Windows 7 Patch Tuesday updates focus on Spectre and Meltdown

News

Reading time icon 2 min. read

Calendar icon Published on

by Madalina Dinita 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

windows 7 KB4480970 KB4480960

The first Patch Tuesday edition of 2019 is here. Windows 7 received two important updates aiming at improving the overall OS security. Monthly rollup KB4480970 and security update KB4480960 add further protection against the vicious Spectre and Meltdown cyber threats.

At the same time, these two patches also address a major PowerShell security vulnerability that affects remote endpoints.

Here is the official changelog:

  • Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections aren’t enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
  • Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
    “New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered.”
  • Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.

Microsoft hasn’t listed any known issues affecting these two updates.

Download KB4480970 and KB4480960

You can automatically download and install the latest Windows 7 updates via Windows Update. You can also download the stand-alone package from the Microsoft Update Catalog.

RELATED STORIES  YOU NEED TO CHECK OUT:

More about the topics: patch tuesday, windows 7

Madalina Dinita

Madalina Dinita Shield

Networking & Security Specialist

Madalina has been a Windows fan ever since she got her hands on her first Windows XP computer. She is interested in all things technology, especially emerging technologies -- AI and DNA computing in particular. Prior to joining the WindowsReport team, she worked in the corporate world for a number of years.