ISSUE:
Description
The auditing Software Nessus/Others find Windows host is missing security update 4088880 or cumulative update 4088877 for systems which has already been patched.CVES: (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)(CVE-2018-0878)(CVE-2018-0929)(CVE-2018-0883)(CVE-2018-0881)(CVE-2018-0889, CVE-2018-0935)(CVE-2018-0811, CVE-2018-0813, CVE-2018-0814)(CVE-2018-0885)(CVE-2018-0886)(CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901, CVE-2018-0904)(CVE-2018-0868) (CVE-2018-0816, CVE-2018-0817) (CVE-2018-0888).
Cause: The issue is often caused due to the fact that not only are the systems to be patched but some values to the registry needs to be manually added.
a)SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\FeatureSettingsOverride
b) SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\FeatureSettingsOverrideMask
Solution: Please back up the registry in case you want to revert. Add the following commands in an administrative power shell.
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 8 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f
A restart is required for the changes to take effect.
Ref: KB Article 4072698
No comments:
Post a Comment