• Patch Tuesday update: Confusion over the number of 0days and many reports of failed installs

    So far, Patch Tuesday looks pretty stable. Of course, it’s much too early to tell if there are lesser goblins in the mix.

    The main point of contention early Wednesday morning is whether we have three or four “exploited” patches – whether Microsoft had marked three or four patches as zero-days (“Exploited: Yes”). Brian Krebs has a good, and accurate, explanation:

    Many security news sites are reporting that Microsoft addressed a total of four zero-day flaws this month, but it appears the advisory for a critical Internet Explorer flaw (CVE-2020-0968) has been revised to indicate Microsoft has not yet received reports of it being used in active attacks. However, the advisory says this IE bug is likely to be exploited soon.

    As best I can tell, that advisory has always said CVE-2020-0968 is not a zero-day. So it appears as if some security sites are working from outdated information, possibly fed to them by MS.

    The only problem I’m seeing at this early date involves installation errors 0x80070008 , 0x800f0985, 0x800f0986, and 0x800f081f. Those are all pretty common. Usually retrying the installation clears up the error. But it always amazes me when people freak out because a Patch Tuesday patch doesn’t install. Given that there are no pressing security holes this month, you should be glad that the installer didn’t work.

    It’s not a bug, it’s a feature.

    At some point you’ll want to install the Patch Tuesday patches, but for now, sit tight.

    And for those of you who were wondering, nope, there’s no MSRT this month. See the updated text for KB 890830, the Microsoft Malicious Software Removal Tool.