Newsletter Archives

• MS-DEFCON 4: Side effects for dual booters

  Posted on August 27, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.35.1 • 2024-08-27

  

  By Susan Bradley

  Secure Boot is causing — once again — side effects for Windows patchers.

  The August updates are triggering issues for those who dual-boot into Linux. Because this is unlikely to affect very many users, and because the IPv6 bug I alerted you to ten days ago is now well understood, I feel that lowering the MS-DEFCON level to 4 is safe.

  That assumes you do not ignore the IPv6 matter.

  Anyone can read the full MS-DEFCON Alert (21.35.1, 2024-08-27).

  AskWoody Plus Alert, MS-DEFCON Alerts, CVE-2024-38063, KB5041578, KB5041580, KB5041585, MS-DEFCON, MS-DEFCON 4, Patch Lady Posts, Secure Boot, Server 2019

• Threats to businesses

  Posted on August 19, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.34 • 2024-08-19

  PATCH WATCH

  

  By Susan Bradley

  This month’s updates include fewer vulnerabilities than normal. What is not normal is that some of the bugs have already been exploited.

  I’m not changing my stance about it being wise to wait to see whether there are side effects, but I will review that decision should the need arise. For now, review the special alert.

  There are six bugs under active attack.

  Read the full story in our Plus Newsletter (21.34.0, 2024-08-19).
  This story also appears in our public Newsletter.

  Patch Watch Adobe Acrobat, CVE-2024-38063, CVE-2024-38143, CVE-2024-38173, CVE-2024-38213, KB5020276, KB5040430, KB5040437, Line Printer, Mark of the Web, Newsletters, Patch Lady Posts, Remote Code Execution, Remote Desktop, Secure Boot

• MS-DEFCON 3: Blocking a potential wormable event

  Posted on August 16, 2024 at 21:22 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.33.1 • 2024-08-16

  

  By Susan Bradley

  It’s been a long time since we’ve had a Microsoft worm event.

  Last week’s patches contained a fix for the Windows TCP/IP Remote Code Execution Vulnerability identified as CVE-2024-38063. This one affects all supported Windows versions and extends back to Windows 7 and Windows 8, including older servers.

  This CVE has a very high danger rating. Because of that, I am lowering the MS-DEFCON level earlier than I normally would, setting it to 3. That sounds backward, but this advisory is conditional, based upon the type of user you are and how you decide to deal with the update.

  Although the danger is real, I believe the risk is somewhat less. In this alert, I’ll explain why.

  Anyone can read the full MS-DEFCON Alert (21.33.1, 2024-08-16).

  AskWoody Plus Alert, MS-DEFCON Alerts, CVE-2024-38063, IPv6, MS-DEFCON, MS-DEFCON 3, Patch Lady Posts, Windows, Windows Server, wormable