Microsoft today issued Vulnerability-related.PatchVulnerability an emergency security update to correct Vulnerability-related.PatchVulnerability a security update it issued Vulnerability-related.PatchVulnerability earlier this month to correct Vulnerability-related.PatchVulnerability a security update it issued Vulnerability-related.PatchVulnerability in January and February . In January and February , Redmond emitted Vulnerability-related.PatchVulnerability fixes for Windows 7 and Server 2008 R2 machines to counter Vulnerability-related.PatchVulnerability the Meltdown chip-level vulnerability in modern Intel x64 processors . Unfortunately , those patches blew Vulnerability-related.PatchVulnerability a gaping hole in the operating systems : normal applications and logged-in users could now access and modify any part of physical RAM , and gain complete control over a box , with the updates installed . Rather than stop programs and non-administrators from exploiting Meltdown to extract Attack.Databreach passwords and other secrets from protected kernel memory , the fixes on Windows 7 and Server 2008 R2 instead granted full read-write privileges to system RAM . Roll on March , and Microsoft pushed out Vulnerability-related.PatchVulnerability fixes on Patch Tuesday to correct Vulnerability-related.PatchVulnerability those January and February updates to close Vulnerability-related.PatchVulnerability the security vulnerability it accidentally opened . Except that March update did n't fully seal Vulnerability-related.PatchVulnerability the deal : the bug remained in Vulnerability-related.DiscoverVulnerability the kernel , and was exploitable by malicious software and users . Total Meltdown Now , if you 're using Windows 7 or Server 2008 R2 and have applied Vulnerability-related.PatchVulnerability Microsoft 's Meltdown patches , you 'll want to grab and install Vulnerability-related.PatchVulnerability today 's out-of-band update for CVE-2018-1038 . Swedish researcher Ulf Frisk discovered Vulnerability-related.DiscoverVulnerability the January and February Meltdown mitigations for Win7 and Server 2008 R2 were broken , and went public Vulnerability-related.DiscoverVulnerability with his findings once the March Patch Tuesday had kicked off . As it turns out , this month 's updates did not fully fix Vulnerability-related.PatchVulnerability things , and Microsoft has had to scramble to remedy Vulnerability-related.PatchVulnerability what was now a zero-day vulnerability in Windows 7 and Server 2008 . In other words , Microsoft has just had to put out Vulnerability-related.PatchVulnerability a patch for a patch for a patch . Hardly inspiring stuff , but we suppose the old Microsoft adage remains true – never trust a Redmond product until version three at the earliest . On the other hand , writing kernel-level memory management code is an absolute bastard at times , so you have to afford the devs some sympathy .