• Patch List for August 13, 2024

    Home » Forums » Newsletter and Homepage topics » Patch List for August 13, 2024

    • This topic has 11 replies, 7 voices, and was last updated 9 months ago.

    Tags:

    Author
    Topic
    Susan Bradley
    Manager
    August 15, 2024 at 8:13 am #2696615

    Once again I don’t recommend installing updates at this time.ย  I’ve updated the master patch list here. In my early consumer testing I’m personally no
    [See the full post at: Patch List for August 13, 2024]

    Susan Bradley Patch Lady/Prudent patcher

    3 users thanked author for this post.
    abbodi86, deuce120, lmacri
    Reply | Quote
    Viewing 4 reply threads
    Author
    Replies
    • KS
      Guest
      August 15, 2024 at 8:49 am #2696619

      I would like to point out that there are security patches in this week’s updates for IPv6. The CVE is rated a 9.8 in severity which is… not good. Even if you don’t use internet-facing IPv6, by simply having it enabled, you are vulnerable.

      https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063

      Reply | Quote
      • Susan Bradley
        Manager
        August 15, 2024 at 8:52 am #2696626

        On a consumer side -firewalls block ipv6. In business settings the attacker would need to be inside first.

        Susan Bradley Patch Lady/Prudent patcher

        Reply | Quote
        • b
          AskWoody_MVP
          August 15, 2024 at 9:53 am #2696633
          Susan Bradley wrote:

          On a consumer side -firewalls block ipv6.

          Any documentation for this? Most sources say IPv6 is enabled by default in Windows.

          Susan Bradley wrote:

          In business settings the attacker would need to be inside first.

          But …

          The vulnerable component is bound to the network stack and the set of possible attackers extends beyond the other options listed, up to and including the entire Internet. Such a vulnerability is often termed ‘remotely exploitable’ and can be thought of as an attack being exploitable at the protocol level one or more network hops away (e.g., across one or more routers).

          Reply | Quote
          • Susan Bradley
            Manager
            August 15, 2024 at 10:44 am #2696661

            Not Windows, the firewall of your router is more than likely not going to pass along these packets based on my understanding at this time – mind you there is not a lot of detail on this CVE I’m going by past vulnerabilities like this for my judgement call.

            Susan Bradley Patch Lady/Prudent patcher

            Reply | Quote
    • KS
      Guest
      August 15, 2024 at 9:36 am #2696627
      Susan Bradley wrote:

      On a consumer side -firewalls block ipv6. In business settings the attacker would need to be inside first.

      This vulnerability is unlikely to come through an external firewall. More likely to exploit via malware, which would be an attack from the “inside”.

      Reply | Quote
      • Susan Bradley
        Manager
        August 15, 2024 at 10:42 am #2696650

        Sneak peak for Monday –ย  I call this the “don’t click” month and reserve the right to pull the trigger early.ย  At this time there are no working Proof of concepts and no full details about how the attack can occur.ย  Until I know more details, I consider a “patched human” good enough for now.

        Susan Bradley Patch Lady/Prudent patcher

        Reply | Quote
    • n0ads
      AskWoody Lounger
      August 15, 2024 at 11:59 am #2696696

      ISP doesn’t yet support IPv6 and I eventually disabled it for all my Network adapters because having it enabled sometimes caused severe bandwidth issues (i.e. only getting ~50% of what I was paying for.)

      I also had issues where the Cisco & PanGPS VPNs I use to connect to sites I support sometimes wouldn’t work with it enabled.

      Once I disabled it, all those problems disappeared!

      Since it’s currently not enabled on my PCs, I should be protected.

      Have to wonder though, if having it disabled, might cause issues with the new update installing without errors once it’s clear to do so??

      Reply | Quote
      • Bob99
        AskWoody MVP
        August 15, 2024 at 2:02 pm #2696728
        n0ads wrote:

        Have to wonder though, if having it disabled, might cause issues with the new update installing without errors once itโ€™s clear to do so??

        A VERY good question!! I wouldn’t be a bit surprised if it were revealed that MS just assumed that everybody has IPv6 enabled “because that’s how we ship Windows”.

        Now, if only someone had a machine that were only a test bed where they could disable IPv6 and then install this month’s patch to find out if it installs OK, or if the install goes sideways because of IPv6 being disabled.

        Reply | Quote
        • Susan Bradley
          Manager
          August 15, 2024 at 4:41 pm #2696773

          No it would not cause issues in patching.ย  Patches will install whether ipv6 is enabled or disabled.

          Susan Bradley Patch Lady/Prudent patcher

          1 user thanked author for this post.
          Alex5723
          Reply | Quote
    • sheldon
      AskWoody Plus
      August 15, 2024 at 6:53 pm #2696789

      Just checked – IPv6 is disabled on my ASUS {RT-AX3000) router.ย  Not sure if I did that or is the default setting.

      Reply | Quote
    • TJ
      AskWoody Plus
      August 16, 2024 at 9:38 am #2696880

      Thanks as always @sb for the comprehensive patch list.

      One remark though: Vivaldi has long passed Version 6.5. It’s on Version 6.8 now https://vivaldi.com/changelog-vivaldi-browser-6-8/

      LMDE is my daily driver now. Old friend Win10 keeps spinning in the background
      Reply | Quote
    Viewing 4 reply threads
    Reply To: Reply #2696626 in Patch List for August 13, 2024

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




    Cancel
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.