Search the Community
Showing results for tags 'emergency patch'.
Karlston posted a news in Software NewsNew Windows 10 KB5005394 emergency update fixes printing issues Microsoft has released a cumulative out-of-band update to fix a known printing issue preventing some printers and scanners from working correctly. "Addresses an issue with devices that do not comply with section 3.2.1 of the RFC 4556 specification," Microsoft explains in the KB5005394 support document. "Noncompliant printers, scanners, and multifunction devices might not work when you use smart card authentication (PIV). This issue occurs after you install the July 13, 2021 update on domain controllers (DC) in your environment." Fixed on a limited number of affected Windows versions The printing issues affect both client and server Windows platforms, starting with Windows 7 SP1 / Windows Server 2008 SP2 and later: Client: Windows 10, version 21H1; Windows 10, version 20H2; Windows 10, version 2004; Windows 10, version 1909; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1 Server: Windows Server, version 20H2; Windows Server, version 2004; Windows Server, version 1909; Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 However, based on the support document published today, the KB5005394 cumulative update released today by Microsoft only applies to Windows 10 1809, Windows Server 1809, and Windows Server 2019. This out-of-band update can only be installed manually as a standalone package available for download through the Microsoft Update Catalog. Microsoft has also released the KB5005392 OOB update to address the printing issues on Windows 7 SP1 or Windows Server 2008 R2 SP1 devices. When it confirmed this known printing issue on Friday, Microsoft also added that all affected smart card authenticating devices should work as expected when using username and password authentication. Issue caused by security flaw hardenings The known issue is caused by hardening changes for CVE-2021-33764. It only impacts smart card authenticating printers, scanners, and multifunction devices, which "don't support DH or advertise support for des-ede3-cbc ("triple DES") during the Kerberos AS request." Affected Windows 10 users are advised to first check if they have the latest drivers and firmware installed for non-compliant and misbehaving printers or scanners. If the devices are up-to-date, impacted users should contact the device manufacturer and ask for setting changes or updates to make the printer or scanner compliant with the CVE-2021-33764 hardenings deployed via July's Windows 10 security updates. Microsoft is still working to mitigate the issue on all affected Windows versions to re-enable printing and scanning on impacted devices. "This will allow time for device manufacturers to release compliant firmware and drivers for their devices," Microsoft explains. "Further, it should allow time to update settings, firmware, and drivers in your environment and make them compliant." Update: Added info on KB5005392 OOB update. New Windows 10 KB5005394 emergency update fixes printing issues
steven36 posted a topic in Security & Privacy NewsOracle issued an out-of-band security update over the weekend to address a critical remote code execution (RCE) vulnerability impacting multiple Oracle WebLogic Server versions. The security vulnerability tracked as CVE-2020-14750 received a 9.8 severity base score from Oracle, out of a maximum rating of 10. Oracle credits 20 organizations and people in the security advisory for having provided information that allowed the company to address CVE-2020-14750. No-auth RCE Unauthenticated attackers can remotely exploit this no-auth RCE flaw in the server's console component via HTTP, without user interaction, as part of low complexity attacks to potentially take over targeted servers. "It is remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password," Oracle's advisory explains. "Due to the severity of this vulnerability and the publication of exploit code on various sites, Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible." Supported Oracle WebLogic Server versions that are affected by CVE-2020-14750 include 10.3.6.0.0, 188.8.131.52.0, 184.108.40.206.0, 220.127.116.11.0, and 18.104.22.168.0. Eric Maurice, Director of Security Assurance at Oracle, also shared a link to WebLogic Server hardening instructions in a blog post published on Sunday announcing the out-of-band security update. Earlier today, the Cybersecurity and Infrastructure Security Agency (CISA) also urged users and administrators to apply the security update to block potential attacks. Oracle released an out-of-band security alert to address a vulnerability—CVE-2020-14750—in Oracle WebLogic Server. Patch ASAP! https://t.co/34wm2YYgnx #Cyber #Cybersecurity #InfoSec — US-CERT (@USCERT_gov) November 2, 2020 Related to actively targeted CVE-2020-14882 Oracle also says that the vulnerability is related to CVE-2020-14882, another 9.8 out of 10 critical WebLogic Server flaw that was addressed in the October 2020 Critical Patch Update, two weeks ago. As BleepingComputer reported on Thursday, threat actors started scanning for exposed and vulnerable Oracle WebLogic instances to CVE-2020-14882 exploits one week after it was during this month's Critical Patch Update according to the SANS Technology Institute. Just as in the case of CVE-2020-14750, vulnerable versions of Oracle WebLogic Server are 10.3.6.0.0, 22.214.171.124.0, 126.96.36.199.0, 188.8.131.52.0 and 184.108.40.206. Even though the company did not provide any further details regarding the relation between the two vulnerabilities, this out-of-band security update might be a direct result of the fact that a bypass for the CVE-2020-14882 patch was discovered on Friday. BleepingComputer reached out to Oracle for more details and to confirm that CVE-2020-14750 was indeed issued to address last week's CVE-2020-14882 bypass, but did not hear back at the time of publication. Source