Patch Tuesday: Here's what's new for Windows 7 and 8.1

Today is the second Tuesday of the month, making it Patch Tuesday. And while Windows 10 got a whole bunch of cumulative updates, older versions of the OS get updates as well, as long as they"re supported.

If you"re still on Windows 7, you"ve got about six months left of support. Those on Windows 7 SP1 or Windows Server 2008 R2 SP1 will get KB4507449 as the monthly rollup. You can manually download it here, and it contains the following fix:

  • Security updates to Windows Server, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Shell, Windows Input and Composition, and Windows Kernel.

There"s also a known issue to be aware of:

Symptom Workaround
Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.

We are presently investigating this issue with McAfee.

Guidance for McAfee customers can be found in the following McAfee support articles:


There"s also a security-only update, KB4507456, with the same fix. There"s no known issue with that one, and you can manually download it here.

If you"re on Windows 8.1 or Windows Server 2012 R2, you"ll get KB4507448 as the monthly rollup. You can manually download it here, and it contains the following fixes:

  • Addresses an issue that may cause BitLocker to go into recovery mode if BitLocker is being provisioned at the same time as updates are being installed.

  • Security updates to Windows Wireless Networking, Windows Server, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Input and Composition, Windows Kernel, and Windows App Platform and Frameworks.

There are also a few known issues to be aware of:

Symptom Workaround
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.
Microsoft is working on a resolution and will provide an update in an upcoming release.
Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.

We are presently investigating this issue with McAfee.

Guidance for McAfee customers can be found in the following McAfee support articles:

After installing this update, opening or using the Window-Eyes screen reader app may result in an error and some features may not function as expected.

Note Users who have already migrated from Window-Eyes to Freedom Scientific"s other screen reader, JAWS, should not be affected by this issue.
We are working on a resolution and will provide an update in an upcoming release.


The security-only update is KB4507457, and you can manually download it here. It only contains the security updates shown on the changelog, and only the first known issue.

As usual, the monthly rollups are available through Windows Update, but if you want the security-only update instead, you"ll need to install it manually.

Report a problem with article
Next Article

Edge Dev build 77.0.211.2 adds Read Aloud in PDFs and a bunch more features

Previous Article

Microsoft releases ISOs for Windows 10 build 18932