Daily Archives: May 9, 2023

  • It’s May updating time!

    It’s that time of the month that I’ll urge you to pause your updates on your Windows platforms, but review any pending updates on your Apple platforms.  Recently Apple’s “Rapid response” patches weren’t quite as “rapid” as we would all like.  In fact on my iPhone iOS 16.4.1 is still pending even though I have auto updates enabled.

    I’ll be discussing what SHOULD have occurred in Sunday’s newsletter.  In the meantime, let’s keep an eye out for this month’s Windows releases:

    49 vulnerabilities if the count here is correct

    Windows 11 22H2 has a new toggle button

    • New! This update adds a new toggle control on the Settings > Windows Update page. When you turn it on, we will prioritize your device to get the latest non-security updates and enhancements when they are available for your device. For managed devices, the toggle is disabled by default. For more information, see Get Windows updates as soon as they’re available for your device.

    As well as fixing issues in both Windows 11 22H2 and 21H2 as well as Windows 10  in the newly released Windows Local Administrator Password Solution

    • This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.

    Remember if you aren’t on Windows 10 22H2 at this time, I’ll want you to move to 22H2 as June 13, 2023 is the last time Windows 10 home and Pro 21H2 get updates. Windows 10 Enterprise and Education, Windows 10 IoT Enterprise, and Windows 10 Enterprise multi-session will still be serviced (apologies had that backwards). 20H2 is now fully out of support.

    Ugh.  There is a secure boot vulnerability that is being “fixed” with code in the May updates, but not fully implemented.  Because you need PHYSICAL access or administrative rights to install code, this is yet another of those updates that will need to be “risk” rated for additional action.  I’ll go into this more in the newsletter.