14 DAY TRIAL // Microsoft rolled out Windows 7 SP1 and Windows Server 2008 R2 update KB4100480 in late March in order to address a vulnerability that was discovered in the original Meltdown patch shipped in January, but it turns out some customers can’t install it either.
KB4100480 resolved an elevation of privilege vulnerability in the said operating systems, but there are reports right now claiming that this update can’t be installed on a number of computers, leaving them vulnerable to the bug.
First of all, a report from The Reg indicates that KB4100480 is being listed as “not applicable” on some Windows 7 machines, despite the update clearly being compatible with these computers.
“The problem is that they're showing as 'not applicable' for all but 4 of my 120 win7 x64 machines,” one system administrator has been cited as saying by the said source. “So even though I've approved the update, it's not getting applied to the machines that need it, because the 'update needed' detection appears to be buggy.”
April 2018 Patch Tuesday kicking off next week
Similar complaints have been posted on AskWoody where customers complain of the same problem experienced on both Windows 7 and Windows Server 2008 R2 systems.
“We’re seeing similar issues with out WSUS environment. Of approximately 200 Win2008R2 systems all of which have installed more than at least one of the qualifying Jan-Mar updates only 18 are showing that KB4100480 is applicable. On top of that, since we do utilize WSUS, nearly all of those 200 systems are patched identically. And there is a similar story with the Win7x64 systems,” one such comment reads.
For the time being, however, Microsoft is yet to acknowledge the problems, though it’s worth knowing that a new round of security updates is projected to be published next week as part of the monthly Patch Tuesday cycle. Microsoft could give another try at fixing the found vulnerability with the monthly rollups shipped to Windows 7.