Newsletter Archives

  • New versions of buggy March Win7 patches are out

    Posted on April 5, 2018 at 02:53 CDT by Comment in the Forums

    I have no idea what changed, but Günter Born reports (and a check of the Update Catalog confirms) that there are new versions of:

    KB 4088875 – Win7 March Monthly Rollup (dated, in the Update Catalog, as April 4)

    KB 4088878 – Win7 March Security-only patch (also April 4)

    KB 4088881 – Preview of the Win7 April Monthly Rollup (also April 4)

    KB 4090450 – Spectre V2 patch for Server 2008 (dated April 3)

    Looking at the KBNew page, I also see new versions of:

    KB 4099950 – the hotfix patch for bugs in the March Win7 patches (now dated April 4) – I talked about this fix of a fix of a … earlier this week in Computerworld.

    KB 4088879 – the Win8.1 Security-only patch (still dated March 10)

    And, as noted in several places on AskWoody, there’s a new version of the old favorite KB 2952664 — the patch that so helpfully makes it easier to upgrade Win7 to Win10 — and its Win8.1 cohort, KB 2976978.

    Born identifies new notes in the KB articles for the Win7 Monthly Rollup and the Preview Monthly Rollup that say:

    Important Please apply KB4100480 immediately after applying this update. KB4100480 resolves vulnerability in the Windows kernel for the 64-bit (x64) version of Windows. This vulnerability is documented in CVE-2018-1038 .

    You may recall that KB 4100480 is the “OMG” patch issued by MS when they figured that all of this year’s Win7 patches opened a huge “Total Meltdown” security hole in Win7.

    In addition, the description of the KB 4088875 Monthly Rollup patch and the KB 4088878 Security-only patch now advise:

    After you install this update, you may receive a Stop error message that resembles the following when you log off the computer:

    SESSION_HAS_VALID_POOL_ON_EXIT (ab)

    The solution on offer is KB 4099467, which is a single-shot hotfix for Win7 designed specifically to fix this bluescreen.

    How about them apples….

    Can any of you shed light on the reasons for the changes — in particular, do they fix any of the gazillion security holes in last month’s patches? If so, care to speculate on why Microsoft just slipped this stuff out without any announcement?

    And… when will it be safe to get back in the Win7 patching water?

    Windows Patches/Security , , , , , , ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.