If you’re still running Windows 8.1, go to Windows Update and check for updates in order to download and install monthly rollup KB4338815 and security update KB4338824.
The July Patch Tuesday edition brings two new Windows 8.1 updates that fix a series of hardware and security issues. The most important fix concerns the Lazy Floating Point State Restore bug that allows hackers to access sensitive information on users’ computers.
Provides protections for an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 64-Bit (x64) versions of Windows.
Provides protections from an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639). These protections aren’t enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use this guidance document to enable mitigations for Speculative Store Bypass (CVE-2018-3639) in addition to the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
Apart from the two major security fixes mentioned above, Windows 8.1 Monthly Rollup KB4338815 also brings the following improvements:
- Updates Internet Explorer’s Inspect Element feature to conform to the policy that disables the launch of Developer Tools.
- Addresses an issue where DNS requests disregard proxy configurations in Internet Explorer and Microsoft Edge.
- Addresses an issue that causes the mouse to stop working after a user switches between local and remote sessions.
- Security updates to Internet Explorer, Windows apps, Windows graphics, Windows Shell, Windows datacenter networking, Windows virtualization, and Windows kernel.
KB4338815, KB4338824 issues
Keep in mind that both updates are affected by one common issue: namely, some devices running network monitoring workloads may receive the 0xD1 Stop error because of a race condition. Unfortunately, there is no workaround available for this problem, but Microsoft said it would push a hotfix in the coming days.
You can automatically download KB4338815 and KB4338824 via Windows Update.