Patch Lady – new update for Windows 7 KB 4100480

Topic

New Reply

Just sync’d up to my WSUS server is KB4100480.  Based on trying to follow the KB I can’t tell if this fixes the Spectre/Meltdown fix that introduced n
[See the full post at: Patch Lady – new update for Windows 7 KB 4100480]

Susan Bradley Patch Lady

10 users thanked author for this post.

walker, Elly, laidbacktokyo, SueW, geekdom, FakeNinja, Pierre77, AJNorth, JDeC, MrBrian

Reply | Quote

Replies

Tweet from Total Meltdown vulnerability discoverer Ulf Frisk: “#TotalMeltdown OOB patches available now! No longer ZERO-DAY! APPLY PATCHES NOW! (Win7/2008R2) CVE-2018-1038 . Awesome turnaround time and support from @msftsecresponse! Super impressive work given the time frame! […]”

1 user thanked author for this post.

walker

Reply | Quote

Yep. Yesterday, Ulf said the original holes were plugged in the March Monthly Rollup. Now he says that they’re patched in this new security patch. And the new security patch says that it’s necessary if you installed the March Monthly Rollup because the Total Meltdown bug was introduced in the March Monthly Rollup.

They also released it on Thursday afternoon, before many people are headed out for a three day weekend.

This is ridiculous. I need a drink.

10 users thanked author for this post.

Noel Carboni, walker, SueW, AlexEiffel, Elly, abbodi86, Pierre77, flackcatcher, AJNorth, JDeC

Reply | Quote

ScottGu, we need you.

Reply | Quote

According to https://support.microsoft.com/en-us/help/4100480/windows-kernel-update-for-cve-2018-1038, many Windows 7 updates from January 2018 to March 2018 have the Total Meltdown vulnerability.

9 users thanked author for this post.

GoneToPlaid, AlexEiffel, Elly, abbodi86, Pierre77, T, AJNorth, woody, JDeC

Reply | Quote

This is quite unbelievable. So the march updates didn’t fix this gaping hole that microsoft introduced either? The march updates were supposed to fix this. Presumably the fix will be included in april but supposing the ever growing list of issues are fixed in april it looks like march will never get installed if you’re in group b. I’m certainly not installing it in the state it’s in and i’m not switching to group a either.

Reply | Quote

“So the march updates didn’t fix this gaping hole that microsoft introduced either?”

From http://blog.frizk.net/2018/03/total-meltdown.html: “2018-03-28: Found out that the March patches only partially resolved the vulnerability. Contacted MSRC again.”

4 users thanked author for this post.

T, SueW, AJNorth, Elly

Reply | Quote

“This update addresses an elevation of privilege vulnerability in the Windows kernel in the 64-Bit (x64) version of Windows. This vulnerability is documented in CVE-2018-1038. Users must apply this update to be fully protected against this vulnerability if their computers were updated in or after January 2018 by applying any of the following updates.”

So does this patch also contain a patch for the original issue,or is it just a patch for the previous 11 patches?

4 users thanked author for this post.

GoneToPlaid, Elly, AJNorth, JDeC

Reply | Quote

Ah, yeah… we’ve produced at least 11 botched up hotfixes in a row which made a gaping security hole out of a theoretical exploit, the most recent of them not even one week old yet, but 12th time’s the charm… absolutely trust us.

5 users thanked author for this post.

AlexEiffel, Cybertooth, Elly, David F, woody

Reply | Quote

CVE-2018-1038 acknowledges Ulf Frisk.

4 users thanked author for this post.

SueW, Elly, AJNorth, woody

Reply | Quote

Kevin Beaumont explains:

https://twitter.com/GossiTheDog/status/979488260140556293

No, [this patch is] purely for that [“Total Meltdown”] security issue. I agree it’s not great, they have some really big stability issues in March update and this fix also brings those, while trying to fix a new issue introduced in January. So orgs are left having to roll known bad update again.

Man. I hope it works.

4 users thanked author for this post.

Elly, T, AJNorth, satrow

Reply | Quote

I want it confirmed if this fix really does introduce all the known issues from the march update because if it does then why is it ticked in windows update? The march rollup is unticked for some and not showing at all for others because of these quite serious flaws, yet this one is good to go? It makes no sense but nothing does these last few days.

Reply | Quote

KB4100480 might have some of the issues present in the Windows 7 March 2018 Windows monthly rollup.

1 user thanked author for this post.

woody

Reply | Quote

Separately, updates were also released today for “Stop error 0xAB when you log off a session.”

2 users thanked author for this post.

Elly, woody

Reply | Quote

I think it’s fair to say that Microsoft are the problem, not the solution

2 users thanked author for this post.

Cybertooth, amraybt

Reply | Quote

For Group B: should we uninstall the Jan and Feb security-only updates and not install the Mar security-only update. I am not sure by the description if KB4100480 replaces them, or not?

Reply | Quote

As far as i can tell (and it’s increasingly difficult to follow this mess), KB4100480 is only a fix for the flaw microsoft themselves introduced in the january, february and march updates. The so called “total meltdown” flaw. I don’t believe it includes any of march’s security patches but i may be wrong.

edit: According to kevin beaumont’s tweet further up this fix brings with it all the flaws with the march update as well… i have a headache.

2 users thanked author for this post.

GoneToPlaid, SueW

Reply | Quote

I wouldn’t expect that KB4100480 can be considered a replacement for any of the Windows security-only updates.

3 users thanked author for this post.

SueW, AJNorth, Elly

Reply | Quote

I just checked for updates and now my Windows Update resembles Susan’s screenshot, with three entries: KB4088875 (unchecked), KB4100480 (checked) and KB890830 (checked).

Anxiously awaiting Woody’s guidance for navigating this minefield.

P.S. I love the new faster server!

2 users thanked author for this post.

SueW, Bill C.

Reply | Quote

I still only see the February rollup and the March Preview. I only saw KB4088875 once as checked, and then it was gone (and not hidden or installed), and KB4100480 does not appear, period, no matter if I hide the preview or not.

Maybe it is because my PCI.SYS is version 6.1.7601.17514 dated 11/20/2010. WHo knows…

Reply | Quote

Directions to see KB4088875 in Windows Update: see https://www.askwoody.com/forums/topic/microsoft-patch-alert-suddenly-windows-7-patching-is-an-unholy-mess/#post-178695.

1 user thanked author for this post.

Elly

Reply | Quote

So Group B should not expect to see KB4088875 since it requires installing the February Monthly Rollup and hiding the February preview rollup?

Non-techy Win 10 Pro and Linux Mint experimenter

Reply | Quote

That’s one set of prerequisites that allows KB4088875 to be seen in Windows Update, but there are other sets of prerequisites that also allow it, such as this.

Reply | Quote

ohhhh!  I’m so confused.  Is it right to say I shouldn’t install “8875”  “8881”

Reply | Quote

Please don’t be so confused.  Just wait until Woody gives the go-ahead — MS-DEFCON 3 (or 4 or 5) — along with the link to his latest ComputerWorld article detailing his instructions.

Win 7 SP1 Home Premium 64-bit; Office 2010; Group B (SaS); Former 'Tech Weenie'

3 users thanked author for this post.

Demeter, Cascadian, Elly

Reply | Quote

I would assume that this new emergency security update KB4100480, which was supposed to fix the Total Meltdown flaw introduced during Microsoft’s misguided attempts to fix the Meltdown flaw, does not correct the problems in the March 2018 security updates.

Therefore I still stand my previous decision. I shall restore the December 2017 system images back onto my systems running Windows 7, and I shall stop patching them until I am satisfied that this mess has been resolved. If the mess is not resolved in the future then I shall just continue to run Windows 7 on the December 2017 patch level, and leave it at that. By doing this I also will not suffer any performance degradation brought by the Meltdown “fixes”.

P.S. One of the above “anonymous” messages was posted by me. I have forgotten to login before I post. Please feel free to remove it.

Hope for the best. Prepare for the worst.

2 users thanked author for this post.

AJNorth, Cybertooth

Reply | Quote

Just received – and read – this: Total Meltdown: How Microsoft’s Meltdown patch created an even bigger flaw for hackers

The vulnerability affects Windows 7 and Windows Server 2008 R2, and gives complete memory access to hackers.

By James Sanders | March 28, 2018

Reply | Quote

So it’s clearly a 64-bit only issue, in which case doesn’t affect me, being on 32-bit. Is it confirmed that the vulnerability itself was introduced on 64-bit only though? Or is it just that us on 32-bit aren’t getting the patch?

As for the other one for the BSOD when you log off, I wonder if rebooting to install it counts as logging off, in which case how would one install it successfully? But maybe it doesn’t count and it’s only in case of simply logging off, not rebooting?

— Cavalary

1 user thanked author for this post.

abbodi86

Reply | Quote

I consider 32-bit luckier with all this mess

Reply | Quote

“So it’s clearly a 64-bit only issue, in which case doesn’t affect me, being on 32-bit. Is it confirmed that the vulnerability itself was introduced on 64-bit only though?”

See section “Affected Products” at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038.

2 users thanked author for this post.

abbodi86

Reply | Quote

So where do I stand? All I have is KB4100480 and 3 updates for Office 2010 as Important and KB4088881 shown as Optional. The latter is Preview for month March 2018. This is on my desktop.

On my laptop which does not have Office it show KB4100480 as Important and KB4088881 as Optional (Preview for March 2018).

Now scratching my head. Happy Easter from ‘Down Under”!

Reply | Quote

I am a group B installer and I will install this update now. Losing confidence in MS….

Reply | Quote

I would assume this emergency security update KB4100480, which was supposed to fix the Total Meltdown flaw introduced during Microsoft’s misguided attempts to fix the Meltdown flaw, does not correct the problems introduced by the March 2018 security updates.

Therefore, I still stand by my previous decision. I will restore the December 2017 system images back on my systems running Windows 7, and I will stop patching them until I am satisfied that the mess has been resolved. If the mess is not resolved in the future, then I should just continue to run Windows 7 on the December 2017 patch level, and leave it at that. By doing that, I will also not suffer any performance degradations from the Meltdown patch.

Reply | Quote

I have installed all the Group B updates and I can’t detect any performance differences.

The catch 22 is that if there are any performance degradations, then you are probably more secure.

To me the Meltdown exploit is the nasty one and I would like to surf the web without protection, but it is all about risk ratings.

Reply | Quote

OK, this is frustrating.  I think their WSUS detection is botched.  I’ve approved KB4100480 for Win7 x64 and Server 2008R2.  It’s definitely been downloaded.  Three test Win 7 systems and a 2008R2 server check for updates and find zero.  But if I download KB4100480 from the catalog and run the .msu file manually, they install.

 

So, if someone wants to protect their Windows 7 clients, the usual WSUS method provides no help.  Hopefully they will reissue with fixed detection soon.

2 users thanked author for this post.

lawrenceB, MrBrian

Reply | Quote

We’re seeing similar issues with out WSUS environment.  Of approximately 200 Win2008R2 systems all of which have installed more than at least one of the qualifying Jan-Mar updates only 18 are showing that KB4100480 is applicable.  On top of that, since we do utilize WSUS, nearly all of those 200 systems are patched identically.

And there is a similar story with the Win7x64 systems.

Something is fishy in Redmond.

Jim

2 users thanked author for this post.

lawrenceB, MrBrian

Reply | Quote

I installed KB4100480 and rebooted the computer. The system booted without error. The patch appears not to have borked my system.

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1413 x64 i5-9400 RAM16GB HDD Firefox112.0b3 MicrosoftDefender

3 users thanked author for this post.

rontpxz81, MrBrian, AJNorth

Reply | Quote

Trying to figure out all of this gives me as big of a headache as doing my taxes every year.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

2 users thanked author for this post.

Cybertooth, SueW

Reply | Quote

Strange.  I’m in “Group B” with two Windows 7 x64 PCs.  Windows Update is set to check for updates, but let me decide what to download.  I’ve already installed the March 2018 security-only patches and Office 2010, IE 11 security patches.

However, I’ve run Windows Update multiple times last night and this morning and all it shows on both PCs are the two .NET updates that have been sitting there for more than a month.  No sign of KB 4100480.  I assume I could grab the file from the MS Update Catalog and manually update it.  I wonder if MS is staggering the release of this patch.  I’m in the Midwest.

Reply | Quote

This update makes boot faster for me.

1 user thanked author for this post.

rontpxz81

Reply | Quote

A couple of Microsoft Update queries. Spent the past 3-4 days reading through all the posts on the vulnerabilities opened by installing 2018-01 & 2018-02 the Win 7 Security Updates. Have just installed KB4100480 to rectify the vulnerabilities with no problems encountered on reboot. However, Update had 4 other updates ticked as “important”: KB4033342 .Net Framework 4.7.1, KB2952664 Win7 x64 update, 03-2018 Win Malware Removal Tool, ( I know what this is) and finally, Synaptics Mouse 8/16/2017, 19.0.19.63, this one I have been unchecking for months. Are they that important? Since we’re at DEFCON 2 I’m not doing anything at the moment

Reply | Quote

I compared the contents of KB4088875 x64 vs. KB4100480. (All three Catalog downloads of KB4100480 are identical.) KB4100480 contains a subset of the files in KB4088875 x64, with the exception of these files, which have newer versions in KB4100480 than in KB4088875 x64:

ntoskrnl.exe

ntkrnlpa.exe

This is broadly consistent with abbodi86’s analysis.

Here is a list of the files in KB4100480, excluding some types of files that aren’t important for the purposes of this post.

2 users thanked author for this post.

amraybt, T

Reply | Quote

It makes sense that KB4100480 would contain newer files than KB4088875 but now i’m curious as to the effect of installing KB4100480 before installing KB4088875 which i presume a lot us are going to be doing. Wouldn’t that result in older files overwriting the newer files? Provided anyone even wants to install the march update at this point but i’m just wondering if it’d be better installing KB4088875 (or the rollup) and then installing KB4100480.

Reply | Quote

The supersedence associated with Windows updating will retain the correct (newer) files correctly.

1 user thanked author for this post.

T

Reply | Quote

The Windows servicing system is “smart” enough to handle situations like these without doing things like overwriting newer files with older files.

1 user thanked author for this post.

T

Reply | Quote

Well, well, well… I assume applying of this KB4100480 out-of-band patch as a good compromise if you wanna get win7sp1x64 kernel update regarding the Meltdown protection (and maybe the Spectre one but not for older CPUs!) option enabled but yet don’t wanna apply all these messy rollup and/or preview of rollup massive patches of 2018, so I gave it a try install onto win7sp1x64ultimate laptop without any of 2018 massive patches installed despite of the direct request of M$ to apply this patch only next to any of listed 2018 patches install.

1. 1st attempt of install took a real while then win7 boot just frozen/failed > then tried to repair win7 launch w/o restore and got no errors as all 0x0 > then got a luck to boot thru F8 in safe mode > then reboot to normal and found that this patch install failed with status 0x80070643 > then 2nd try was all normal & successful.

2. After install of this patch the InSpectre utility https://www.grc.com/inspectre.htm now of its revision #7 showed up Meltdown protection GOOD, Spectre one NO (no surprise with older CPUID 10676) & Performance SLOWER.

3. Naturally I don’t wanna any performance lost against this fuzzy & yet incomplete protection at least due to its Spectre component is yet missed so I’ve disabled Meltdown protection by InSpectre utility. As it’s well known such disabling simply adds 2 keys to win7 registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverride’ with value 2 or 3 (if disabled) or 0 or 1 (if enabled back) and DWORD ‘FeatureSettingsOverrideMask’ with always 3 value.

By default this InSpectre utility now sets 1st key to 2 that differs from recommended by M$ value of 3 by default (at least for servers!) However this 2 value almost immediately returns me single entries of both 2 issues of dwm.exe as ‘The Desktop Window Manager has encountered a fatal error (0x8898009b)’ as well as the leftover of one of already closed application window in win7 taskbar. Please refer to my earlier report(s) here:
https://www.askwoody.com/2018/friday-night-patch-dump-kb-4088881-a-flawed-win7-monthly-rollup-preview-and-kb-4089187-an-ie-fix/#post-178425

So I’ve manually changed this value to 3 and both issues seem gone.

Anyhow, at the moment this patch is left installed  – at least for extra testing but likely as permanent deployment.

Rgds,

P.S. I guess I got a clear confirmation that both reported by me issues of 2018 are linked not to windows components’ updating like a graphics one but the Meltdown/Spectre protection deployment in particular (and likely its subsequent disabling in win7 registry!)

 

P.P.S. Also I didn’t apply the advised by M$ .vbs registry patch concerning HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCI  at all!

Reply | Quote

UPDATE:

Extra testing report:

1. Unfortunately I found that after install of KB4100480 both mentioned issues yet more or less chaotically occur with any possible win7 registry setting concerning disabling/enabling Meltdown protection:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverride’ value = 3 (disabled)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverride’ value = 2 (disabled)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverride’ value = 0 (enabled)

and even in case when both keys in charge are non-existed/deleted, i.e. their default status after KB4100480 install.

2. The best available combination of registry setting found to avoid dwm.exe errors in log is:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverride’ value = 2 (Meltdowm protection disabled in default way of InSpectre#7 Utility)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ DWORD ‘FeatureSettingsOverrideMask’ value = 3

plus another extra registry key created manually:

HKEY_CURRENT_USER\Software\Microsoft\Windows\DWM\ DWORD UseMachineCheck with a value of 0

However the above combination seems a pretty much fragile way of patching, especially when windows leftovers issue rarely but yet occurs in same chaotic way, so finally I’ve removed this KB4100480 from win7 with even more fragile hope for better patching fun in coming April.

Rgds,

2 users thanked author for this post.

Kranium, MrBrian

Reply | Quote

Sorry it seems some little mess with posting here now.

I’ve posted a pretty long message. Then it first appeared posted, then vanished after a minor editing, and now if I try to post it again there is a notice of duplicate posting.

Please check for solution if any.

Thanks.

UPDATE: Thanks it’s resolved now!

Reply | Quote

If you submit/edit/submit in too rapid succession, your post gets caught in the spambucket. I have retrieved both copies and will delete one of them.

Slow down between submit-edit-submit operations and let the system process the change. 🙂

3 users thanked author for this post.

Microfix, satrow, laidbacktokyo

Reply | Quote

I installed KB4100480 today, and now the websites I use are no longer saving my login information.  Could this update affect auto login information or is this just a coincidence?

Any ideas/suggestions would be appreciated.  I’m ‘technically-challenged’ and not  sure how to proceed.

Reply | Quote

I use lastpass to keep track of my passwords. The only problem I seem to be having is with I/E 11. It keeps crashing at the moment but then it comes good. My default browser though is Google Chrome and Firefox as a standby. No solution I can think of – maybe a complete system shutdown and power up (Cold start)?

Reply | Quote

Win 7 SP1 HE, Group B, Haven’t installed March 2018 updates yet. Just installed KB4100480 (Total Meltdown Patch). All seems well thus far. Plan to wait for Defcon 3 or higher before installing rest of March’s patches.

Reply | Quote

Could i just ask those who haven’t installed either the january or february monthly rollups through windows update, were you offered KB4100480 through update? I wasn’t offered this and after a confusing few minutes i realised it’s most likely due to not having any monthly rollups installed, particularly january and february so all i see currently are the february rollup, the demon child KB2952664 and the malicious software removal tool for march.

1 user thanked author for this post.

MrBrian

Reply | Quote

As a test, I installed the March 2018 Windows security-only update, but didn’t have any of the other 10 updates listed at https://support.microsoft.com/en-us/help/4100480/windows-kernel-update-for-cve-2018-1038 installed. I rebooted and checked for Windows updates. I didn’t see KB4100480 listed.

1 user thanked author for this post.

T

Reply | Quote

The way I read the link in your post, you should have been offered KB4100480. Do you agree?

I have the January and February security only patches installed but have never been offered KB 4100480 in Windows Update even though It seems like I should have.

Reply | Quote

Only received the update on 31 March and only by constantly checking for updates. FYI I am in Australia so my time is UTC +10.

Reply | Quote

I think this behavior is not a Microsoft mistake because Microsoft doesn’t list the security-only updates themselves on Windows Update. Hopefully KB4100480 will be added to the Group B list of updates.

Reply | Quote

I think you’re saying that even though the MS support page for KB4100480 says it is offered through Windows Update, that it may not, in fact, be offered through Windows Update to machines that haven’t installed Rollups?

Reply | Quote

@DrBonzo: That is indeed what I meant to convey.

1 user thanked author for this post.

DrBonzo

Reply | Quote

KB4100480 will be superseded by the next security-only update (April)

Reply | Quote

“It’s possible that KB4100480 might introduce some or all of the issues that KB4088875 or KB4088878 have to computers that don’t already have KB4088875 or KB4088878 installed because […]”

Reply | Quote

This post discusses whether KB4100480 likely contains each issue in KB4088875. KB4100480 contains a subset of the files in KB4088875 x64, with the exception of these files.

Of the issues listed in KB4088875, these issues probably aren’t present in KB4100480:

“After you install this update, security settings in some organizations that are running Windows 7 SP1 or Windows Server 2008 R2 may prevent Internet Explorer 11 from starting because of an invalid SHA1 certificate.”

Reason: Doesn’t contain files related to Internet Explorer.

“A new Ethernet Network Interface Card (NIC) that has default settings may replace the previously existing NIC, causing network issues after you apply this update. Any custom settings on the previous NIC persist in the registry but are unused.”

Reason: Doesn’t contain file pci.sys that has been implicated in this issue. The list of files in KB4100480 (excluding some file types that aren’t important for the purposes of this site) is at https://pastebin.com/jnTDbtx5.

“Static IP address settings are lost after you apply this update.”

Reason: Doesn’t contain file pci.sys that has been implicated in this issue.

“After you install this update, you may receive a Stop error message that resembles the following when you log off the computer:

SESSION_HAS_VALID_POOL_ON_EXIT (ab)”

Reason: Doesn’t contain file Win32k.sys that has been implicated in this issue.

 

These two KB4088875 issues may or may not be present in KB4100480, but they were already present in the January 2018 Windows updates anyway:

“Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.”

“After you install this update, SMB servers may leak memory.”

 

That leaves these two KB4088875 issues that may or may not be present in KB4100480:

“A Stop error occurs if this update is applied to a 32-Bit (x86) machine with the Physical Address Extension (PAE) mode disabled.”

“A Stop error occurs on computers that don’t support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2).”

Both of the two issues above are discussed at https://www.askwoody.com/forums/topic/massive-march-patch-tuesday-relaxes-antivirus-restrictions-but-there-are-problems/#post-175554.

 

10 users thanked author for this post.

cesmart4125, Sheldon88, woody, GoneToPlaid, Kranium, T, HiFlyer, walker, Cascadian, DrBonzo

Reply | Quote

Thank you so much MrBrian. This is exactly the information I hoped I would find. It makes my decision to install KB4100480 much easier.

I hope you’re having – or will have – a good holiday weekend despite the fact that you are doing yeomans work at askwoody

3 users thanked author for this post.

HiFlyer, SueW, MrBrian

Reply | Quote

Hi for this known issue

“After you install this update, you may receive a Stop error message that resembles the following when you log off the computer:

SESSION_HAS_VALID_POOL_ON_EXIT (ab)”

by “log off”, is it the same with turning off/shutdown the computer?

Reply | Quote

Win 7-64 here. Group A – Up to date through February.
I ignored the KB4088875 for now [listed as important but unchecked] and the MSRT.
I installed KB4100480 and rebooted as per instructions and haven’t had any problems so far. I have been playing online games, checking email and surfing the net, etc. So far it is business as usual.
-firemind

2 users thanked author for this post.

Cascadian, HiFlyer

Reply | Quote

mobartz wrote:

OK, this is frustrating. I think their WSUS detection is botched.

Same here.  We have maybe 115 x64 Windows 7 machines being updated with WSUS. They had the Jan., and then the Feb., security only rollup installed.

Of those, only 4 show 4100480 as ‘needed’.

What a mess, all of this.

Reply | Quote

Also new “VM-Ware NIC static IP lost” hotfix is there now: https://support.microsoft.com/en-us/help/4099950

So if you are still on dez/jan/feb Sec-Rollup on VMware and are waiting cause of the problems, perhaps this is the best order to install the patches, to get a complete march fix for those Win7/ 2008R2 Servers:

“VM-Ware nic” Pre-Fix:

• http://www.catalog.update.microsoft.com/Search.aspx?q=KB4099950

 
March-Rollup:

• http://www.catalog.update.microsoft.com/Search.aspx?q=KB4088875

 

OOB-TotalMeltdown Hotfix:

• https://www.catalog.update.microsoft.com/Search.aspx?q=KB4100480

Reply | Quote

ok so KB4100480 needs to be applied on all workstations where March patches are installed, but in SCCM/WSUS console, it only shows required to some machines and not all machines.even if we push this emergency patch to all machines, it will only install on machines which shows required?

Any info regarding this?

Regards,

Rohit B

Edit to remove HTML: Use the ‘text’ tab in the post entry box when you copy/paste.

Reply | Quote

From https://support.microsoft.com/en-us/help/4100480/windows-kernel-update-for-cve-2018-1038:

• “This security update was updated on April 5, 2018 to address applicability issues in the original release of the update.
• Applicability rules have been expanded for this update. Therefore, this update will be offered via Windows Update and Windows Server Update Service (WSUS) if any of the Security Only (SO) updates that are listed in the table above are applied.
• No specific functional changes have been made to this security update. Therefore, no additional action is needed if this update has already been applied.”

4 users thanked author for this post.

walker, geekdom, woody, Elly

Reply | Quote

Well no one is gonna fix Spectre expect motherboard manufacturers witch they are lazy to do.. not releasing bios updates for a supported cpus which they already have microcode fix for some cpus

Reply | Quote

Anybody in touch with the Apple or Linux communities re: the Meltdown/Spectre mitigations?

Old news over there, or still dealing with problems too?

-Noel

Reply | Quote

I have win 7 32 bit and I tried to check on mMS’s site for the patch KB4100480 but I haven’t seen traces of it.

https://portal.msrc.microsoft.com/en-US/security-guidance

 

Reply | Quote

32-bit is not vulnerable to the Total Meltdown  – only 64-bit. You don’t need KB4100480

Reply | Quote

Looks like the Linux folks have most of it covered including old processors via patches to kernel and applications/drivers.

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

Reply | Quote

I doubt it, but I expect the fix to be included in the April 2018 updates.

1 user thanked author for this post.

amraybt

Reply | Quote