Newsletter Archives

• Friday night quick patching recap for business patchers:

  Posted on February 13, 2021 at 00:03 CST by Susan Bradley • Comment in the Forums

  Friday night quick patching recap for business patchers:

  Windows Server 2016 SSU – has been recalled and been replaced with KB5001078.  This fixes the issue where the cumulative update got stuck at 24%.

  Source:  Windows 10, version 1607 and Windows Server 2016 | Microsoft Docs

  1909 received a replaced February release that fixes an issue with Wifi in the form of KB5001028

  Source:  Windows 10, version 1909 and Windows Server, version 1909 | Microsoft Docs

  All .NET updates may trigger issues with applications and games

  Source:  Windows 10, version 1803 | Microsoft Docs

  February updates enforced secure logon for the Zerologon issue.  If you have Windows 7/Server 2008 even without ESUs these still connect to your domain.  Windows server 2003 will probably fail.  You will need to disable signing enforcement if you have any non compliant devices.

  KB: How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (microsoft.com)

   Monitoring script: Script to help in monitoring event IDs related to changes in Netlogon secure channel connections associated with CVE-2020-1472 (microsoft.com)

  All of these issues will be discussed in detail in NEXT week’s patch watch.  I’ll be doing a consumer patching overview this weekend in the newsletter and business patching in the Plus newsletter next week.

  Windows Patches/Security February 2021 Black Tuesday, KB5001078, Patch Lady Posts

• 1909 get out of band KB5001028

  Posted on February 11, 2021 at 12:09 CST by Susan Bradley • Comment in the Forums

  An out-of-band update has been released to address an issue when making WPA3 Wi-Fi connections on a small number of devices on Windows 10, version 1909 and Windows Server, version 1909. More details can be found here: https://t.co/XJY5e2mSTj

  — Windows Update (@WindowsUpdate) February 11, 2021

   

  Well that’s one way to fix the issue where 1909 consumer machines were not seeing that update… it’s now detecting a February release

  

  Windows Patches/Security February 2021 Black Tuesday, Patch Lady Posts

• Server patchers – issues with KB4601318

  Posted on February 11, 2021 at 08:46 CST by Susan Bradley • Comment in the Forums

  KB4601318 fails to update, fails at 24% Windows Server 2016 – Microsoft Q&A

  Just a heads up for those doing patching on Server 2016.  Reports from multiple locations indicate that KB4601318 and possibly KB4535680 get stuck at 24% and won’t install.

  There are some manual workarounds listed in that thread, but you may want to hold back until this installation issue is fixed.

  Edit of 2-12-2021 – Mark Berry reports in the comments:

  “https://support.microsoft.com/en-us/topic/february-9-2021-kb4601318-os-build-14393-4225-c5e3de6c-e3e6-ffb5-6197-48b9ce16446e

  This post now confirms, “KB4601392 has been removed and will no longer be offered to devices. We are working on a resolution and will provide an update in an upcoming release.

  Windows Patches/Security February 2021 Black Tuesday

• Feb 2021 patches so far

  Posted on February 9, 2021 at 21:51 CST by Susan Bradley • Comment in the Forums

  We are still in watch and wait mode for February updates.  I’ll be waiting and testing and let you know what we find.

  So far I don’t see 1909’s being offered up today’s security update. For those of you on 1909 are you seeing that as well?

  For those of you that are business patchers here are some links to follow:

  Microsoft Windows Security Updates February 2021 overview – gHacks Tech News

  Zero Day Initiative — The February 2021 Security Update Review

  Microsoft February 2021 Patch Tuesday (sans.edu)

  The zero day bug that I talked about yesterday is an elevation of privilege bug.

  The other bug that everyone is buzzing about is this one: Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086 – Microsoft Security Response Center  “Customers might receive a blue screen on any Windows system that is directly exposed to the internet with minimal network traffic.”

  For you and I, I don’t see this one has being horrific.  Blue screens of death while not something any of us want, doesn’t mean that the attacker has gotten our data. And we normally do not have our machines straight on the Internet but rather behind routers and firewalls. For now, just make sure you have a backup and look for the full analysis in this week’s Plus newsletter.

  Action plan as of right now:

  • Waiting/Backing up mode for home users.
  • Testing mode for business users.

  Note:  They’ve released the .NET patch with a known crashing issue February 9, 2021-KB4601050 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, and Windows Server, version 20H2 (microsoft.com) that impacts Visual Studio 

  Windows Patches/Security, Windows Security February 2021 Black Tuesday, Patch Lady Posts

• MS-DEFCON 2: Time to make sure you are pausing Patches

  Posted on February 8, 2021 at 19:47 CST by Susan Bradley • Comment in the Forums

  It’s that time again. Tomorrow is Patch Tuesday (*) and it’s time to pause updates.

  There’s no reason to rush out updates this week.  Make sure your computer is set to pause updates or have set a date for deferred installs. If you are unsure how to do a deferral I have a post and a video with instructions. Also make sure you have a backup. I’ll be posting up a video how to next weekend.

  I’ve been warned that there is a zero day to be patched in tomorrow’s updates, but that’s all the information I have at this time. As always, visit us here and we’ll keep you informed.

  (*) Yes I realize that for some of you it’s Patch Wednesday but the ‘slang’ for the day when patches come out normally ties it to the Redmond time zone.  Patches normally start getting published around 10 to 11 a.m pacific time.

  Windows 10, Windows Patches/Security February 2021 Black Tuesday, MS-DEFCON 2

• The February 2021 Office non-Security Updates have been released

  Posted on February 2, 2021 at 15:12 CST by PKCano • Comment in the Forums

  The February 2021 Office non-Security updates have been released Tuesday, February 2, 2021. They are not included in the DEFCON-4 approval for the January 2021 patches. Unless you have a specific need to install them, you should wait until Susan Bradley (Patch Lady) approves them and any problems have been reported.

  Remember, Susan’s patching sequence and recommendations are based on a business environment that has IT support and may have time constraints on the updating process. Consumer patching should be more cautious due to limited technical and mechanical resources. The latter is the reason for the AskWoody DEFCON system.

  Office 2016
  Update for Microsoft Office 2016 (KB4493189)
  Update for Microsoft Outlook 2016 (KB4493190)
  Update for Microsoft PowerPoint 2016 (KB4493164)

  Office 2013
  Update for Microsoft Office 2013 (KB4486684)
  Update for Microsoft PowerPoint 2013 (KB4493169)

  Office 2010
  Update for Microsoft Office 2010 (KB4493180)
  Update for Microsoft PowerPoint 2010 (KB4493179)

  Office 2010 reached EOS on October 13, 2020.
  On April 10, 2018, Office 2013 reached End of Mainstream Support. Extended Support will end for Office 2013 on April 11, 2023.
  Office 2016 also reached  End of Mainstream Support on October 13, 2020. EOS for Office 2016 is October 14, 2025.

  Updates are for the .msi version (persistent). Office 365 and C2R are not included.

  Security updates for all supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday).

  Office Patches/Security February 2021 Black Tuesday, February 2021 Office non-Security updates, Office 2010, Office 2013, Office 2016