Exchange Server elevation of privilege bug acknowledged

Remember the 0day exploit in Microsoft Exchange that we talked about two weeks ago?

As I suspected, your Exchange Server is only vulnerable to a man-in-the-middle attack. It isn’t an all-purpose attack: The miscreant has to be able to sit in the middle of an interaction with the Server.

Microsoft finally has an explanation in ADV190007 | Guidance for “PrivExchange” Elevation of Privilege Vulnerability.

A planned update is in development. If you determine that your system is at high risk then you should evaluate the proposed workaround.

The workaround is a one-line PowerShell script that @b talked about last week.

More Intel microcode updates released through the Update Catalog

I count 14 separate updates in the Microsoft Update Catalog, all of which are dated “2019-01” but released on Feb. 4. The main ones:

Win10 1809 – KB 4465065

Win10 1803 – KB 4346084

Win10 1709 – KB 4346085

and several lesser releases of the same ilk.

Of course, you shouldn’t install them, unless your company’s mentat predicts a Spectre 3a, 4, or L1TF attack that no one else has seen.

And now we know why the Win10 version 1809 updates got blocked

Last night, Microsoft officially announced the reason why its Win10 version 1809 cumulative updates were having problems. Remember the Update Servers having hiccups? Yeah, that’s the bug.

Here’s the official reason:

AskWoody Alert 16.3.2 just went out

If you’re a Plus member, you should’ve received an AskWoody Plus Alert in the past few minutes. It points you to the change to MS-DEFCON 4, and the associated Computerworld article.

(I’ve wanted to do this for years! Yipppeeee!)

Anyway, if you’re a Plus member,and you don’t get the Alert in the next hour or so, check your spam folder (make sure Editor@AskWoody.com is whitelisted). If you don’t see the email, hit me up on CustomerSupport@AskWoody.com. Our mail delivery system, MailChimp, is very cautious about messages that bounce, for whatever reason. Easier to clean out the pipes from this end….

Have a good weekend, everybody.

MS-DEFCON 4: There are a couple of niggling problems, but they’re for (ahem) edge-use cases. Go ahead and get Windows/Office patched

For almost everybody, now’s a good time to apply the January patches.

As usual, there are some tricks.

Details in Computerworld Woody on Windows.

Microsoft Patch Alert: January patches stumbled all over themselves, but they’re finally looking reasonably stable

Cold and snow have descended on Middle Tennessee. School’s out for the day. What better activity than to dissect this month’s patches?

• The usual Win10 Patch Tuesday and “optional” cumulative updates, with a surprise laggard
• Multiple problems with Win7/Server 2008 Monthly Rollups
• .NET and activation surprises
• Office 2010 takes one for the team

and more.

Details in Computerworld Woody on Windows.

Woody’s Windows Watch: Windows 10 patching improves

Hard to believe that Win10 patching will get any better, but there’s reason for hope.

Microsoft seems to be genuinely interested in delivering more reliable Win10 patches — and willing to put money and time into improving the execrable quality of the offal that’s been shoveled in the past few years.

Will the improved patching method work? Remains to be seen – and the patchers are working against an insane release cycle.

Details in AskWoody Plus Newsletter 16.3.0, now available FREE online.

Patch Watch: Green light for most patches; yellow for Win10 version 1809

Patch Lady Susan Bradley’s latest take on patching.

Out this morning to all AskWoody Plus members, in AskWoody Plus Newsletter 16.3.0, now available FREE online..