Microsoft recently rolled out this month’s security update for Windows 7, patching a Local Security Authority Subsystem vulnerability of the OS. At the same time, the company pushed Monthly Rollup KB3212646 for Windows 7 that includes the OS’s latest security update, KB3212642, as well as improvements and fixes from previous monthly rollups.
Windows 7 KB3212642
Security update KB3212642 patches an important denial of service vulnerability that affects how the Local Security Authority Subsystem Service handles authentication requests.
With it, attackers can trigger a denial of service attack on the target computer’s LSASS, allowing them to automatically reboot the system.
In order to exploit this vulnerability, attackers send a specially crafted authentication request. The latest Windows 7 security update changes the way that LSASS responds to those specially crafted authentication requests.
Windows 7 Monthly Rollup KB3212646
Monthly Rollup KB3212646 includes all the improvements and fixes in the previous Monthly Rollup, as well as the LSASS security fixes brought by KB3212642.
How to install KB3212642 and KB3212646
There are two methods to install these Windows 7 updates:
1. Windows Update
When you turn on Windows Update, these updates will download and install automatically. Should you get an error message, we recommend you check out our dedicated article on how to fix common Windows 7 update errors.
2. Microsoft Update Catalog website
If you want to filter the updates you install on your Windows 7 computer, you can get the standalone package for these updates from the Microsoft Update Catalog website:
For more information about the latest Windows 7 updates, check out Microsoft’s support page.
RELATED STORIES YOU NEED TO CHECK OUT: