Newsletter Archives

• Avira says it has fixed the slowdown problem associated with the April Win7/8.1 patches; Microsoft still hasn’t acknowledged it

  Posted on May 1, 2019 at 09:58 CDT by woody • Comment in the Forums

  Avira has updated its very short response to the six dirty patches/five broken AVs problem. Their KB 1976 now says:

  We have looked into the issue that you described, where the system slows down after a Windows update, and have found a way to fix it.

  We have recently released an update that should fix this issue. Your Avira Product will be automatically updated, and you don’t have to do anything else in the product.

  Oddly, the Avira article goes on to list three conflicting patches:

  • Windows 10: KB4493509
  • Windows 7: KB4493472, KB4493448

  whereas Microsoft lists Avira conflicts as part of the known issues for nine different patches — all of the Win7 and Server 2008 R2 / Win8.1 and Server 2012 R2 / Server 2012 Monthly Rollup and Security-only patches (those are the original six), along with the Monthly Rollup Previews, now, for each of those versions.

  Microsoft still says:

  Microsoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed. We are presently investigating this issue with Avira and will provide an update when available.

  Also remarkably, Avira singled out the original March Win10 1809 cumulative update KB 4493509, where Microsoft has never acknowledged that bug. Even the fancy new Windows 10 Release Information Status page is mum.

  Not sure whom to believe? Yeah, me neither.

  Thx Bogdan Popa, Softpedia.

  Windows Patches/Security Avira, March 2019 Black Tuesday

• MS-DEFCON 4: It’s time to get Windows and Office patched

  Posted on April 2, 2019 at 07:02 CDT by woody • Comment in the Forums

  There’s only one patch you should studiously avoid this month — Win7’s KB 4493132, the “Get Windows 10” nag patch.

  Other than that, the sailing’s clear.

  Perhaps surprisingly, I’m moving my Win10 production machines to version 1809. Not because of the feature improvements, which are minimal at best, but because it adds six months to the amount of time I can delay 1903.

  Step-by-step details in Computerworld Woody on Windows.

  Windows Patches/Security March 2019 Black Tuesday, MS-DEFCON 4

• Where we stand with the March 2019 patches

  Posted on April 1, 2019 at 16:41 CDT by woody • Comment in the Forums

  Looks pretty good, but there are some oddities.

  Details in Computerworld Woody on Windows.

  Windows Patches/Security March 2019 Black Tuesday

• Dell’s Encryption Console gets clobbered by this month’s Patch Tuesday Win10, 8.1, 7 patches

  Posted on March 22, 2019 at 11:13 CDT by woody • Comment in the Forums

  Yesterday, Dell confirmed that

  Dell Encryption’s Local Management Console may fail to display information and the activation status may read “_UNMNGD_” after installing the March 2019 Cumulative Update. This affects all current versions of Microsoft Windows and Dell Encryption.

  Dell says the problem crops up after installing the Patch Tuesday Cumulative Updates for Win10 1809, 1803, 1709, 1703, or Server 2016, or the Monthly Rollups or Security-Only patches for Win7 or 8.1.

  Clean sweep.

  The solution?

  Update to Dell Encryption 10.2.1 or later, which can be found at: https://www.dell.com/support/home/us/en/19/drivers/driversdetails?driverid=3wtc7.

  To resolve this issue on versions prior to Dell Encryption 10.2.1, remove the March 2019 Cumulative Update.

  (“Cumulative Update” in this case means the first monthly Cumulative Update for Win10, or the Monthly Rollup or Security-Only patch for Win7 or 8.1. Not sure what to do if you’ve already installed the second monthly Cumulative Update for Win10 1803, 1709 or Server 2016.)

  Win10 installations with earlier versions of Dell Encryption also have to manually block the update from re-appearing using wushowhide.

  Thx @Kirsty

  Windows Patches/Security Dell Encryption, March 2019 Black Tuesday

• Proof of concept code published for one of this month’s Win7 zero-days

  Posted on March 14, 2019 at 15:10 CDT by woody • Comment in the Forums

  Catalin Cimpanu reports on ZDNet that the Chinese giant Qihoo 360 Core has published proof of concept code for the Win7 zero day identified as CVE-2019-0808. That’s the zero-day that prompted Google to patch Chrome last week, with a dire warning that you needed to get Chrome caught up on patches.

  That isn’t good news for Win7 users.

  I’ll be watching closely to see if the new proof of concept code makes its way into a credible threat for you Win7 customers.

  Stay tuned.

  Windows Patches/Security CVE-2019-0808, March 2019 Black Tuesday, Qihoo

• New bug reported with all of this month’s Windows patches

  Posted on March 13, 2019 at 21:22 CDT by woody • Comment in the Forums

  In the past hour or so, Microsoft has acknowledged a new bug in the latest cumulative update of every version of Windows 10, and in the Monthly Rollups for Win7 and 8.1. (Security-only patches for Win7 and 8.1 appear to be unaffected.

  Symptom:

  After installing this security update, Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.

  Workaround:

  Right-click the URL link to open it in a new window or tab.

  Microsoft is working on a resolution and will provide an update in an upcoming release.

  I don’t have any details as yet, but it sounds like avoiding IE is your best bet.

  Thx, Patch Lady!

   

  Windows Patches/Security March 2019 Black Tuesday

• Details emerging on the March 2019 Patch Tuesday trove

  Posted on March 13, 2019 at 08:01 CDT by woody • Comment in the Forums

  By and large this month’s patches — so far — aren’t much to be concerned about, unless you’re worried about attacks from nation states.

  Chrome has already been patched on your machine (trust me), so the major Win7 attack vector is sealed.

  The Win10 1809 patch fixes the “crazy” performance hit on some games, but it has a strange bug that knocks out audio in weird circumstances. That bug was introduced by the 1809 patch on March 1.

  There’s confusion over two different Win7 patches that are needed to implement SHA-2 security in July, but @DrBonzo and @PKCano have figured it out.

  And Office doesn’t get much respect. Or disruption.

  Of course, you shouldn’t install any of it until we hear from the cannon fodder. We’re still at MS-DEFCON 2.

  Details in Computerworld Woody on Windows.

  Office Patches/Security, Windows Patches/Security KB 4474419, KB 4489899, KB 4490628, March 2019 Black Tuesday

• March 2019 Patch Tuesday patches

  Posted on March 12, 2019 at 12:10 CDT by woody • Comment in the Forums

  They’re starting to roll in.

  Martin Brinkmann has a full roundup on ghacks.net:

  • Windows 7: 21 vulnerabilities of which 3 are rated critical and 18 are rated important.
  • Windows 8.1: 20 vulnerabilities of which 3 are rated critical and 17 are rated important.
  • Windows 10 version 1703:  24 vulnerabilities of which 2 are critical and 22 are important
  • Windows 10 version 1709: 28 vulnerabilities of which 2 are critical and 26 are important
  • Windows 10 version 1803: 33 vulnerabilities of which 6 are critical and 27 are important
  • Windows 10 version 1809: 33 vulnerabilities of which 6 are critical and 27 are important

  The Microsoft Update Catalog lists 124 individual patches.

  Dustin Childs has his usual thorough review on the ZDI blog:

  security patches for 64 CVEs [ = separately identified security holes ] along with four advisories… Four of these bugs are listed as public and two are listed as being under active attack at the time of release.

  The two that are under active attack (which is to say, the two 0days) are both rated “Important” which, as many of you know, means they aren’t really all that important. They’re “elevation of privilege” attacks — a miscreant has to be in your system already before they can leverage one of these two attacks to move themselves up to admin level.

  The list of Win10 patches is up on Reddit.

  Win10 1809 – It looks like the “crazy” performance drop in games, including Destiny 2, has been fixed.

  There’s a Servicing Stack Update for Windows 7 that’s related to the SHA-2 “critical update” we’ve been expecting since November. No idea if this is the whole fix, or if it’s just a part of enabling SHA-2 encryption for Win7 patches. As noted in the earlier article, you need to get this Servicing Stack Update in order to install any Win7 patches after July. Thx @EP, @Crysta.

  6 new Office security patches, to add to the 28 non-security patches from earlier this month. Two new versions of Office Click-toRun: 15.0.5119.1000 for Office 2013; 14.0.7230.5000 for Office 2010.

  I don’t see anything screaming to be patched at this moment. More as the day wears on.

  Windows Patches/Security March 2019 Black Tuesday
• « Older Entries