|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Patches are just coming out. Small business guidance up first: Exchange has an update. This time I’m ignoring any guidance that might say “targeted at
[See the full post at: April Patch Tuesday out – Exchange once again]
Susan Bradley Patch Lady/Prudent patcher
AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on April 13, 2021.
There is a Security-only Update for those with Win7 ESU subscriptions.
There was no April IE11 CU for Win7.
April Rollup KB5001335 Download 32-bit or 64-bit. for those with Win7 ESU subscriptions.
You must have at least the August Servicing Stack KB4570673 previously installed to receive these updates).
The latest is the December Servicing Stack KB4592510 – Download 32-bit or 64-bit for those with Win7 ESU subscriptions.
There is a revised Licensing Preparation Package KB4575903 dated 7/29/2020 for Win7 ESU subscriptions, if you need it.
There were no new .NET updates listed for Win7. See #2357362.
There is a Time Zone Change update for The Republic of South Africa and Sudan KB4601275 for Win7 and Win8.1 if you want to install it.
There was also an SSU issued for Win8.1 kb5001403 to add to AKB2000003
SSUs are not a part of AKB000003. They do not contain telemetry. Have not been listed with Security-only patches.
And yet again there are security updates for Office 2010, for the 6th month in a row after EOL in October 2020! I am not complaining, because due to circumstances I have not been able to upgrade to a higher Office version yet.
Ghacks has detailed rundown list of April’s updates.
As usual the most recent W10 versions (Windows 10 versions 2004 and 20H2) are the “stars” with highest number of vulnerabilities :
79 vulnerabilities, 14 critical and 64 important and 1 moderate
I will try to be as little gleeful as I can.
The funny fact for me is, that below every Windows 10 build, in the list of critical vulnerabilities, there is written:
same as Windows 7
Now someone could tell me, how this is coincidence. What was the point of moving to W10? I understand that the newer build it is, the more bugs it can contain. But I cant see the “added value” here when moving from W7 to W10. I get more vulnerabilities? Thats in direct opposite of MSFT is promising, isnt it? I apologize for being such pesimist once again, but this is what comes to my mind, when I see those numbers.
I have KB5001342 and KB5001404 in my queue waiting for restart. KB2267602 for Windows Defender definition update installed already.
Win 10 1809 Enterprise here.
Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise
HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29
PRUSA i3 MK3S+
I understand that the newer build it is, the more bugs it can contain.
…
Thats in direct opposite of MSFT is promising, isnt it?
Where did Microsoft promise less bugs in Windows 10?
For example here. Link
And also if you turn the PC for the first time (OOBE).
And with every new build upgrade.
The newer build is, the more vulnerabilities are found. That does not sound too secure.
I wrote:
I get more vulnerabilities? Thats in direct opposite of MSFT is promising, isnt it?
Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise
HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29
PRUSA i3 MK3S+
Less bugs is not one of the many reasons that Windows 10 is more secure (and Microsoft never said that).
..It is important to note that since SUs are cumulative, customers who apply the April updates will also be protected against vulnerabilities reported in March. However, customers with SUs released in March are unprotected against these new security flaws. Microsoft has cautioned that unlike last time, it does not plan to release out-of-band SUs for unsupported versions of Exchange Server. There are 47 old CUs affected by this flaw and it’s not possible for Microsoft to invest effort in releasing updates for all of them. As such, it recommends updating to a current environment in order to apply the updates. Finally, the company has also noted that SUs have not been released for Exchange Server 2010 as it is unaffected by the latest vulnerabilities. You can find out more about the updates by heading over to Microsoft’s blog post here.
If you have any Pause set you will not see any updates in wushowhide.
If you have any Quality update deferral set you will not see any updates in wushowhide.
If you have hidden the updates you will not see those updates in wushowhide
If you are using any third-party update blocker you will not see any updates in wushowhide.
wushowhide uses the same Windows Update Service to search for updates that Windows Update “check for updates” uses.
Well, this is interesting. So the FBI is gonna patch exchange for us?
Not updating your critical software? The FBI might just do it for you.</p>
The FBI has begun quietly accessing hundreds of American computers hacked through Microsoft’s Exchange email program, removing malicious code that the hackers left behind.
The operation, which the Department of Justice announced Tuesday it had authorized with a warrant, highlights the severity of the Exchange vulnerability, which allowed scores of hackers to break into organizations since the beginning of the year.
The rest of the story is HERE
"War is the remedy our enemies have chosen. And I say let us give them all they want" ----- William T. Sherman
Reports on April’s W10 CU kb5001330 (2004/20H2) is causing performance drops in games and bootloops..
more info on Ghacks
Trouble around the corner regarding the Exchange security updates… failing powershell scripts in PRTG, Netapp SnapManager and other tools and failing EXCH connectivity of admin accounts end with ‘$’:
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Notifications
