Newsletter Archives

  • October 2020 Microsoft Patch Tuesday updates are rolling out

    Posted on October 13, 2020 at 12:06 CDT by Comment in the Forums

    The patches have been released.

    There are 365 new entries for October, 2020 Patch Tuesday in the Microsoft Update Catalog.

    There are 1838 vulnerabilities listed in the Microsoft Security Response Center for October.

    Dustin Childs just posted his usual in-depth analysis on the Zero Day Initiative blog:

    • Adobe released one patch for October to fix a single vulnerability in Flash.
    • Microsoft released patches to correct 87 CVEs. Of these, 11 are Critical, 75 listed as Important, and one as Moderate.

    None of the bugs are listed as being under attack at the present, but 6 are listed as publicly known at the time of release.

    KB 4580325 — 2020-10 Security Update for Adobe Flash Player on Win8.1 and Win10. The Flash Player update for Win7 should be downloaded from Adobe.

    According to Sergiu Gatlin at BleepingComputer Windows 10 now blocks some third-party drivers from installation

    Microsoft says that Windows 10 and Windows Server users will be blocked from installing incorrectly formatted third-party drivers after deploying this month’s cumulative updates.

    “When installing a third-party driver, you might receive the error, ‘Windows can’t verify the publisher of this driver software’,” Microsoft says.

    “You might also see the error, ‘No signature was present in the subject’ when attempting to view the signature properties using Windows Explorer.”

    This issue is caused by improperly formatted driver catalog files that trigger the errors during the driver validation process as Microsoft explains.

    Starting with the October 2020 updates, Windows requires DER-encoded PKCS#7 content to be valid and correctly embedded in catalog files.

    “Catalogs files must be signed per section 11.6 of describing DER-encoding for SET OF members in X.690,” Microsoft adds.

    Users who encounter these errors while attempting to install a third-party driver are advised to ask their driver vendor or device manufacturer (OEM) for an updated and correctly signed driver.

    Affected Windows platforms include client (from Windows 8.1 up to Windows 004) and server versions (from Windows Server 2012 R2 up to Windows Server, version 2004).

    Martin Brinkman has his usual thorough rundown on Ghacks.net.

    A reminder if you are on Windows 10 v1809 or v1903. It is time to think about moving to a later version. V1809 reaches EOS on 2020-11-10 and v1903 on 2020-12-08.

    Windows Patches/Security ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • How to use the Forums
  • All Forums

    • Recent Topics

    September 2023
    S M T W T F S
     12
    3456789
    10111213141516
    17181920212223
    24252627282930

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.