April Patch Tuesday out – Exchange once again

[Susan Bradley]

Patches are just coming out. Small business guidance up first: Exchange has an update. This time I’m ignoring any guidance that might say “targeted at
[See the full post at: April Patch Tuesday out – Exchange once again]

Susan Bradley Patch Lady

2 users thanked author for this post.

abbodi86, Pim

Reply | Quote

[PKCano]

AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on April 13, 2021.

There is a Security-only Update for those with Win7 ESU subscriptions.
There was no April IE11 CU for Win7.

April Rollup KB5001335 Download 32-bit or 64-bit. for those with Win7 ESU subscriptions.

You must have at least the August Servicing Stack KB4570673 previously installed to receive these updates).
The latest is the December Servicing Stack KB4592510 – Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

There is a revised Licensing Preparation Package KB4575903 dated 7/29/2020 for Win7 ESU subscriptions, if you need it.

There were no new .NET updates listed for Win7. See #2357362.

There is a Time Zone Change update for The Republic of South Africa and Sudan KB4601275 for Win7 and Win8.1 if you want to install it.

4 users thanked author for this post.

abbodi86, DrBonzo, Microfix, SueW

Reply | Quote

[Microfix]

There was also an SSU issued for Win8.1 kb5001403 to add to AKB2000003

W10, the itch you simply cannot scratch!

• This reply was modified 3 weeks, 5 days ago by Microfix.

3 users thanked author for this post.

ClearThunder, DrBonzo, PKCano

Reply | Quote

[PKCano]

SSUs are not a part of AKB000003. They do not contain telemetry. Have not been listed with Security-only patches.

2 users thanked author for this post.

ClearThunder, Microfix

Reply | Quote

[bbearren]

KB5001330 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems
and the Malicious Software Removal Tool.

No hiccups.

Create a fresh drive image before making system changes/Windows updates, in case you need to start over!

"When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns

"Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

Computer Specs

Reply | Quote

[bbearren]

bbearren wrote:

KB5001330 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems and the Malicious Software Removal Tool. No hiccups.

My NAS got the push last night.  Everything’s copacetic.

Create a fresh drive image before making system changes/Windows updates, in case you need to start over!

"When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns

"Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

Computer Specs

Reply | Quote

[bbearren]

Updated the B side of my dual boot today.

No hiccups.

Create a fresh drive image before making system changes/Windows updates, in case you need to start over!

"When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns

"Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

Computer Specs

Reply | Quote

[joep517]

Same on my XPS-13 plus two .NET updates. All good.

--Joe

Reply | Quote

[CraigS26]

bbearren wrote:

KB5001330 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems and the Malicious Software Removal Tool. No hiccups.

+1  Same …….. I Never Read that WUMgr Only retains Update History when closed / other boxes = 0’s when re-opened, and a New Scan Re-stocks the data in other boxes. Thought it was broken when first tried, so I like it having learned the rules of the game. Oddity, Update History ALWAYS shows CU installs as IN PROGRESS, yet Installed Updates shows CU’s “Installed”.

W10 Pro 20H2 / Hm-Stdnt Ofce '16 C2R / HP Envy Desktop-Ethernet/ 12 GB / 256G SSD + 1 TB HDD / i5-8400 CoffeeLake-S / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU=0

Reply | Quote

[Pim]

And yet again  there are security updates for Office 2010, for the 6th month in a row after EOL in October 2020! I am not complaining, because due to circumstances I have not been able to upgrade to a higher Office version yet.

ASRock Beebox J3160 - Win7 Ultimate x64
Asus VivoPC VC62B - Win7 Ultimate x64
Dell Latitude E6430 - Win7 Ultimate x64
Dell Latitude XT3 - Vista Ultimate x86 (still...)
Asus H170 Pro Gaming - Win10 Pro 1809 x64

1 user thanked author for this post.

SueW

Reply | Quote

[Alex5723]

Ghacks has detailed rundown list of April’s updates.

As usual the most recent W10 versions (Windows 10 versions 2004 and 20H2) are the “stars” with highest number of vulnerabilities :

79 vulnerabilities, 14 critical and 64 important and 1 moderate

3 users thanked author for this post.

ClearThunder, doriel, DrBonzo

Reply | Quote

[doriel]

I will try to be as little gleeful as I can.
The funny fact for me is, that below every Windows 10 build, in the list of critical vulnerabilities, there is written:
same as Windows 7

Now someone could tell me, how this is coincidence. What was the point of moving to W10? I understand that the newer build it is, the more bugs it can contain. But I cant see the “added value” here when moving from W7 to W10. I get more vulnerabilities? Thats in direct opposite of MSFT is promising, isnt it? I apologize for being such pesimist once again, but this is what comes to my mind, when I see those numbers.

I have KB5001342 and KB5001404 in my queue waiting for restart. KB2267602 for Windows Defender definition update installed already.

Win 10 1809 Enterprise here.

Dell Latitude E6530, Intel Core i5 @ 2.6 GHz, 4GB RAM, W10 1809 Enterprise

HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

4 users thanked author for this post.

rontpxz81, ClearThunder, Charlie, Alex5723

Reply | Quote

[b]

doriel wrote:

I understand that the newer build it is, the more bugs it can contain.
…
Thats in direct opposite of MSFT is promising, isnt it?

Where did Microsoft promise less bugs in Windows 10?

Windows 10 Pro version 21H1 build 19043.964 (group ASAP)

1 user thanked author for this post.

doriel

Reply | Quote

[doriel]

For example here. Link

And also if you turn the PC for the first time (OOBE).
And with every new build upgrade.

The newer build is, the more vulnerabilities are found. That does not sound too secure.
I wrote:

I get more vulnerabilities? Thats in direct opposite of MSFT is promising, isnt it?

Dell Latitude E6530, Intel Core i5 @ 2.6 GHz, 4GB RAM, W10 1809 Enterprise

HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

Attachments:

You must be logged in to access attached files.

1 user thanked author for this post.

Charlie

Reply | Quote

[b]

Less bugs is not one of the many reasons that Windows 10 is more secure (and Microsoft never said that).

Windows 10 Pro version 21H1 build 19043.964 (group ASAP)

1 user thanked author for this post.

bbearren

Reply | Quote

[Alex5723]

https://www.neowin.net/news/microsoft-releases-security-updates-for-exchange-server-following-report-by-the-nsa/

..It is important to note that since SUs are cumulative, customers who apply the April updates will also be protected against vulnerabilities reported in March. However, customers with SUs released in March are unprotected against these new security flaws. Microsoft has cautioned that unlike last time, it does not plan to release out-of-band SUs for unsupported versions of Exchange Server. There are 47 old CUs affected by this flaw and it’s not possible for Microsoft to invest effort in releasing updates for all of them. As such, it recommends updating to a current environment in order to apply the updates. Finally, the company has also noted that SUs have not been released for Exchange Server 2010 as it is unaffected by the latest vulnerabilities. You can find out more about the updates by heading over to Microsoft’s blog post here.

1 user thanked author for this post.

ClearThunder

Reply | Quote

[anonymous]

I don’t see any new updates when using the WUShowhide program. I checked last night and this morning, no new updates to hide. I even checked windows update to see if any were installed-but nothing on the list thus far-also I forgot to check around my usual noon time yesterday due to having been busy.

 

I’ll check the hidden updates for anything. Did we get any new updates or so? Because I see nothing so far.

Reply | Quote

[PKCano]

If you have any Pause set you will not see any updates in wushowhide.
If you have any Quality update deferral set you will not see any updates in wushowhide.
If you have hidden the updates you will not see those updates in wushowhide
If you are using any third-party update blocker you will not see any updates in wushowhide.

wushowhide uses the same Windows Update Service to search for updates that Windows Update “check for updates” uses.

1 user thanked author for this post.

ClearThunder

Reply | Quote

[CAS]

I installed April update today without incident. Now on Version 20H2(OS build 19042.928). (Wish I didn’t have to uninstall Edge every time I update.)

Peace.

CAS

Reply | Quote

[Alex5723]

April update removed old Edge and installed ChrEdge. You can leave it in place even if you don’t use it as Windows does for some tasks.

Reply | Quote

[ClearThunder]

Well, this is interesting.   So the FBI is gonna patch exchange for us?

Not updating your critical software? The FBI might just do it for you.</p>
The FBI has begun quietly accessing hundreds of American computers hacked through Microsoft’s Exchange email program, removing malicious code that the hackers left behind. 

The operation, which the Department of Justice announced Tuesday it had authorized with a warrant, highlights the severity of the Exchange vulnerability, which allowed scores of hackers to break into organizations since the beginning of the year.

The rest of the story is HERE

"Censorship is thought control" ----- Ronald Reagan

• This reply was modified 3 weeks, 4 days ago by ClearThunder.

2 users thanked author for this post.

Alex5723, b

Reply | Quote

[anonymous]

+1 doriel

“For example here. Link”

I have a number small business customers including payroll accountants who run window 7 pro and Win 8.1 pro and testing win 1909 and this is what they indicate:

Windows 7 customers who follow Group B turned off updates yet still got two or three critical update show in the restore point logs.

Window 8.1 x64 customers who follow Group B turned off updates have no problems . Several customers tested one non-critical Windows 8.1 and they choked but the machines were rolled back successfully – now set to no update “not recommend” and now out of the emergency care ward. No word on the logs yet.

Windows 10 1909 only test machines and script installed to turn off updates and stop the window update service are doing fine but that’s so small a population compared to the rest of the country it is not meaningful. They are waiting for reasonably stable version of Win 10 before upgrading.

Customers running Exchange 2007 or 2010 on a mixture of Server 2008 R2 and Sever 2012 R2 have not updated this month and are fine and no in the wild hacks yet. No word a critical update silently slipped in.

None of the above have ESU or run ESU scripts.

 

Reply | Quote

[Microfix]

Reports on April’s W10 CU kb5001330 (2004/20H2) is causing performance drops in games and bootloops..
more info on Ghacks

W10, the itch you simply cannot scratch!

1 user thanked author for this post.

ClearThunder

Reply | Quote

[anonymous]

Win 10 1909 Pro 64 bit.  Downloaded April SSU KB5001406 and CU KB5001337 from MS Update catalog, standalone installed OK, machine stable for 3 days (including printing).

Reply | Quote

[kruess]

Trouble around the corner regarding the Exchange security updates… failing powershell scripts in PRTG, Netapp SnapManager and other tools and failing EXCH connectivity of admin accounts end with ‘$’:

https://techcommunity.microsoft.com/t5/exchange-team-blog/released-april-2021-exchange-server-security-updates/ba-p/2254617/

🙁

1 user thanked author for this post.

wavy

Reply | Quote

[anonymous]

KB5001337 on Windows 1909 caused some problems with scroll bars disappearing in some programs, e.g. https://www.vbforums.com/showthread.php?891391-Blank-vertical-scroll-bar-after-Windows-10-update

Reply | Quote

[EP]

new April 2021 “preview” patches for 1809 and 1909 released TH April 22:

KB5001396 CU preview for Win10 v1909:
https://support.microsoft.com/help/5001396

KB5003155 SSU for Win10 v1909
https://support.microsoft.com/help/5003155

KB5001384 CU preview for Win10 v1809 education/enterprise/LTSC 2019:
https://support.microsoft.com/help/5001384

KB5001407 SSU for Win10 v1809 education/enterprise/LTSC 2019:
https://support.microsoft.com/help/5001407

Reply | Quote

[EP]

new April 2021 “preview” update for 2004, 20H2 & 21H1 released WED April 28:

KB5001391 CU preview for Win10 v2004/20H2 build 1904x.964:
https://support.microsoft.com/help/5001391

Reply | Quote

[Author]

Posts