issue.

        “After you install this update, you may receive a Stop error message that resembles the following when you log off the computer:

        SESSION_HAS_VALID_POOL_ON_EXIT (ab)”

        Reason: Doesn’t contain file Win32k.sys that has been implicated in this issue.

         

        These two KB4088875 issues may or may not be present in KB4100480, but they were already present in the January 2018 Windows updates anyway:

        “Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.”

        “After you install this update, SMB servers may leak memory.”

         

        That leaves these two KB4088875 issues that may or may not be present in KB4100480:

        “A Stop error occurs if this update is applied to a 32-Bit (x86) machine with the Physical Address Extension (PAE) mode disabled.”

        “A Stop error occurs on computers that don’t support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2).”

        Both of the two issues above are discussed at https://www.askwoody.com/forums/topic/massive-march-patch-tuesday-relaxes-antivirus-restrictions-but-there-are-problems/#post-175554.

         

        10 users thanked author for this post.
        • #179901 Reply
          DrBonzo
          AskWoody Plus

          Thank you so much MrBrian. This is exactly the information I hoped I would find. It makes my decision to install KB4100480 much easier.

          I hope you’re having – or will have – a good holiday weekend despite the fact that you are doing yeomans work at askwoody

          3 users thanked author for this post.
        • #180652 Reply
          heybengbeng
          AskWoody Lounger

          Hi for this known issue

          “After you install this update, you may receive a Stop error message that resembles the following when you log off the computer:

          SESSION_HAS_VALID_POOL_ON_EXIT (ab)”

          by “log off”, is it the same with turning off/shutdown the computer?

      • #180300 Reply
        anonymous
        Guest

        Win 7-64 here. Group A – Up to date through February.
        I ignored the KB4088875 for now [listed as important but unchecked] and the MSRT.
        I installed KB4100480 and rebooted as per instructions and haven’t had any problems so far. I have been playing online games, checking email and surfing the net, etc. So far it is business as usual.
        -firemind

        2 users thanked author for this post.
      • #180601 Reply
        lawrenceB
        AskWoody Lounger

        OK, this is frustrating. I think their WSUS detection is botched.

        Same here.  We have maybe 115 x64 Windows 7 machines being updated with WSUS. They had the Jan., and then the Feb., security only rollup installed.

        Of those, only 4 show 4100480 as ‘needed’.

        What a mess, all of this.

      • #180860 Reply
        anonymous
        Guest

        Also new “VM-Ware NIC static IP lost” hotfix is there now: https://support.microsoft.com/en-us/help/4099950

        So if you are still on dez/jan/feb Sec-Rollup on VMware and are waiting cause of the problems, perhaps this is the best order to install the patches, to get a complete march fix for those Win7/ 2008R2 Servers:

        “VM-Ware nic” Pre-Fix:

         
        March-Rollup:

         

        OOB-TotalMeltdown Hotfix:

      • #181047 Reply
        anonymous
        Guest

        ok so KB4100480 needs to be applied on all workstations where March patches are installed, but in SCCM/WSUS console, it only shows required to some machines and not all machines.even if we push this emergency patch to all machines, it will only install on machines which shows required?

        Any info regarding this?

        Regards,

        Rohit B

        Edit to remove HTML: Use the ‘text’ tab in the post entry box when you copy/paste.

      • #181722 Reply
        MrBrian
        AskWoody_MVP

        From https://support.microsoft.com/en-us/help/4100480/windows-kernel-update-for-cve-2018-1038:

        • “This security update was updated on April 5, 2018 to address applicability issues in the original release of the update.
        • Applicability rules have been expanded for this update. Therefore, this update will be offered via Windows Update and Windows Server Update Service (WSUS) if any of the Security Only (SO) updates that are listed in the table above are applied.
        • No specific functional changes have been made to this security update. Therefore, no additional action is needed if this update has already been applied.”
        4 users thanked author for this post.
      • #184792 Reply
        anonymous
        Guest

        Well no one is gonna fix Spectre expect motherboard manufacturers witch they are lazy to do.. not releasing bios updates for a supported cpus which they already have microcode fix for some cpus

      • #186939 Reply
        Noel Carboni
        AskWoody_MVP

        Anybody in touch with the Apple or Linux communities re: the Meltdown/Spectre mitigations?

        Old news over there, or still dealing with problems too?

        -Noel

      • #186961 Reply
        anonymous
        Guest

        I have win 7 32 bit and I tried to check on mMS’s site for the patch KB4100480 but I haven’t seen traces of it.

        https://portal.msrc.microsoft.com/en-US/security-guidance

         

        • #186966 Reply
          PKCano
          Da Boss

          32-bit is not vulnerable to the Total Meltdown  – only 64-bit. You don’t need KB4100480

      • #187179 Reply
        anonymous
        Guest

        Looks like the Linux folks have most of it covered including old processors via patches to kernel and applications/drivers.

        https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

      • #179186 Reply
        MrBrian
        AskWoody_MVP

        I doubt it, but I expect the fix to be included in the April 2018 updates.

        1 user thanked author for this post.
    Viewing 38 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Lady – new update for Windows 7 KB 4100480

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.