Windows 7 Patch Tuesday updates focus on Spectre and Meltdown

Madeleine Dean By: Madeleine Dean
2 minute read
windows 7 KB4480970 KB4480960

Home » News » Windows 7 Patch Tuesday updates focus on Spectre and Meltdown

The first Patch Tuesday edition of 2019 is here. Windows 7 received two important updates aiming at improving the overall OS security. Monthly rollup KB4480970 and security update KB4480960 add further protection against the vicious Spectre and Meltdown cyber threats.

At the same time, these two patches also address a major PowerShell security vulnerability that affects remote endpoints.

Here is the official changelog:

  • Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections aren’t enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
  • Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
    “New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered.”
  • Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.

Microsoft hasn’t listed any known issues affecting these two updates.

Download KB4480970 and KB4480960

You can automatically download and install the latest Windows 7 updates via Windows Update. You can also download the stand-alone package from the Microsoft Update Catalog.

RELATED STORIES  YOU NEED TO CHECK OUT:

Discussions

Next up

What to do if your browser address bar doesn’t search

John Waibochi avatar. By: John Waibochi
5 minute read

Despite being excellent browsers, Google Chrome and Mozilla fire are occasionally affected by some bugs. For example, the address bar doesn’t search in these browsing […]

Continue Reading

Can’t access Registry Editor in Windows 10 [FIX]

Ivan Jenic By: Ivan Jenic
4 minute read

Registry Editor is one of the most important parts of the Windows operating system. This tool is usually used for resolving various problems and faults […]

Continue Reading

League of Legends crashes: Here’s how to fix them

Madeleine Dean By: Madeleine Dean
3 minute read

League of Legends is a game that you can’t get bored of, although sometimes the various issues that you may encounter can get on your […]

Continue Reading