It has been a huge day for updates. First we had Adobe security updates and then we had a huge Patch Tuesday that fixes over 60 security flaws and 2 zero day vulnerabilities. For Windows 10, we have the KB4343909 and KB4343897 cumulative updates, and for this article we will discuss the cumulative updates for Windows 7, Windows 8.1, and Windows Server 2008.
Below we have outlined what each update fixes and if there are any known issues and workarounds.
Windows 7 SP1 or Windows Server 2008 R2 SP1
If you are using Windows 7 SP1 or Windows Server 2008 R2 SP1 and perform an update you will get KB4343900, which contains numerous fixes. For those who wish to download it manually, you can do here.
KB4343900 contains the following fixes:
-
Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
This is the same security update for Windows 10 and more information can be found here in our reporting of this vulnerability. -
Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
-
Provides protections against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 32-Bit (x86) versions of Windows.
There is one known issue that users can encounter when installing this update. This issue is with third-party software that could lead to a missing oem.inf file, which could cause a loss of network connectivity.
"There is an issue with Windows and third-party software that is related to a missing file (oem.inf)," Microsoft's knowledge base article stated. "Because of this issue, after you apply this update, the network interface controller will stop working."
To resolve this, Microsoft suggests:
- To locate the network device, launch devmgmt.msc; it may appear under Other Devices.
- To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu.
You can alternatively install the drivers for the network device by right-clicking the device and selecting Update. Then select Search automatically for updated driver software or Browse my computer for driver software.
Windows 8.1
If you're still running Windows 8.1 then we are truly sorry. At the same time, if you perform a Windows Update you will be presented with the KB4343898 cumulative update, which can also be downloaded manually from here for offline installs.
This update contains the following fixes:
-
Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS Editions.)
This is the same security update for Windows 10 and more information can be found here in our reporting of this vulnerability. -
Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
-
Addresses an issue that may prevent your device from starting up properly if you install KB3033055 (released September 2015) after installing any Monthly Rollup dated November 2017 or later.
Microsoft is not aware of any issues with this update, so get updating!
Comments
pccobbler - 6 years ago
"If you're still running Windows 8.1 then we are truly sorry"
Yes, W-8.1 is a GUI Frankenstein, but it runs better than W-10 on certain old hardware. On two PCs, W-10 caused sound cards to stop working (drivers downloaded from the vendor's website didn't help). And on both W-7 and W-8.1 PCs, Windows Update often offers updates ostensibly for certain hardware, but when I click on More Information, a generic description appears, meaning that it is suspect (funny how the vendor's website does not offer the same update). With W-7 or W-8.1, I can refuse the updates, but with W-10 I cannot, causing the hardware to develop problems.
BeckoningChasm - 6 years ago
"You can alternatively install the drivers for the network device by right-clicking the device and selecting Update. Then select Search automatically for updated driver software or Browse my computer for driver software."
I think a better idea would be to download the current driver for your NIC before installing the update.
Caramello222 - 6 years ago
I've been trying to get help to remove the malware on my computer that will not allow me to install the patch. Every time I download and install KB4343898 and KB4345592 after I click restart to finish the installation, my computer only makes it to 11% don't turn off your computer. Then the screen changes to the HP booting screen then goes back to the finishing install screen which is normal, but what isn't normal is the message that the installs couldn't be finished so the changes are being reverted. Every time I run the Windows Update troubleshooter it fixes the same issues because keeps undoing the fixes. I'm 100% sure it's malware because 3-4 times I've seen Taskeng.exe command prompt window appear and disappear, then after scanning with JRT which removes a Firefox profile extension file and a registry key it stops popping up. The same thing keeps coming back and now I have a funky HomeGroup icon doing the same thing. I posted for help with this on June 4 2018 and I was assisted but it has come back so I reposted on August 20 2018 and I haven't been able to get any follow up help this. I had trouble getting IE11 (default browser) to load today so I know I'm running out of time. How can I get those patches installed? Also, the Windows Update Catalog page is only shows a Globe logo and the rest of the page is blue.
Caramello222 - 6 years ago
Nevermind, I'm being assisted