security patches

Topic

New Reply

I know that this is a vague question, but a colleague just claimed “You can see… by the various updates that Microsoft, Apple, and other vendors regularly release. Most of these are security fixes.”   Are “most” of the updates [in my case, MS releases for win10/1809] really “security fixes”?   I know that some close some vulnerability or another but is it really “most”?  I get confused about all the stuff about updates among all the different MS systems that get different batches of updates, but I thought that relatively *few* were truly critical security fixes.  Am I mistaken?

I don’t think I can select specific updates — all I see in updates is, generally, a single big “cumulative update” and there’s nothing I see that lets me see what’s bundled into the update and pick and choose which pieces to accept.  If some of those are really closing vulnerabilities I wonder if there’s a way to have a “split” defcon.. something like “defcon 2 but you oughta install this, this and this specific update

Reply | Quote

Replies

Security only is just a distant memory for Windows 10 machines – it’s all cumulative and feature updates these days.

The Defcon rating takes into account the nature of the patches and vulnerabilities they relate to, so Woody does make clear when they really must be installed for the sake of security… i.e.

MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.

Reply | Quote

berniec wrote:

Are “most” of the updates [in my case, MS releases for win10/1809] really “security fixes”?

Yes, they are.

Look at Windows 7, 8.1, 10, server Feb. patch Tuesday updates. All those CVE-… are security holes :

Windows 7 (extended support only): 47 vulnerabilities: 5 critical and 42 important
CVE-2020-0662 | Windows Remote Code Execution Vulnerability
CVE-2020-0681 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0729 | LNK Remote Code Execution Vulnerability
CVE-2020-0734 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0738 | Media Foundation Memory Corruption Vulnerability

Windows 8.1: 50 vulnerabilities: 5 rated critical and 45 rated important
same as Windows 7

Windows 10 version 1803: 71 vulnerabilities: 5 critical and 66 important
CVE-2020-0662 | Windows Remote Code Execution Vulnerability
CVE-2020-0681 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0729 | LNK Remote Code Execution Vulnerability
CVE-2020-0734 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0738 | Media Foundation Memory Corruption Vulnerability

Windows 10 version 1809: 72 vulnerabilities: 5 critical and 68 important
same as Windows 10 version 1803

Windows 10 version 1903: 72 vulnerabilities: 5 critical and 68 important
same as Windows 10 version 1803

Windows 10 version 1909: same as Windows 10 version 1903
Windows Server products

Windows Server 2008 R2 (extended support only): 47 vulnerabilities, 5 critical, 42 important
CVE-2020-0662 | Windows Remote Code Execution Vulnerability
CVE-2020-0681 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0729 | LNK Remote Code Execution Vulnerability
CVE-2020-0734 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0738 | Media Foundation Memory Corruption Vulnerability

Windows Server 2012 R2: 50 vulnerabilities: 5 critical and 45 important.
same as Windows Server 2008 R2

Windows Server 2016: 65 vulnerabilities: 5 critical and 60 important.
same as Windows Server 2008 R2

Windows Server 2019: 73 vulnerabilities: 5 critical and 68 are important
same as Windows Server 2008 R2

https://www.ghacks.net/2020/02/11/microsoft-windows-security-updates-february-2020-overview/

Reply | Quote