Newsletter Archives

  • November 2024 patch listing

    Posted on November 13, 2024 at 23:46 CST by Comment in the Forums

    I’ve updated the master patch list here.  Remember I do not recommend that you install 24H2 at this time.

    So far, I’m not seeing anything trending for consumers, but it’s too early right now.  Seeing possible issues with the latest Chrome updates so be aware that whatever issues you are seeing MAY be browser related, not operating system related. For now, I’ll urge you to potentially use another browser as a test and to hold off on Microsoft updates.

    As always, thank you all for supporting the cause! Remember we use the “name your price” model where you can choose how much you will pay for  a membership . Plus membership gives you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.

    More details about these updates in Monday’s newsletter.  You are missing out if you don’t sign up. All content is human made with our own blood, sweat, tears, fingers and brain power and 100% AI free.  Therefore, if I’ve fat fingered any KB numbers or if you have any questions, as always post in the forums and I’ll follow up!

    For those that patch Exchange, the Exchange update has been pulled.

    Windows Security ,

  • November 2024 updates out

    Posted on November 12, 2024 at 12:21 CST by Comment in the Forums

    It’s that time again where we look around at all the vendors releasing updates and decide if we want to slurp them down now, or sit on the sidelines and review our options.  You know my philosophy – I test first, review for issues and decide at a later date if it’s time to install updates. While I recommend installing browser updates as soon as you can – and having multiple browsers installed, I do not recommend installing operating system updates immediately.

    24H2 is still a work in progress….

    [Task Manager (known issue)] Fixed: The count for the number of groups is wrong or always zero (0) on the Processes tab. This occurs when you turn on “Group by type.”

    [Windows Subsystem for Linux (WSL)] Fixed: You cannot access your Dev Drive.

    [Internet connection] Fixed: A small number of devices cannot connect to the internet. This occurs when a DHCP server response has duplicate DHCP options. This stops IPv4 connections on certain networks.

    I’m still recommending Windows 10 22H2 and Windows 11 23H2.

    Full listing of updates by CVEs and I’ll have the Excel spreadsheet either later tonight or tomorrow

    More as we know it… and now we start testing….

    Windows Security

  • Servers getting upgraded to 2025?

    Posted on November 5, 2024 at 17:43 CST by Comment in the Forums

    Be aware, I’m seeing reports on reddit here and here that KB5044284 is being offered up to Server 2019, 2022 and is upgrading them to Server 2025.

    As noted in the post:

    “Andrei from Heimdal here, man, I’m really sorry for the havoc that was created with this update, our team (thanks for raising this with them – I have a feeling you were the first to bring it up to our Customer Success team) managed to pinpoint this and blocked this update across all server policies to avoid any further upgrades from 2022 to 2025

    I also notice another point in the chat where you’re asking how to apply a granular approach to updates – if you’d like, we can set a call up tomorrow and we can look at this one together.

    Here’s the official com. that just went out a while ago:
    On 5th Nov 12.16UTC, Heimdal was notified by a customer about unexpected upgrades related to Windows Server 2025 in their environment. Due to the limited initial footprint, identifying the root cause took some time. By 18:05 UTC, we traced the issue to the Windows Update API, where Microsoft had mistakenly labelled the Windows Server 2025 upgrade as KB5044284.

    Our Analysis and Fix:
    Our team discovered this discrepancy in our patching repository, as the GUID for the Windows Server 2025 upgrade does not match the usual entries for KB5044284 associated with Windows 11. This appears to be an error on Microsoft’s side, affecting both the speed of release and the classification of the update. After cross-checking with Microsoft’s KB repository, we confirmed that the KB number indeed references Windows 11, not Windows Server 2025.

    Currently, we can see that approximately 7% of our customers have been impacted by this upgrade. To prevent further unintended upgrades, we have immediately blocked KB5044284 across all server group policies.”

    If you don’t have a patching tool, use one of the www.blockapatch.com tools to block that patch.  The good news is that inplace upgrades are supported on Server 2012r2 and higher.  The bad news is that you may not WANT to have upgraded to Server 2025 and now be in an unlicensed state.

    Windows Security ,

  • Patch List for June 11, 2024

    Posted on June 13, 2024 at 09:13 CDT by Comment in the Forums

    We’re still in testing mode for this month’s updates.

    In my early consumer testing I’m not seeing anything…. yet.

    For business patchers I have some long term patching changes that I’ve listed on the Master Patch page.

    As always, thank you all for supporting the cause! Remember we use the “name your price” model where you can choose how much you will pay for  a membership . Plus membership gives you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.  More details in Monday’s newsletter.  You are missing out if you don’t sign up. All content is human made with our own blood, sweat, tears, fingers and brain power and 100% AI free.  Therefore, if I’ve fat fingered any KB numbers or if you have any questions, as always post in the forums and I’ll follow up!

    Windows Security ,

  • June releases bring dribbles

    Posted on June 11, 2024 at 12:15 CDT by Comment in the Forums

    June updates are out and Microsoft is once again dribbling out changes.  I’ve detailed many of the expected changes here. Meanwhile Apple announced Private Cloud Compute at the same time jumping on the AI bandwagon. Apple will be releasing their software later on this year.

    In the meantime here is what is on deck from Microsoft:

    KB5039211 for Windows 10 22H2 – adds new snipping tool feature.

    KB5039212 for Windows 11 23H2 – fixes an issue introduced in the preview update that caused a glitchy taskbar

    Dustin Childs breaks down the vulnerabilities here.

    Side effects:

    If you use authlite to provide two factor for active directory:

    The just-released 2024-06 Cumulative Update will make Domain Controllers stop calling the AuthLite module, thus breaking the authentication of all AuthLite Users. Please hold off installing this update, or log in with a 1-factor break-glass/emergency account to roll it back.  We are urgently investigating what this update has changed to cause the issue, and so far suspect it is probably a mistake .  See the knowledge base section of our site for more information as we learn more.

    Affected OS and KBs:

    • Server 2022 (KB5039227) domain controllers only
    • Server 2019 (KB5039217) domain controllers only
    • Server 2016 (KB5039214) we are not sure yet if 2016 DCs are affected, but please assume so and hold off the update.

    Update to a new version to fix the issue

    Windows Security

  • Patch List for May 14, 2024

    Posted on May 16, 2024 at 15:16 CDT by Comment in the Forums

    We’re still in testing mode for this month’s updates. So far there has been an acknowledged deployment issue whereby Windows Server 2019/KB5037765 may fail with error code 0x800f0982 when you have multi-language packs installed and do not have en-us language pack support installed. Microsoft is investigating.

    Microsoft is rolling out the lock screen ‘widgets’ on Windows 11 and I will have all the info in Monday’s newsletter on how to block them.  Personally, I think they are silly and a waste of coding time.  I’m not THAT into sports to want NBA results on my screen thank you very much.

    This week I’ll want you to pay attention to Apple updates and browsers. In the meantime for business patchers I have some long term patching changes that I’ve listed on the Master Patch page.

    As always, thank you all for supporting the cause! Remember we use the “name your price” model where you can choose how much you will pay for  a membership . Plus membership gives you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.  More details in Monday’s newsletter.  You are missing out if you don’t sign up. All content is human made with our own blood, sweat, tears, fingers and brain power and 100% AI free.  Therefore, if I’ve fat fingered any KB numbers or if you have any questions, as always post in the forums and I’ll follow up!

    Windows Security ,

  • May updates for Apple and Microsoft

    Posted on May 14, 2024 at 12:14 CDT by Comment in the Forums

    Yesterday Apple released several updates for Safari, iOS 17.5, iOS 16.7.8, Sonoma 14.5. Ventura 13.6.7, Monterey 12.7.5, WatchOS 10.5, tvOS17.5.  On May 8, they also released iTunes 12.13.2 for Windows.  Apple has backported a fix for CVE-2024-23296, a critical security flaw in the RTKit real-time operating system, to older iOS, iPadOS, and macOS versions. The #vulnerability allows attackers to bypass kernel memory protections.  The updates include anti-tracking feature.

    Remember – now is not the time to be installing Windows updates.  Before I’d install Apple updates, ensure you have a backup.

    May updates for Windows 11  and Windows 10 do include a fix for the corporate vpn bug – This update addresses a known issue that might cause your VPN connection to fail. This occurs after you install the update dated April 9, 2024, or later.

    Note that there are .NET updates released but at this time it doesn’t appear there are new security components in the releases (for example). Thus I’ll be monitoring for issues but may not end up recommending installation as they are in my “skip it” category.

    .NET 6 does NOT have a new security fix (the KB is wrong) – KB5038350

    .NET 7 and .NET 8 have the security fixes see KB5038351 and KB5038352

    If you are patching servers, the May updates include the fixes for the NTLM authentication traffic.

    For consumers, remember this is the time to ensure your backups are working and properly running. We now wait to see for side effects and test patches on spare machines.

    Links for information — Zeroday blog from Dustin Childs

    Windows Security

  • Patch listing updated for April 9, 2024

    Posted on April 13, 2024 at 16:28 CDT by Comment in the Forums

    Between the last of tax season and trying to track down a definitive listing of SQL updates, I finally (I think) was able to track down all of the updates being released for the Microsoft platform.

    But remember, the master patch list doesn’t just focus on Windows, I’ve also included the various browsers, Apple products and even Chromebooks.

    One thing I don’t want to tackle at this time is a listing of the various routers, firmware, NAS devices, let alone televisions that need attention.

    Case in point:

    Dlink NAS devices have a vulnerability in their older devices, ensure they are not exposed to the web. LG TVs can be hacked to get root.  Finally Microsoft starts testing ads to both advertise Windows 11 on a Windows 10 computer, as well as ads in the start screen (which fortunately can be controlled with the suggesions/recommendations setting).  Ah what fun. As usual, I’ll be gathering together the registry settings and toggle buttons should this get to the released versions. Right now it’s ONLY in the insider releases where they are testing to see what we think of it. Trust me, WE (yes I’ll use the royal WE) don’t like it.

    I’ve updated the Master Patch list for the April updates.  I’ll be updating the page for any known issues or issues that we are tracking.   Windows 10 and KB5034441 which fails to install with error code 0x80070643.  I’m sounding like a broken record on this …. it STILL has not been fixed. I think Microsoft has given up and considered this “un-automatically-patchable” and have left it to us to deal.  We deal with it by hiding it as it’s not a risk to consumers.

    Finally, if you’ve emailed the customersupport alias in the last week, I will getting back to you this week. This was our first “normal” tax season in about three years  – no delays for the pandemic or floods in California so April 15 was the normal due date this year. 

    Windows Security ,
  • « Older Entries
    Newer Entries »
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.