The first Patch Tuesday edition of 2019 is here. Windows 7 received two important updates aiming at improving the overall OS security. Monthly rollup KB4480970 and security update KB4480960 add further protection against the vicious Spectre and Meltdown cyber threats.
At the same time, these two patches also address a major PowerShell security vulnerability that affects remote endpoints.
Here is the official changelog:
- Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections aren’t enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
- Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered.”
- Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.
Microsoft hasn’t listed any known issues affecting these two updates.
Download KB4480970 and KB4480960
You can automatically download and install the latest Windows 7 updates via Windows Update. You can also download the stand-alone package from the Microsoft Update Catalog.
RELATED STORIES YOU NEED TO CHECK OUT: