Feb 2018 Security Monthly Quality Rollup / (ADV180002) ?

HI I have updated with Feb 2018 Security Monthly Quality Rollup for windows 2008 r2 KB4074598 Using windows update

Do I need to install this below Patch?

Guidance to mitigate speculative execution side-channel vulnerabilities (ADV180002)

and also, we have tested and installed Manually the  KB4056894? Is there any thing im missing to install the   (ADV180002)? Pls suggest
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
I don't think that's a patch to install.  That's a guidance document you should read.

There is a fair amount to it.  
And if you successfully installed the February updates, I assume you have a compatible antivirus program running on your system.  (Running no antivirus or a non-compatible/non-updated antivirus would also, as I understand, cause the January and February patches to not install.)
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
By the way, it would appear ADV180002 updated/changed again today.
bsarahimAuthor Commented:
Thanks all.. let me reiterate the question.still it is not clear for me..(to close the solution). I have installed the the following pacthes
Security Update for Windows (KB4056897)
2018-02 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4074598)
2018-01 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems KB4056894

and Still do I need to install anything from "Guidance to mitigate speculative execution side-channel vulnerabilities (ADV180002)"?? Pls clarify..

This is for windows server 2008 R2
bsarahimAuthor Commented:
pls answer the current comment.. after that i can close it.. thanks
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
> Still do I need to install anything from "Guidance to mitigate speculative execution side-channel vulnerabilities (ADV180002)"?? Pls clarify

Yes, you absolutely still need to install things based on the information in ADV180002.  No, none of those things will directly related to or reference this security advisory directly.  You will need to acquire, test, and install firmware updates to your systems to protect them from the referenced vulnerabilities.  Those firmware updates will come from your hardware vendor.  The vulnerabilities which are referenced in this advisory require several updates all through the technology stack.  In addition, you need to enable the protections offered with configuration changes to be protected.  But the operating system updates only protect against two of the three vulnerabilities.  Microcode/firmware updates are required to provide protection against the third.  That's what the advisory is attempting to spell out.

Additional caveats however... there have been problems with the updates related to these vulnerabilities.  In some cases, the 'fix' to these problems makes the computers no longer useful for the purposes they've been assigned.  
The vulnerabilities are related to techniques used at the CPU level to make everything go faster.  'Fixing' them has, in make cases required manufacturers to stop using those techniques.  Not being able to use the techniques which makes the computer run faster means that the computers will run slower.
In addition, some of the fixes have required compiler vendors to update the libraries used to build computer programs, which have required programs to be recompiled with the new libraries.  This advisory includes links to Microsoft's browser updates and SQL Server updates as well.  If you have SQL Server or a Microsoft web browser on that system, you'll also need to install updates to those, based on this advisory.  If you have any other software on that computer, you'll also need to work with the software vendor to acquire and install those updates.  The advisory also suggests keeping up to date with the latest updates and running a firewall, so the advisory is indicating that as of this time, you should have the March updates installed as well.  (However, for free, I'll mention that there are three problems with the March updates on Windows 2008 R2 which are troubling.  One relates to virtual nic drivers, if the machine is a client VM.  One is a memory leak in the SMB server.  The last is just a note which indicates that IP settings get lost after the update.  Although the advisory suggests staying up to date on patches, you may be well advised to test March carefully in your environment.)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.