• October updates – here comes Copilot

    Here we go again with the monthly updates for Windows.

    Just a reminder that end of life for Server 2012 and 2012r2 is hitting. You can opt for 0Patch, or plan on upgrading and migration.  See resources at this page.

    Already I’ve seen a “what the?”  In the notes of this patch it has   “To protect against CVE-2023-44487, you should install the latest Windows update. Based on your use case, you can also set the limit of the RST_STREAMS per minute using the new registry keys in this update.”

    This is related to that DDOS attacks vulnerability that has been discussed.  First off for consumers, this is NOT an issue. But for those in businesses, I’m going to have to digest this a bit and see if we can get a consensus as to when and where we might want to use these settings.

    IF you plan to be part of the patch Tuesday install today crowd (which I don’t recommend but I know that we do have beta tester folks) ALWAYS insure that you have a full backup BEFORE you install updates. Remember this October updates in the Windows 11 22H2 has the copilot code. Remember we CAN remove the icon from our computers – even Windows 11 Home machines.  I’ll be keeping track of the side effects on the Master Patch List page and start recapping the issues tonight as the reports come in.

    .NET only has security updates for core 6 and 7 , all others (4.81, 3.5 etc etc) have non security updates being released.

    Exchange is getting updates today – if you still do on premises email with an Exchange server you’ll want to read this post.

    Dustin Childs Zero day initiative blog