Eseguendo un’installazione pulita di Windows 7 o Windows 8.1, vi aspetterebbero centinaia di aggiornamenti da installare. Per questo motivo, a partire da ottobre 2016 Microsoft ha deciso di rilasciare ogni mese un nuovo aggiornamento cumulativo per Windows 7 SP1 e Windows 8.1.
NOTA | Nel caso in cui non riusciste a effettuare il download e l’installazione degli aggiornamenti cumulativi, potreste trovare utile quest’altra guida.
Aggiornamento cumulativo di gennaio 2019
Per Windows 7, Microsoft ha rilasciato l’aggiornamento KB4480970 con il seguente changelog:
- Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections aren’t enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
- Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.” - Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.
Per Windows 8.1, Microsoft ha rilasciato l’aggiornamento KB4480963 con il seguente changelog:
- Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections aren’t enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
- Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.” - Security updates to Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.
Avete già installato l’update cumulativo? Avete riscontrato dei problemi? Fatecelo sapere nei commenti.
Articolo di Windows Blog Italia