ISSUE 19.47.1 • 2022-11-22 By Susan Bradley November updates lead to side effects My usual advice regarding updates with known side effects is to wait
[See the full post at: MS-DEFCON 3: Issues with domains]
Susan Bradley Patch Lady/Prudent patcher
|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
MS-DEFCON 3: Issues with domains
- This topic has 31 replies, 18 voices, and was last updated 9 months, 4 weeks ago.
AuthorViewing 14 reply threadsAuthorI, also, am unclear. Ok to install win10 22H2? or wait till defcon number gets to 4 or 5?
1 user thanked author for this post.
-
I believe Susan’s recommendations have NOT changed.
1 user thanked author for this post.
-
I would do it before and then check it again if you move to 11.
Susan Bradley Patch Lady/Prudent patcher
1 user thanked author for this post.
-
I give guidance to both consumers and businesses.
Businesses – and especially those that patch Domain controllers HAVE to install an out of band manual patch in order to ensure they don’t see side effects.
Consumers – I’m not seeing major issues. I try to put the summarized recap on the master patch list page in case I’m a bit more cryptic than I mean to be.
Susan Bradley Patch Lady/Prudent patcher
2 users thanked author for this post.
-
-
2012 R2 – you have to install the November update AND the out of band patch.
On each Domain Controller running Microsoft Windows 2012 R2, perform these steps:
Install the November 8, 2022 Monthly Rollup update for Windows Server 2012 R2 (KB5020023) or install the November 8, 2022 Security-only update for Windows Server 2012 R2 (KB5020010). Restart the Domain Controller.
Download the 36 MB weighing Out-of-band update for Windows Server 2012 R2: November 17, 2022 (KB5021653) manually from the Microsoft Update Catalog. Install it and restart the Domain Controller afterward.
Susan Bradley Patch Lady/Prudent patcher
1 user thanked author for this post.
For what it’s worth I’ve been running Windows 10 22H2 on my powerful development workstation for weeks now and I haven’t had many problems with it. It’s been surprisingly stable and glitch-free, and I’ve been pushing it hard doing business management, code development, engineering builds, product testing, etc. and also benchmarking a lot (heating the CPU way up) to see which performance tweaks are most effective.
-Noel
2 users thanked author for this post.
-
In a (multi-OS) homeuser capacity, I’ve also noticed stablity/performance is as good as 21H2 with W10 22H2 since upgrading a day after general release and that’s for both 32bit and 64bit Pro editions.
No problem can be solved from the same level of consciousness that created IT- AE1 user thanked author for this post.
With 2 updates remaining after this update of Win 8.1 🙁
November patches installed with no problems to report on Win 8.1. 🙂
Installation Successful: Windows successfully installed the following update: 2022-11 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 for x64 (KB5020690)
Installation Successful: Windows successfully installed the following update: 2022-11 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB5020023)
Win 10 ver. 22H2 x64
1 user thanked author for this post.
-
Same results here on an 8.1 pro.
1 user thanked author for this post.
-
“Patch reliability is unclear, but widespread attacks make patching prudent”
I guess I may have missed it, but what widespread attacks are home users with Windows 10 version 21H2 seeing?
It’s a bit earlier than usual in the monthly cycle to be running the updates, meaning that it could cause a problem next month when the 35 days pause expires earlier than usual. I appreciate that no major issues have been tracked for such users this month, but what widespread attacks if any are we talking about for such users?
I’m wondering whether the split between business and home users, and Windows 8.1/10 and 11, not to mention different versions, are making a single DefCon rating problematic these days.
1 user thanked author for this post.
-
It’s near the end of the month. With the Thanksgiving holidays the extra days gives you time to install updates.
As far as active attacks:
Windows scripting attacks – CVE-2022-41128 – Security Update Guide – Microsoft – Windows Scripting Languages Remote Code Execution Vulnerability used in browser based attacks
Windows mark of the web – CVE-2022-41091 – Security Update Guide – Microsoft – Windows Mark of the Web Security Feature Bypass Vulnerability fixes an issue where an attacker can make a ‘mark of the web’ download not let you know it’s from the web
Print spooler CVE-2022-41073 – Security Update Guide – Microsoft – Windows Print Spooler Elevation of Privilege Vulnerability also seen in active attacks
CVE-2022-41125 – Security Update Guide – Microsoft – Windows CNG Key Isolation Service Elevation of Privilege Vulnerability This final one is more network-y based.
Honestly by this time of the month, especially with holidays, black friday shopping, I want your systems to be patched up. I don’t find the single DefCon problematic. It’s batten down the hatches time.
Susan Bradley Patch Lady/Prudent patcher
Viewing 14 reply threads
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Apple zero days out – September 2023
by 54 minutes ago
-
No shortcuts to files on Taskbar in Win11
by 2 hours, 59 minutes ago
-
“New” Google Sites vs Network Solutions: domain resolution
by 7 hours, 17 minutes ago
-
Topic: Privacy Report on Modern Cars
by 1 hour, 10 minutes ago
-
Microsoft’s massive Windows 11 update, featuring Copilot AI, begins rolling out
by 8 hours, 37 minutes ago
-
MailStore Home updates
by 22 hours, 22 minutes ago
-
T-Mobile users say they see other people’s account information
by 1 day, 9 hours ago
-
Retirement of Exchange Web Services in Exchange Online
by 1 day, 21 hours ago
-
What Remote Desktop credentials do I use to access a MS Account computer
by 11 hours, 6 minutes ago
-
Office 2003 Compatibility with One Drive in Windows 11
by 2 days, 8 hours ago
-
Has KB5030219 been pulled for Windows 11 Pro for Workstations?
by 11 hours, 21 minutes ago
-
By default encryption on Apple
by 2 days, 2 hours ago
-
KB5029331 Macrium/Reflect
by 2 days, 3 hours ago
-
Windows 10 Build 19045.3513 (22H2) to Release Preview Channel
by 2 days, 14 hours ago
-
Microsoft worker accidentally exposes 38TB of sensitive data in GitHub blunder
by 2 days ago
-
Change CPU/Mainboard without reinstallation of OS and Apps – Win10
by 2 days, 5 hours ago
-
Mouse slows to crawl if Edge in focus
by 3 days, 10 hours ago
-
Windows and Surface chief Panos Panay is leaving Microsoft
by 2 days, 23 hours ago
-
Essential Office Portable
by 3 days, 11 hours ago
-
Essential Office: Disable Spell Check
by 3 days, 11 hours ago
-
Apple 2030
by 1 day, 9 hours ago
-
Wi-Fi 7? Why not!
by 9 hours, 14 minutes ago
-
Second city — the AI view from Washington
by 3 days, 20 hours ago
-
Zeroing in on zero days
by 2 days, 5 hours ago
-
LMDE – Software Update
by 1 day, 11 hours ago
-
MacAfee anti virus left overs
by 1 day, 5 hours ago
-
Google issues update for Chrome 109 (Win 7 – Server 2012r2) that fixes WebP
by 10 hours, 38 minutes ago
-
Microsoft apparently canning P2P Win32 services on Windows 11 23H2, Windows 12
by 7 hours ago
-
Inserting from clipboard into posting
by 4 days, 6 hours ago
-
Background picture not invoked @ startup
by 2 days, 9 hours ago
