Feb 2018 Security Monthly Quality Rollup / (ADV180002) ?

HI I have updated with Feb 2018 Security Monthly Quality Rollup for windows 2008 r2 KB4074598 Using windows update

Do I need to install this below Patch?

Guidance to mitigate speculative execution side-channel vulnerabilities (ADV180002)

and also, we have tested and installed Manually the  KB4056894? Is there any thing im missing to install the   (ADV180002)? Pls suggest
bsarahimAsked:
Who is Participating?
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
> Still do I need to install anything from "Guidance to mitigate speculative execution side-channel vulnerabilities (ADV180002)"?? Pls clarify

Yes, you absolutely still need to install things based on the information in ADV180002.  No, none of those things will directly related to or reference this security advisory directly.  You will need to acquire, test, and install firmware updates to your systems to protect them from the referenced vulnerabilities.  Those firmware updates will come from your hardware vendor.  The vulnerabilities which are referenced in this advisory require several updates all through the technology stack.  In addition, you need to enable the protections offered with configuration changes to be protected.  But the operating system updates only protect against two of the three vulnerabilities.  Microcode/firmware updates are required to provide protection against the third.  That's what the advisory is attempting to spell out.

Additional caveats however... there have been problems with the updates related to these vulnerabilities.  In some cases, the 'fix' to these problems makes the computers no longer useful for the purposes they've been assigned.  
The vulnerabilities are related to techniques used at the CPU level to make everything go faster.  'Fixing' them has, in make cases required manufacturers to stop using those techniques.  Not being able to use the techniques which makes the computer run faster means that the computers will run slower.
In addition, some of the fixes have required compiler vendors to update the libraries used to build computer programs, which have required programs to be recompiled with the new libraries.  This advisory includes links to Microsoft's browser updates and SQL Server updates as well.  If you have SQL Server or a Microsoft web browser on that system, you'll also need to install updates to those, based on this advisory.  If you have any other software on that computer, you'll also need to work with the software vendor to acquire and install those updates.  The advisory also suggests keeping up to date with the latest updates and running a firewall, so the advisory is indicating that as of this time, you should have the March updates installed as well.  (However, for free, I'll mention that there are three problems with the March updates on Windows 2008 R2 which are troubling.  One relates to virtual nic drivers, if the machine is a client VM.  One is a memory leak in the SMB server.  The last is just a note which indicates that IP settings get lost after the update.  Although the advisory suggests staying up to date on patches, you may be well advised to test March carefully in your environment.)
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
I don't think that's a patch to install.  That's a guidance document you should read.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

There is a fair amount to it.  
And if you successfully installed the February updates, I assume you have a compatible antivirus program running on your system.  (Running no antivirus or a non-compatible/non-updated antivirus would also, as I understand, cause the January and February patches to not install.)
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
By the way, it would appear ADV180002 updated/changed again today.
0
 
bsarahimAuthor Commented:
Thanks all.. let me reiterate the question.still it is not clear for me..(to close the solution). I have installed the the following pacthes
Security Update for Windows (KB4056897)
2018-02 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4074598)
2018-01 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems KB4056894


and Still do I need to install anything from "Guidance to mitigate speculative execution side-channel vulnerabilities (ADV180002)"?? Pls clarify..

This is for windows server 2008 R2
0
 
bsarahimAuthor Commented:
pls answer the current comment.. after that i can close it.. thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.