• Microsoft: New non-security updates prevent attack on Win10 Servers running IIS

    Home » Forums » Newsletter and Homepage topics » Microsoft: New non-security updates prevent attack on Win10 Servers running IIS

    Tags:

    Author
    Topic
    woody
    Manager
    February 21, 2019 at 7:51 am #329950

    Now you know why I’m skeptical of the “optional non-security” description about the second monthly Win10 cumulative updates. Ends up that the patches
    [See the full post at: Microsoft: New non-security updates prevent attack on Win10 Servers running IIS]

    1 user thanked author for this post.
    abbodi86
    Reply | Quote
    Viewing 3 reply threads
    Author
    Replies
    • warrenrumak
      AskWoody Lounger
      February 21, 2019 at 9:52 am #329986

      The KB article has since been published.

      1 user thanked author for this post.
      woody
      Reply | Quote
    • b
      AskWoody_MVP
      February 21, 2019 at 11:26 am #330023
      woody wrote:

      Ends up that the patches are not “optional” (click Check for updates and see what happens)

      Isn’t that the only way “optional” has ever worked on Windows 10 for the last four years?

      We also release optional updates in the third and fourth weeks of the month, respectively known as “C” and “D” releases. These are validated, production-quality optional releases, primarily for commercial customers and advanced users “seeking” updates.
      Windows monthly security and quality updates overview

      Reply | Quote
    • IT Manager Geek
      AskWoody Plus
      February 24, 2019 at 6:06 am #330653

      Ok, I have questions for the members.  In regards to Microsoft’s statement on their “When appropriately set, above two limits together help to terminate the malicious connection violating those limits and form a threshold for legitimate connections” what is the recommended settings / limits I would want to start at as MS doesn’t provide any guidance?  And a follow up question, what event log entries or users feedback would be useful to understand whether further adjustments are needed?

      In my scenario I have OWA running on Exchange / Windows 2016 which I get requires IIS to serve the OWA page, that being said, other than keeping the system up to date, I’m not sure what next steps are once I apply KB 4480776.

      Advice is appreciated, Thanks.

      IT Manager Geek

      Reply | Quote
    • anonymous
      Guest
      February 25, 2019 at 10:06 am #331243

      Has anyone gotten these updates to show up in SCCM/WSUS yet?

      Reply | Quote
    Viewing 3 reply threads
    Reply To: Microsoft: New non-security updates prevent attack on Win10 Servers running IIS

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.