Microsoft rilascia gli update cumulativi di Agosto per Windows 10, 8.1 e 7

Microsoft rilascia gli update cumulativi di Agosto per Windows 10, 8.1 e 7

In occasione del Patch Tuesday di Agosto Microsoft ha rilasciato le nuove build per i sistemi operativi supportati contenenti tutti i fix di sicurezza

di pubblicata il , alle 18:01 nel canale Sistemi Operativi
MicrosoftWindows
 

Il 14 Agosto è stato il secondo martedì del mese e, come da tradizione, Microsoft ha rilasciato gli ultimi update cumulativi per Windows contenenti le patch di sicurezza più aggiornate. Non ci sono, al solito, novità sul piano delle funzionalità, ma solo correzioni di bug, fix delle vulnerabilità di sicurezza e ottimizzazioni di vario tipo. Per tutte le versioni l'aggiornamento avverrà automaticamente in questi giorni, o potrà essere forzato manualmente attraverso Windows Update. Di seguito riportiamo le novità per ogni update così come appaiono nei changelog (in lingua inglese) rilasciati da Microsoft.

Windows 10

Windows 10 April 2018 Update, o versione 1803, riceve il KB4343909, che porta la build alla 17134.228. Ecco le novità:

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Addresses an issue that prevents apps from receiving mesh updates after resuming. This issue occurs for apps that use Spatial Mapping mesh data and participate in the Sleep or Resume cycle.
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses an issue that prevents some applications running on HoloLens, such as Remote Assistance, from authenticating after upgrading from Windows 10, version 1607, to Windows 10, version 1803.
  • Addresses an issue that significantly reduced battery life after upgrading to Windows 10, version 1803.
  • Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after installing the May 2018 Cumulative Update.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement.” For more information, see https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200 and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.

L'aggiornamento include un problema noto con gli aggiornamenti di luglio del framework .NET su cui Microsoft è al lavoro per rilasciare una soluzione.

Sono presenti diverse novità anche su Windows 10 Fall Creators Update, versione 1709, che arriva alla build 16299.611 con il KB4343897. Ecco le novità:

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Updates support for the draft version of the Token Binding protocol v0.16.
  • Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after the May 2018 Cumulative Update is installed.
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses an issue that displays “AzureAD” as the default domain on the sign-in screen after installing the July 24, 2018 update on a Hybrid Azure AD-joined machine. As a result, users may fail to sign in in Hybrid Azure AD-joined scenarios when users provide only their username and password.
  • Addresses an issue that adds additional spaces to content that's copied from Internet Explorer to other apps.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200 and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.

Anche in questo caso troviamo il problema noto relativo agli aggiornamenti del framework .NET, e ci sono due ulteriori bug sui sistemi non in lingua inglese, in cui non è presente la localizzazione di alcuni avvisi di errore.

Viene aggiornato anche Windows 10 Creators Update, versione 1703, che arriva alla build 15063.1266 con il pacchetto KB4343885. Le novità in questo caso sono le seguenti:

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client guidance KB article. (These registry settings are enabled by default for Windows Client OS editions.)
  • Addresses an issue that causes Internet Explorer to stop working for certain websites.
  • Updates support for the draft version of the Token Binding protocol v0.16.
  • Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after installing the May 2018 Cumulative Update.
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200 and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.

Non manca, neanche in questa versione, il bug nell'installazione dell'aggiornamento di .NET Framework, unico presente in questa release.

Windows 10 Anniversary Update, versione 1607, riceve il pacchetto KB4343887, arrivando alla build 14393.2430 che non contiene problematiche note. Le novità:

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Addresses an issue that causes Internet Explorer to stop working for certain websites.
  • Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after installing the May 2018 Cumulative Update.
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200 and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.

Anche la versione originale di Windows 10 e il Long Term Servicing Channel ricevono un aggiornamento, il KB4343892, che porta la versione alla build 10240.17946. Ecco le novità:

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client guidance KB article. (These registry settings are enabled by default for Windows Client OS editions.)
  • Addresses additional issues with updated time zone information.
  • Addresses an issue that prevents users from unlocking their computer if their password has expired. This issue occurs when fast user switching has been disabled and the user has locked the computer.
  • Updates support for the draft version of the Token Binding protocol v0.16.
  • Addresses an issue in which decrypted data fails to clear from memory, in some cases, after a CAPI decryption operation was completed.
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200 and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.

Microsoft ha anche rilasciato gli aggiornamenti di sicurezza per Windows 8.1 e Windows 7, che sono ancora supportati. Di seguito le novità su Windows 8.1 o Windows Server 2012 R2, che riceve il KB4343898:

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS Editions.)
  • Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
  • Addresses an issue that may prevent your device from starting up properly if you install KB3033055 (released September 2015) after installing any Monthly Rollup dated November 2017 or later.

Infine segnaliamo le novità su Windows 7 SP1 e Windows Server 2008 R2 SP1, che ricevono il KB4343900:

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Provides protections against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 32-Bit (x86) versions of Windows.

Per questa versione Microsoft segnala un problema noto con alcuni software di terze parti, relativo ad un file mancante (oem.inf). Nei sistemi in cui si prosenta il problema non funziona il controller per l'interfaccia di rete, ma la stessa Microsoft segnala un workaround:

  • To locate the network device, launch devmgmt.msc; it may appear under Other Devices.
  • To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu.
      • Alternatively, install the drivers for the network device by right-clicking the device and selecting Update. Then select Search automatically for updated driver software or Browse my computer for driver software.
10 Commenti
Gli autori dei commenti, e non la redazione, sono responsabili dei contenuti da loro inseriti - info
lucusta16 Agosto 2018, 20:45 #1
ieri, tra telefoni e PC, il router non sapeva più a chi dar retta!
Life bringer17 Agosto 2018, 12:02 #2
E come al solito a me windows update non trova gli aggiornamenti e devo andare di windows catalog
WarDuck17 Agosto 2018, 22:54 #3
Originariamente inviato da: Life bringer
E come al solito a me windows update non trova gli aggiornamenti e devo andare di windows catalog


Io ho aggiornato senza problemi stasera (sono rientrato da poco a casa da ferragosto), Windows 10 Pro.
lucusta18 Agosto 2018, 11:41 #4
Originariamente inviato da: Life bringer
E come al solito a me windows update non trova gli aggiornamenti e devo andare di windows catalog

i motivi di mal funzionamento di wu possono essere di natura diversa, ma per iniziare prova a resettarlo:
https://answers.microsoft.com/en-us...32-829125b1e8a3
allmaster18 Agosto 2018, 11:42 #5
Originariamente inviato da: Life bringer
E come al solito a me windows update non trova gli aggiornamenti e devo andare di windows catalog


un classico... devi solo resettare windows update
Life bringer18 Agosto 2018, 12:15 #6
Vi ringrazio per i consigli, sono tutte cose che ho già provato, più o meno approfondite, ma senza risultati, ho anche fatto girare un file bat piuttosto "elaborato" ai tempi. Provo anche questo.
giovanni6924 Agosto 2018, 10:59 #7
Il bat di http://www.leuzzi.info/"][COLOR="Blue"][U]Franco Leuzzi[/U][/COLOR][/URL] era una delle possibilità.
Vedi anche http://wureset.com

Non specifichi il sistema operativo che hai.... Se utilizzi Win 10 e tutti i sistemi specifici di correzione di Windows 10 hanno fallito, vedi anche la https://answers.microsoft.com/it-it/windows/forum/windows_10-windows_install/reinstallazione-in-place-di-windows-10/51a24191-3531-405e-b737-de96f9b70dd7"][COLOR="Blue"][U]Reinstallazione IN PLACE di Windows 10[/U][/COLOR][/URL]
DanieleG24 Agosto 2018, 11:01 #8
Originariamente inviato da: giovanni69
Il bat di Leuzzi era una delle possibilità. Da tempo il Reset è ufficiale da parte di Microsoft:
http://wureset.com/downloads.php


Non mi sembra una pagina di MS
giovanni6924 Agosto 2018, 11:41 #9
Ho infatti corretto l'errore grossolano.
Lascia perdere e fai la reinstallazione on place se hai provato tutte le altre soluzioni. Inoltre in questo forum esiste questo thread:
https://www.hwupgrade.it/forum/showthread.php?t=2792746
Life bringer24 Agosto 2018, 15:01 #10
Ciao, grazie dei link, in effetti ho dimenticato di specificarlo, si tratta di windows10, mi documento sulla reinstallazione in place.

Devi effettuare il login per poter commentare
Se non sei ancora registrato, puoi farlo attraverso questo form.
Se sei già registrato e loggato nel sito, puoi inserire il tuo commento.
Si tenga presente quanto letto nel regolamento, nel rispetto del "quieto vivere".

La discussione è consultabile anche qui, sul forum.
 
^