Threat Level: green Handler on Duty: Russ McRee

SANS ISC: Windows 7 SP1 and Windows Server 2008 R2 SP1 Being "pushed" today - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Windows 7 SP1 and Windows Server 2008 R2 SP1 Being "pushed" today

Microsoft will start pushing Service Pack 1 for Windows 7 as well as Windows Server 2008 R2 as of today [1][2]. As usual, the service pack includes a few enhancements and bug fixes in addition to security patches. If you are up to date on patches, the service pack will only add the additional features.

The service pack has been available since February 2011, but so far only as an optional download. The push to making it an automatic download was likely motivated by the upcoming expiration of the "RTM" (Released to Manufacturing) initial version of Windows 7 in April.

The service pack is also available as a stand alone patch image to update existing machines. Or existing Windows 7 users can install the service pack via Windows Update. The size of the download for Windows Update is about 70MB for Windows 7 and 100 MB for Windows Server 2008 R2.

[1] http://technet.microsoft.com/en-us/windows/gg635126.aspx
[2] http://blogs.windows.com/windows/b/bloggingwindows/archive/2013/03/18/windows-7-sp1-to-start-rolling-out-on-windows-update.aspx

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Intrusion Detection In-Depth - SANS Boston Summer 2019

Johannes

3575 Posts
ISC Handler
One wonders if South Korea's computer emergencies today were anyhow related to this...
Steven C.

171 Posts
What makes you say that Steven?
Kevin Liston

292 Posts
ISC Handler
... mostly due to the timing (2 p.m. KST = midnight in at least some parts of the US). What is the impact on corporate networks if all unmanaged/unupdated machines apply a full roll-up of patches suddenly?
Steven C.

171 Posts
Ahh, now I follow. I've seen the "it was a compromised patch server" theory and I've also seen evidence that the malware was emailed to targets. It will be interesting to see what comes of the investigations.
Kevin Liston

292 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!