Patch Tuesday [14. August 2018]

Status
Not open for further replies.
BoraMurdar

BoraMurdar

Community Manager
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
otTq6Na.png

Today is the second Tuesday of the month, which means that it's time for Microsoft to release updates for all supported versions of Windows 10. And by all supported versions, that means everything except version 1511, which hasn't received an update since April.

If you're on the Windows 10 April 2018 Update, or version 1803, you'll get KB4343909, which brings the build number to 17134.228. You can manually download it here, and it contains the following fixes:
  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Addresses an issue that prevents apps from receiving mesh updates after resuming. This issue occurs for apps that use Spatial Mapping mesh data and participate in the Sleep or Resume cycle.
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses an issue that prevents some applications running on HoloLens, such as Remote Assistance, from authenticating after upgrading from Windows 10, version 1607, to Windows 10, version 1803.
  • Addresses an issue that significantly reduced battery life after upgrading to Windows 10, version 1803.
  • Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after installing the May 2018 Cumulative Update.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement.” For more information, see {{windowTitle}} and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.
There's also a known issue to be aware of:

Symptom
After you install any of the July 2018 .NET Framework Security Updates, a COM component fails to load because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors. The most common failure signature is the following:
Exception type: System.UnauthorizedAccessException
Message: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
For more information, see KB4345913.
Workaround
Microsoft is working on a resolution and will provide an update in an upcoming release.


Those that are still on the Windows 10 Fall Creators Update, or version 1709, will get KB4343897, bringing the build number to 16299.611. You can manually download it here, and it contains the following fixes:
  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Updates support for the draft version of the Token Binding protocol v0.16.
  • Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after the May 2018 Cumulative Update is installed.
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses an issue that displays “AzureAD” as the default domain on the sign-in screen after installing the July 24, 2018 update on a Hybrid Azure AD-joined machine. As a result, users may fail to sign in in Hybrid Azure AD-joined scenarios when users provide only their username and password.
  • Addresses an issue that adds additional spaces to content that's copied from Internet Explorer to other apps.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see {{windowTitle}} and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.
There are three known issues to be aware of with this one:

Symptom
Some non-English platforms may display the following string in English instead of the localized language: ”Reading scheduled jobs from file is not supported in this language mode.” Workaround
This error appears when you try to read the scheduled jobs you've created and Device Guard is enabledMicrosoft is working on a resolution and will provide an update in an upcoming release.

When Device Guard is enabled, some non-English platforms may display the following strings in English instead of the localized language:
  • "Cannot use '&' or '.' operators to invoke a module scope command across language boundaries."
  • "'Script' resource from 'PSDesiredStateConfiguration' module is not supported when Device Guard is enabled. Please use 'Script' resource published by PSDscResources module from PowerShell Gallery."
Microsoft is working on a resolution and will provide an update in an upcoming release.
After you install any of the July 2018 .NET Framework Security Updates, a COM component fails to load because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors. The most common failure signature is the following:
Exception type: System.UnauthorizedAccessException
Message: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
For more information, see KB4345913.
Microsoft is working on a resolution and will provide an update in an upcoming release.

For those that are still on the Windows 10 Creators Update, or version 1703, you'll get KB4343885, bringing the build number to 15063.1266. You can manually download it here, and it contains the following fixes:
  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client guidance KB article. (These registry settings are enabled by default for Windows Client OS editions.)
  • Addresses an issue that causes Internet Explorer to stop working for certain websites.
  • Updates support for the draft version of the Token Binding protocol v0.16.
  • Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after installing the May 2018 Cumulative Update.
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see {{windowTitle}} and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.
There's one known issue to be aware of:

Symptom
After you install any of the July 2018 .NET Framework Security Updates, a COM component fails to load because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors. The most common failure signature is the following:
Exception type: System.UnauthorizedAccessException
Message: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
For more information, see KB4345913.
Workaround
Microsoft is working on a resolution and will provide an update in an upcoming release.

Next up is the Windows 10 Anniversary Update, or version 1607, which still gets updates mainly for those on Windows Server 2016. This version will get KB4343887, and that brings the build number to 14393.2430. You can manually download it here, and it contains the following fixes:
  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Addresses an issue that causes Internet Explorer to stop working for certain websites.
  • Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after installing the May 2018 Cumulative Update.
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see {{windowTitle}} and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.
There are no known issues with this update.

Finally, those on the original version of Windows 10 and on the Long Term Servicing Channel will get KB4343892, which brings the build number to 10240.17946. You can manually download it here, and it contains the following fixes:
  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client guidance KB article. (These registry settings are enabled by default for Windows Client OS editions.)
  • Addresses additional issues with updated time zone information.
  • Addresses an issue that prevents users from unlocking their computer if their password has expired. This issue occurs when fast user switching has been disabled and the user has locked the computer.
  • Updates support for the draft version of the Token Binding protocol v0.16.
  • Addresses an issue in which decrypted data fails to clear from memory, in some cases, after a CAPI decryption operation was completed.
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see {{windowTitle}} and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.
There's one known issue with this update, which is the same as the update for version 1703.

As always, you don't actually have to install these updates manually. You can just let Windows Update install them automatically.

If you're on Windows 8.1 or Windows Server 2012 R2, you'll get KB4343898, which is this month's monthly rollup. You can manually download it here, and it contains the following fixes:
  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS Editions.)
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses an issue that may prevent your device from starting up properly if you install KB3033055 (released September 2015) after installing any Monthly Rollup dated November 2017 or later.
As usual, there's a security-only update that you can install instead. KB4343888 can be manually downloaded here.

If you're on Windows Server 2012 (not R2), you'll get KB4343901, which can be manually downloaded here. It contains the following fixes:
  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Server guidance KB article. (These registry settings are disabled by default for Windows Server OS editions.)
  • Provides protections against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 32-Bit (x86) versions of Windows.
The security-only update is KB4343896, which can be manually downloaded here.

Finally, those on Windows 7 SP1 and Windows Server 2008 R2 SP1 will get KB4343900, which can be manually downloaded here. It contains the following fixes:
  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Provides protections against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 32-Bit (x86) versions of Windows.
There's also a known issue to be aware of on this one:

Symptom There is an issue with Windows and third-party software that is related to a missing file (oem.inf). Because of this issue, after you apply this update, the network interface controller will stop working.
Workaround
  1. To locate the network device, launch devmgmt.msc; it may appear under Other Devices.
  2. To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu.
    a. Alternatively, install the drivers for the network device by right-clicking the device and selecting Update. Then select Search automatically for updated driver software or Browse my computer for driver software.
The security-only update is KB4343899, and you can grab that here. There are no known issues with that one.
 
  • Like
Reactions: LASER_oneXM, lowdetection, ForgottenSeer 72227 and 9 others
Status
Not open for further replies.

Similar threads

silversurfer
    • Like
    • +Reputation
    • Thanks
New Update Windows 11 January 2024 Patch Tuesday (KB5034123) for 23H2 and 22H2
Replies
4
Views
1,074
Windows 11
Blackwarrior
Blackwarrior
silversurfer
    • Like
    • +Reputation
    • Thanks
New Update Windows 10 November 2023 Patch Tuesday (KB5032189)
Replies
0
Views
505
Windows 10
silversurfer
silversurfer
silversurfer
    • Like
    • +Reputation
    • Thanks
New Update Windows 11 December 2023 Patch Tuesday (KB5033375)
Replies
6
Views
1,055
Windows 11
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top