Windows 7 operating system

Microsoft has released several updates for Windows 7 to fix the issues the users reported after patching Meltdown vulnerabilities. Microsoft last month released a cumulative update for Windows 7 to fix a vulnerability introduced in January’s Meltdown update. However, as the fix wasn’t entirely effective, Windows 7 KB4100480 was also released last month to make sure that devices are fully protected from CVE-2018-1038 but it appears that this update also fails to install on some devices.

It turns out that some users can’t install Windows 7 KB4100480 either. Microsoft last month explained that March updates for Windows 7 fixes vulnerability in the operating system that was discovered in the original Meltdown patch.

The software giant recently explained that if the vulnerability CVE-2018-1038 is exploited, the attacker could gain full control over a machine. “An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user right,” Microsoft said.

Microsoft acknowledged the bug a while ago and the company also pushed an update to Windows 7 last month. While nobody has managed to exploit the bug yet, the users are recommended to patch their systems as soon as possible. It is worth noting that the vulnerability is only present in Windows 7, the latest operating systems are protected.

If the report from the forums is believed to be true, some users are claiming that KB4100480 can’t be installed on some Windows 7 computers. In other words, the update is not applicable on some machines regardless of the hardware configuration. It’s likely that Microsoft is aware of the installation issues and another update with the fix is arriving soon.

The company is still rolling out the patch to all computers eligible for the update via Windows Update, although you can also download the offline installer of KB4100480 from Microsoft’s Update Catalog website.

The users on forum revealed that they experienced the installation problem on both Windows 7 and Windows Server 2008 R2 systems. While the software giant is yet to acknowledge this bug, the installation issues are most likely to be addressed next week as part of Microsoft’s April Patch Tuesday update cycle.

  • notgeorgepbudell

    This article is misleading/incorrect. The vulnerability had an exploit published in the initial disclosure, it affects both Windows 7 and Windows Server 2008, and the issue being complained about affects SOME win7 computers, not all.

    • Mayank Parmar

      > The vulnerability had an exploit published in the initial disclosure, it affects both Windows 7 and Windows Server 2008.

      Microsoft disclosed this vulnerability a little while ago, the March update fixed the issue but it wasn’t entirely effective, so KB4100480 was pushed to Windows 7 users.

      The researcher disclosed this vulnerability: https://blog.frizk.net/2018/03/total-meltdown.html?m=1

      https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038 confirms that KB4100480 must be installed to fix the vulnerability.

      My article explains that KB4100480 might fail to install on some computers.

      “If the report from the forums is believed to be true, some users are claiming that KB4100480 can’t be installed on some Windows 7 computers”.

      Correct, it affects some Windows 7 computers. Edited the article with more clarity. Thank you :)