Tuesday , 17 July 2018
Home >> S >> Security >> Windows patches for Total Meltdown, bluescreens, an IP stopper — and little documentation

Windows patches for Total Meltdown, bluescreens, an IP stopper — and little documentation

As many of us were getting ready for the holiday weekend, after the surprise announcement about Windows being torn into three pieces, Microsoft shoveled yet another load of patches out the Automatic Update chute. Think of it as the software equivalent of a Friday night news dump.

A destructive fix for Total Meltdown

KB 4100480 kicked off the two days from patching purgatory with a Windows 7/Server 2008R2 kernel update for CVE-2018-1038, the “Total Meltdown” bug Microsoft introduced in Win7 back in January. Total Meltdown, you may recall, is a huge security hole implemented by all of these Microsoft security patches:

  • KB 4056894 Win7/Server 2008 R2 January Monthly Rollup.
  • KB 4056897 Win7/Server 2008 R2 January Security-only patch.
  • KB 4073578 Hotfix for “Unbootable state for AMD devices in Windows 7 SP1. and Windows Server 2008 R2 SP1” bug installed in the January Monthly Rollup and Security-only patches.
  • KB 4057400 Win7/Server 2008 R2 Preview of the February Monthly Rollup.
  • KB 4074598 Win7/Server 2008 R2 February Monthly Rollup.
  • KB 4074587 Win7/Server 2008 R2 February Security-only patch.
  • KB 4075211 Win7/Server 2008 R2 Preview of the March Monthly Rollup.
  • KB 4091290 Hotfix for “smart card based operations fail with error with SCARD_E_NO_SERVICE” bug installed in the February Monthly Rollup.
  • KB 4088875 Win7/Server 2008 R2 March Monthly Rollup.
  • KB 4088878 Win7/Server 2008 R2 March Security-only patch.
  • KB 4088881 Win7/Server 2008 R2 Preview of April Monthly Rollup.

If you installed any of those 11 patches on your Intel 64-bit Windows 7/Server 2008 R2 computer, you opened up a gaping hole known as “Total Meltdown,” or CVE-2018-1038, that allows any program running on your computer to run in kernel mode. Yes, any program that’s running can read or write into any part of memory.

Microsoft infected all of those machines to defend against the professionally marketed Meltdown/Spectre vulnerability, which has never, ever been seen in the wild. Kevin Beaumont (@GossiTheDog on Twitter) said it best:

close
==[ Click Here 1X ] [ Close ]==