• Friday night quick patching recap for business patchers:

    Home » Forums » Newsletter and Homepage topics » Friday night quick patching recap for business patchers:

    Author
    Topic
    #2343208

    Friday night quick patching recap for business patchers: Windows Server 2016 SSU – has been recalled and been replaced with KB5001078.  This fixes the
    [See the full post at: Friday night quick patching recap for business patchers:]

    Susan Bradley Patch Lady/Prudent patcher

    2 users thanked author for this post.
    Viewing 2 reply threads
    Author
    Replies
    • #2343246

      Not to deny those issues, but giving the there are some sensible things patched this month (like the TCP/IP RCE one) I rather apply the updates sooner this month. The nearly 1-month wait is out of the table for me, it would be a week at most. Also, I specially recommend people with Win7 ESU to do it just now.

      1 user thanked author for this post.
      • #2343259

        Win7 ESU patched with SMQR KB4601347 has been running fine since 9th Feb here. No error logs whatsoever in Event Viewer, SFC no violations, no telemetry re-introduction, local printer works fine if that is any help.
        I’d agree on the TCP/IP point of view, which is why I took the plunge immediately after reading the patch documentation and suffer any consequences later.
        More info on Born City
        excerpt:

        The two critical RCE vulnerabilities (CVE-2021-24074, CVE-2021-24094) are classified as complex and difficult to exploit. Microsoft believes that attackers could rather exploit the DoS vulnerability (CVE-2021-24086), which is rated as important, to create DoS exploits. Attackers could then trigger BlueScreens on the Windows system via network packets.

        No problem can be solved from the same level of consciousness that created IT- AE
      • #2343268

        Threat Brief: Windows IPv4 and IPv6 Stack Vulnerabilities (CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094) (paloaltonetworks.com)  got a firewall between you and your network?  Your firewall probably already is blocking these types of connections.

        Susan Bradley Patch Lady/Prudent patcher

        1 user thanked author for this post.
        • #2343492

          Even if it does, it is not always recommended to put all your faith on it, more when you read in PAN-OS case specifically they are on the news rather frequently with critical or high vulnerabilities.

    • #2343339

      got a firewall between you and your network? Your firewall probably already is blocking these types of connections..

      Is there a Windows OS system without a firewall between the PC and a router/network ?

      • #2343465

        What are you asking / suggesting?
        Windows comes standard with a firewall, although it probably won’t stop these attacks from an internal source.

        cheers, Paul

    • #2344178

      “Windows server 2003 will probably fail.”

      Regarding the above statement, our 2016 DCs are patched up to January 2021,  we have a Win2003 R2 member server joined to the domain.  I have not seen a single error for IDs 5827, 5828, 5829  as of today and going back to last Sept.

      Does this mean our 2003 server will not be impacted by the DC enforcement?

       

       

       

       

      • #2344213

        I don’t have one so I can’t confirm.  Others have told me the 2003 should fail – but I have a Windows 7 without an ESU and like you said, not a single hiccup in the event logs.

        Susan Bradley Patch Lady/Prudent patcher

    Viewing 2 reply threads
    Reply To: Friday night quick patching recap for business patchers:

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: