Newsletter Archives

  • March madness here we come

    Ready or not – here comes the March updates. Remember by this time you need to have a backup and defer updates (unless you are one of the souls who like to be the beta testers for the rest of us.

    Interesting items of note:  Outlook vulnerability used in TARGETED only attacks and impacting NTLM (translation – businesses with Exchange servers not consumers/home users. If you have click to run Office this will be auto updated.

    There is also a ‘smartscreen’ vulnerability where Edge can be tricked into thinking something isn’t from the web and not scan it. This will be auto updated when Edge updates.  When we finally update Windows the smartscreen as a whole will be updated. But again, we don’t blindly download things do we?

    Both are more business only – not consumer/home targeted so I’m not changing my “hold off and wait to patch” stance in any way.

    Remember Windows 11 22H2 gets “moments” releases – I’ll be reporting if my registry key works on Windows 11 Home computers.

    More links as they come live…..

    Also business impact:

    This update implements phase three of Distributed Component Object Model (DCOM) hardening. See KB5004442. After you install this update, you cannot turn off the changes using the registry key.

    This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails. This occurs on devices that have installed Windows updates dated October 11, 2022 or later. The error message is, “Error 0xaac (2732): NERR_AccountReuseBlockedByPolicy: ‘An account with the same name exists in Active Directory. Re-using the account was blocked by security policy.’” For more information, see KB5020276.

    Dustin Childs’ zero day blog

  • March 2023 Office non-Security updates

    Microsoft released NO non-security updates for Office on March 7, 2023.

    Reminder:  Extended Support ends for Office 2013 on Patch Tuesday next month, April 11, 2023.

    On April 10, 2018, Office 2013 reached End of Mainstream Support. Extended Support ends for Office 2013 on April 11, 2023.
    Office 2016 also reached  End of Mainstream Support on October 13, 2020. EOS for Office 2016 is October 14, 2025.

    Updates are for the .msi version (perpetual). Office 365 and C2R are not included.

    Security updates for all supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday).