• Patch Lady – out of band coming?

    Posted on September 24, 2019 at 11:11 CDT by Comment in the Forums

    Microsoft apparently has informed it’s Enterprise customers that the out of band Internet Explorer update will be on Microsoft update and WSUS today.  (thank you Microsoft for making me feel that you only care about Enterprises and do not inform the masses of your decisions on security).

    One thing I keep seeing said over and over again is “Oh if you don’t use IE don’t worry”.

    Uh, not so fast.  In the Security bulletin info “In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.

    Code can be used to specifically call one browser versus another.  Case in point, I may not have IE as my default but QuickBooks still uses it under the hood.  So the idea that you are safe just because you don’t use X… when these days MOST of our attacks are phishing/email based attacks is just not wise.

    I’m still waiting to see if the Surface RT devices will get their browser patch fix.  They have few options, are still broken, the September patch is still being pushed to them, and no one from Microsoft is giving an eta for a fix.

    Susan update:  The out of bands are included in the optional preview updates.  That’s not “out of band” in my book.  The Surface RT devices did get their fix.

    Enterprise, Windows Patches/Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.