We're community supported and proud of it!
|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
Back to School, Back to patching
Posted on September 20th, 2021 at 02:39 Comment on the AskWoody LoungePATCH WATCH
By Susan Bradley
September is the month for in-the-wild patching.
September is a month of change. From going back to school here in the United States to seasons changing all over the world, one thing remains constant: we have to patch. No matter what technology we have or use, it seems like this month, we’re patching it.
From Apple devices that are getting a fix for the targeted attack that allowed journalists to be spied upon, to Chrome’s several vulnerabilities that have already been used in targeted attacks, to Microsoft’s ActiveX and Office bugs that have already been seen in active attacks, you will probably be patching sooner versus later.
Read the full story in the AskWoody Plus Newsletter 18.36.0 (2021-09-20).
-
PrintNightmare still a nightmare for patchers
Posted on September 13th, 2021 at 02:41 Comment on the AskWoody LoungePATCH WATCH
By Susan Bradley
As we start to ready ourselves for the September updates, we’re still haunted by the PrintNightmare issues from the August updates.
The good news for home users and consumers is that we haven’t seen the August updates triggering side effects with printers. For business users, there are still issues requiring vigilance.
Read the full story in the AskWoody Plus Newsletter 18.35.0 (2021-09-13).
-
MS-DEFCON 2: September – here we go again
Posted on September 9th, 2021 at 02:45 Comment on the AskWoody Lounge
ISSUE 18.35.1 • 2021-09-09 
By Susan Bradley
It’s time to start getting ready for Windows 11.
The countdown is on to the release of Windows 11 on October 5, and it’s the time of the month when I urge you to take actions to ensure you are ready to install updates when you want to.
The security updates this month begin the process of introducing group policy settings to control Windows 11, as well as Intune policy settings. But never fear — we will provide you all the information you need to either avoid or embrace Windows 11, as you see fit.
Consumer and home usersFirst, and as I always recommend when we get close to the second Tuesday of the month (now infamously known as Patch Tuesday), make sure that your backup is working properly. Open whatever backup software you use, and review the log of recent actions to confirm that the backup is running and backing up as it should. At a minimum, browse your backup location to see whether the file dates in that location are recent.
Next, decide what type of patcher you are. If you have spare machines and know you have a solid backup, you could actually be in the patcher category “Extreme” — because you let Windows install updates on its own terms and you simply review for side effects afterward. There are quite a few AskWoody Plus members who do exactly this, because they know that a good backup allows them to recover from updates, just as it protects them from ransomware.
The next patcher category is “Deferral.” Go into Start, Settings, Update & Security, Advanced options and choose September 28 as your deferral date, the date when you allow Windows to do its thing.
Next? “Cautious.” For this group, I recommend the use of WUMgr to control updates. You can review how to use this tool in the forums.
Business usersI predict that I’ll be urging business patchers to install updates no later than September 21, 2021. For now, I don’t anticipate that Microsoft will be providing solutions to the mess that they introduced with the PrintNightmare patches, so we’re still going to have to deal with the fallout and side effects of the August updates. I’ll be recapping these known issues in the September 13 AskWoody Plus newsletter.
We’re soon going to be adding the ability to get text alerts sent to you when the AskWoody MS-DEFCON level changes. You can follow the alert account on Twitter now, but soon you can sign up for text alerts as well. You’ll need to be an AskWoody Plus member in order to receive texts to your phone when we send out alerts; look for more information soon.
Read the full story in the AskWoody Plus Alert 18.34.1 (2021-09-09).
-
Is it safe to print again?
Posted on August 16th, 2021 at 02:41 Comment on the AskWoody LoungePATCH WATCH
By Susan Bradley
Is Print Nightmare finally fixed?
The August updates are out and finally include a fix for the fix for the earlier fix for Print Spooler issues that allow attackers to take control of your system via rights elevation. While the good news is that we finally have a fix for the current Print Spooler issue, I’m seeing in various tweets that an issue still exists. If you want SYSTEM (beyond admin) rights on any supported version of Windows, there is a way to use a remote/cloud malicious print driver to get them.
Read the full story in the AskWoody Plus Newsletter 18.31.0 (2021-08-16).
-
Why don’t we patch?
Posted on August 9th, 2021 at 02:41 Comment on the AskWoody LoungePATCH WATCH
By Susan Bradley
The vast majority of 2020 and 2021 attacks were not from zero days, but rather were old vulnerabilities for which patches had been released months, or even years, ago.
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) released a document about the top attacks in 2020 and those so far in 2021. Interestingly, many of these vulnerabilities used in attacks are not Microsoft-based but are vulnerabilities in tools we use to access networks.
Read the full story in the AskWoody Plus Newsletter 18.30.0 (2021-08-09).
-
MS-DEFCON 4: July updates should be installed
Posted on July 27th, 2021 at 01:00 Comment on the AskWoody LoungeISSUE 18.28.1 • 2021-07-27 PATCH WATCH
By Susan Bradley
July patches have been well behaved.
Consumer and home users
If you’ve used the “pause updates” methodology, now is the time to install the July updates. I’ve not seen any major printing issues introduced with these July updates. However, I still recommend that you keep the Print Spooler service disabled. If you do print, consider turning the spooler off and then back on when you need it. Microsoft fixed the issue with the Print Nightmare bug, but another Print Spooler bug has yet to be fixed and is slated to be discussed at the annual security conference in Las Vegas, better known as the Black Hat Conference.
For Office updates, open up any installed Office application, click on File, then on Account, then on Office Updates and choose to enable updates. Then click on Update Now to trigger the installation of the updates.
Business users
For business users, Microsoft has described only one side effect with printers and the July updates. Printers that rely on smart-card (PIV) authentication may fail to print after the installation of the July patches. This is not a widespread problem, and there is no reason to delay installation of the patches.
References
- AskWoody Master Patch List
Read the full story in the AskWoody Plus Alert 18.28.1 (2021-07-27).
-
Windows 10 more vulnerable?
Posted on July 19th, 2021 at 02:45 Comment on the AskWoody Lounge
ISSUE 18.27 • 2021-07-19 PATCH WATCH
By Susan Bradley
Every month brings the usual suspects — zero-day vulnerabilities, remote code execution, denial of service attacks, plus the odd Defender bug here and there.
But as we count up the vulnerabilities, there is a disturbing trend. If you go by head counts of the bugs in each version, Windows 10 has more bugs this month than Windows 7.
Read the full story in the AskWoody Plus Newsletter 18.27.0 (2021-07-19).
This story also appears in the AskWoody Free Newsletter 18.27.F (2021-07-19). -
MS-DEFCON 2 – To patch or not to patch
Posted on July 12th, 2021 at 02:41 Comment on the AskWoody LoungePATCH WATCH
By Susan Bradley
Out of band for Print Nightmare
Microsoft dropped an “out of band” patch for a zero-day vulnerability. Named “Print Nightmare” by the media, the vulnerability presents the most risk for Domain controllers in Active Directory domains. If you are an IT consultant or managed-service provider — and aren’t already dealing with ransomware due to the MSP tool Kaseya having been turned into a ransomware dropper for some clients — action is called for.
Read the full story in the AskWoody Plus Newsletter 18.26.0 (2021-07-12).
-
MS-DEFCON 2: Print Nightmare causes printing nightmares
Posted on July 7th, 2021 at 19:20 Comment on the AskWoody LoungeISSUE 18.25.1 • 2021-07-07 PATCH WATCH
By Susan Bradley
Microsoft has released an emergency update for a Print Spooler vulnerability.
Consumer and home users
Microsoft has released an out of band update for a recent vulnerability that is being referred to as “Print Nightmare.”
Zebra Label printers have been impacted by this out-of-band patch. The only remedy is to uninstall the update. Because I don’t see active attacks on home users at this time, I recommend that you hold off installing this update. In fact, I’ll probably wait until the July updates come out next week before encouraging you to install any patches. Next week’s updates will include these fixes; there is no urgent need to install them right now.
Business users
For businesses with Active Directory, disable the print spooler service on your domain controllers.
It only impacts “clean up jobs” for printing artifacts and I suggest keeping this service disabled going forward. Reports suggest that the patch does not fully provide all protections for networks, so it’s best to keep print spoolers disabled in the short term. More testing and evaluation is required.
References
- AskWoody Master Patch List
Read the full story in the AskWoody Plus Newsletter 18.25.1 (2021-07-07).
-
The confusion of .NET
Posted on June 28th, 2021 at 02:40 Comment on the AskWoody LoungePATCH WATCH
By Susan Bradley
Recently I’ve noticed that some folks are getting a bit confused about my recommendations regarding .NET updates.
If you are a regular follower of my Master Patch Lists, you know that I don’t always recommend installing .NET updates right away, in the months they are released. Why? Because I’m trying to encourage the “business-style” of patching, in which you focus only on the offered security updates and skip the non-security fixes. By configuring your systems this way, the automatic patching process approves and installs only the security-related patches, not the quality fixes.
Read the full story in the AskWoody Plus Newsletter 18.24.0 (2021-06-28).
-
Targeted zero-day vulnerabilities; will more attacks be seen soon?
Posted on June 14th, 2021 at 02:42 Comment on the AskWoody LoungePATCH WATCH
By Susan Bradley
Solutions for six exploited vulnerabilities are included in this month’s patch releases.
Months like these always leave me in a quandary. Sometimes fixes appear before anyone in the wild has been affected, but sometimes there are users who have been impacted. Should I urge everyone to immediately patch without testing? Or should I keep with my tried-and-true recommendations — don’t panic, and wait to ensure there are no side effects with these updates.
Read the full story in the AskWoody Plus Newsletter 18.22.0 (2021-06-14).
-
BSODs point to driver issues with feature releases
Posted on June 7th, 2021 at 02:40 Comment on the AskWoody LoungePATCH WATCH
By Susan Bradley
Sometimes a BSOD is trying to tell you something
AskWoody subscriber BD reported that every time he upgraded to 20H2 on two of his three computers, the process did not end well. Instead, he was rewarded with a blue screen of death (BSOD). No matter what he tried, the process always ended in failure and rollback.
Read the full story in the AskWoody Plus Newsletter 18.21.0 (2021-06-07).
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Recent Topics
-
Share browsers without sharing their stored passwords
by 3 hours, 18 minutes ago
-
Why some Outlooks will stop working with Microsoft services
by 1 hour, 25 minutes ago
-
Kape Technologies, formerly Crossrider, now owns 4 top VPNs
by 3 hours, 20 minutes ago
-
Breaking and entering with Linux: What you see
by 3 hours, 21 minutes ago
-
Windows 11 Surfaces
by 3 hours, 22 minutes ago
-
Microsoft says forget your passwords!
by 3 hours, 23 minutes ago
-
Hotmail not staying logged in
by 22 hours, 4 minutes ago
-
Tasks for the weekend – September 25, 2021 – but what if you DO want Windows 11?
by 5 hours, 6 minutes ago
-
Router Firmware Downgrade
by 14 hours, 13 minutes ago
-
Sync OneNote from android to PC
by 1 day, 4 hours ago
-
Corrupted BIOS chip?
by 1 day, 14 hours ago
-
National Geographic: more deaths of Covid 19 than of the Spanish Flu of 1918-19.
by 3 minutes ago
-
batteryreport Data Reset
by 1 day, 12 hours ago
-
Sneak peak – testing out a new skin on the forum
by 1 minute ago
-
Windows 10 August update problem
by 2 days, 11 hours ago
-
tw-xxx-yyyy-zzzz .tmp files
by 16 hours, 26 minutes ago
-
3.8 billion Clubhouse and Facebook user records for sale
by 2 days, 5 hours ago
-
Malwarebytes Credit Card Error
by 16 hours, 57 minutes ago
-
Question abt converted MBR to GPT boot drive
by 2 days, 15 hours ago
-
I thought Win 10 was perpetual
by 13 hours, 58 minutes ago
-
Microsoft released KB5005575 OS Build 20348.230
by 2 days, 22 hours ago
-
Do we need firmware and software updates forever?
by 2 hours, 10 minutes ago
-
Introducing GNOME 41
by 3 days, 8 hours ago
-
Update 1909 to 20H1 Stuck on 0%
by 4 days, 2 hours ago
-
Want Windows 11 on unsupported hardware ? sign a waiver
by 4 hours, 41 minutes ago
-
Best Mac Anti-Malware Suites, Please?
by 4 days, 6 hours ago
-
Windows 11 Insider Preview build 22463 released to DEV
by 4 days, 8 hours ago
-
all downloads going to desktop
by 4 days, 10 hours ago
-
Lithuania urges people to throw away Chinese phones.
by 3 days, 8 hours ago
-
Photographer Austin Mann : iPhone 13 Pro Camera Review: Tanzania
by 1 day, 22 hours ago
