• March patching madness begins

    EDIT 3/10/2021:  We are seeing issues with printing after the March updates. Ghacks reports BSODs are  being triggered after printing. It’s unclear if it’s all of the March operating system updates or just the Windows 10 versions.  The Windows 10 updates include this fix:

    Addresses an elevation of privilege security vulnerability documented in CVE-2021-1640 related to print jobs submitted to “FILE:” ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.

    Note it appears that Microsoft has pulled the updates from Windows update but NOT from WSUS or the catalog site.

    It’s that time of the month that I take a quick look at the patches that are released to see if there are any that I think we need to quickly act on. I used to joke that there were times that I would slam my Mountain Dew can on my desk and run screaming to the server to patch. These days I can just take remote control of systems and patch remotely.

    Nothing in the March security updates (besides the Exchange ones released last week) is causing me to want to urge you to go running to your machines and patch at this time. That said if I change my mind I will let you know.  A full “Askwoody-ized” analysis of the updates will be in the Plus newsletter. Until then if you are a small business running an on premises Microsoft Exchange email server, you can use this site to check to see if you are vulnerable.

    For those of you that want a bit of early reading here are various sites that I turn to:

    Zero Day blog

    Ghacks blog


    Security week


    Remember for those of you that don’t want to read, just stay tuned and we’ll do the research and reading on your behalf and will let you know of any side effects we spot.