Jump to content

Search the Community

Showing results for tags 'patch tuesday'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

  1. Microsoft has released the first-ever Patch Tuesday update for Windows 11 since the OS launched officially last week. The OS will now be served monthly updates for those running stable builds just like Windows 10. The update heading out to Windows 11 is KB5006674, bringing build 22000.258. The company has been promising bug fixes for the release version for a while now, saying that it will bring improvements made as part of the Dev channel builds to the version of the OS that heads out to the public in October. Windows 11 launched with a bunch of known issues which are expected to be fixed so as to remove the upgrade holds caused by those bugs. Today's update does not include a huge list of fixes but expect them to show up in the following months as the OS reaches more devices. Today's build is also heading to users running Beta and Release Preview channel builds. Here is the changelog posted by the firm for build 22000.258: Addresses known compatibility issues between some Intel “Killer” and “SmartByte” networking software and Windows 11 (original release). Devices with the affected software might drop User Datagram Protocol (UDP) packets under certain conditions. This creates performance and other issues for protocols based on UDP. For example, some websites might load slower than others on the affected devices, which might cause videos to stream slower in certain resolutions. VPN solutions based on UDP might also be slower. The Redmond firm notes that there are no known issues in this build. However, this does not include the known issues posted at launch, which will also be addressed in future releases. You can read through our complete coverage of Windows 11 here, including guides on how to install the OS or roll back to Windows 10. Along with Windows 11, supported Windows 10 versions are also receiving the monthly patches. The three latest versions supported fully - 2004, 20H2, and 21H1 - are receiving KB5006600, bringing builds 19041.1288, 19042.1288, and 19043.1288, respectively. Other older versions supported for certain customers on certain SKUs are also receiving cumulative updates. . Windows 11 gets its first-ever Patch Tuesday update
  2. Microsoft has begun rolling out the monthly Patch Tuesday updates for Windows 10, bringing cumulative updates to all supported versions across multiple SKUs. As is the case every month, the second Tuesday is the day that all supported Windows versions receive mandatory updates. This time around, Windows 11 is also getting its first Patch Tuesday update and will continue to be served patches along with other supported Windows versions. For Windows 10, however, the versions currently supported include the three latest releases and a few older versions for specific customers. Versions 2004, 20H2, and 21H1 are receiving KB5006670, bumping up the builds to 19041.1288, 19042.1288, and 19043.1288, respectively. The three versions are built on the same codebase and receiving identical update packages. The next major version, Windows 10 version 21H2 will also receive the same patch for those running the OS in the Release Preview channel. As for what's new, there are a bunch of improvements and bug fixes, as always. Those that installed the C/D optional preview release that was offered earlier this month will only receive the new bits mentioned below. However, for those that did not install the optional patch, all the fixes will be bundled into KB5006670. You can manually download the update from here. Here are the highlights of the update package: Updates security for your Windows operating system. And here is the complete changelog detailing the improvement, in addition to the fixes made via the optional patch: Addresses an issue that prevents some applications, such as Microsoft Office and Adobe Reader, from opening or causes them to stop responding. This occurs on devices that are subject to Microsoft Exploit Protectionfor Export Address Filtering (EAF). As is generally the case, the Redmond company has also listed the known issues in the update, which is always handy. Here are the known issues for KB5006670: Symptom Workaround Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect directly to Windows Update to receive updates are not affected. This includes devices using Windows Update for Business. Any device connecting to Windows Update should always receive the latest versions of the SSU and latest cumulative update (LCU) without any extra steps. To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the using SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cab Extract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:* You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business. After installing the June 21, 2021 (KB5003690) update, some devices cannot install new updates, such as the July 6, 2021 (KB5004945) or later updates. You will receive the error message, "PSFX_E_MATCHING_BINARY_MISSING". For more information and a workaround, see KB5005322. Older Windows 10 versions, such as version 1909, are supported for SKUs such as Enterprise, Education, or IoT Enterprise. Those running Windows 10 version 1809 in the Long Term Servicing Channel are also receiving updates. Here is a summary of the versions, the corresponding KB articles for the updates and links for manual downloads, the build numbers, and the SKUs they are supported in: Version KB Build Download Support 1909 KB5006667 18363.1854 Update Catalog Enterprise, Education, or IoT Enterprise SKUs 1809 KB5006672 17763.2237 Update Catalog Long Term Servicing Channel (LTSC) 1607 KB5006669 14393.4704 Update Catalog 1507 KB5006675 10240.19086 Update Catalog Windows 10 Patch Tuesday updates are now live
  3. The October 2021 Patch Update is now rolling out and Microsoft has published cumulative updates KB5006670 and KB5006667 for recent versions of Windows 10. This month's cumulative updates include security fixes for PCs with May 2021 Update (version 21H1), October 2020 Update (version 20H2), and May 2020 Update (version 2004). The update is now rolling out via Windows Update, WSUS, and the Microsoft Update Catalog with numerous bug fixes and performance enhancements. List of new updates released today: Windows 10 version 1507 — (OS Build 10240.19086) Windows 10 version 1607 — (will be up shortly) Windows 10 version 1703 — EOS Windows 10 version 1709 — EOS Windows 10 version 1803 — EOS Windows 10 version 1809 — KB5006672 (OS Build 17763.2237) Windows 10 version 1903 — EOS Windows 10 version 1909 — (OS Build 18363.1854) Windows 10 version 2004, 20H2 and 21H1 — KB5006670 (OS Builds 19041.1288, 19042.1288, and 19043.1288) Like every Patch Tuesday, you can check for and install new updates by going to Settings, clicking on Windows Update, and selecting 'Check for Updates' to install the updates. If you own multiple PCs or if you would like to patch the PCs manually, you can learn more about how to do so here. What's new in the latest cumulative update for Windows 10 Microsoft has addressed several bugs with today's cumuilative update for Windows 10 version 2004 or later. This update advances PCs to Build 19041.1288, 19042.1288, and 19043.1288. This cumulative update addresses an issue that causes apps like Outlook to suddenly stop working during normal use. Addtionally, Microsoft has finally fixed an issue that causes blurry News and interests icons when you use certain screen resolutions. The update also comes with the following fixes: Addresses an issue that prevents some applications, such as Microsoft Office and Adobe Reader, from opening or causes them to stop responding. This occurs on devices that are subject to Microsoft Exploit Protectionfor Export Address Filtering (EAF). Updates an issue that might cause distortion in the sound that Cortana and other voice assistants record. Updates an issue that causes your device to stop working after you restart it. Updates an issue that prevents you from providing input to apps when the taskbar is not at the bottom of the screen. Windows 10 version 1909 has received the same set of fixes with KB5006667. Windows 10 updates KB5006670 & KB5006667 released
  4. Today is the second Tuesday of the month, which means it's Patch Tuesday, the day that Microsoft released cumulative updates for all supported Windows versions. This month, the debutant is Windows 11, which is receiving its first-ever official Patch Tuesday update. Other supported versions include Windows 10, Windows 8.1, and select Windows 7 users who have opted to pay for Extended Security Updates. As is always the case, Windows 8.1 and Windows 7 updates are classified into monthly rollup and security-only updates. While the former can be installed via Windows Update, the latter can only be manually downloaded and installed. Usually, these versions are only served one update per month, unlike Windows 10 which receives a mid-month preview update. To begin with, Windows 8.1 users are receiving KB5006714, which is the monthly rollup. The update can also be downloaded from the Update Catalog here. Here is the complete changelog for the update: Addresses an issue in which a user does not have a way to track DCOM activation failures on a server that is running Windows Server 2012 R2. Addresses an issue in which an Internet print server cannot package the driver to send to the client. Implements a Group Policy setting for the following registry value: Registry location: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint Value name: RestrictDriverInstallationToAdministrators Value data: 1 For more information, see KB5005010. Adds the ability to configure period or dot (.) delimited IP addresses interchangeably with fully qualified host names in the following Group Policy settings: Package Point and Print - Approved Servers Point and Print Restrictions Addresses an issue in which Security Account Manager (SAM) events are not displayed properly in the Event Viewer. In Internet Explorer 11 for Windows 8.1 and Windows Server 2012 R2, certain circumstances might cause Enterprise Mode Site List redirection from Internet Explorer 11 to Microsoft Edge to open the site in multiple tabs in Microsoft Edge. The update also brings with it a long-standing known issue, which seems to have been on the list for months. You can head to our previous coverage to check out the known issue. The security-only update for this version is KB5006729 and can be only be installed manually by downloading the package from here. The changelog notes that the patch includes "miscellaneous security improvements to internal OS functionality", which is the only listed fix. The known issue is identical to that of the monthly rollup. Moving on to Windows 7, the monthly rollup is termed KB5006743, which can be downloaded manually from here. The list of fixes is almost identical to that of the Windows 8.1 update, save for the first line item that relates to the DCOM activation failures. As for known issues, the release shares the rename issue with Windows 8,1, along with another problem that listed below: Symptom Workaround After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as Failed in Update History. This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article. The security-only update for Windows 7 and the corresponding Windows Server release is KB5006728, which can be found for manual download here. The update shares the known issues with the monthly rollup and contains fixes that are identical to that of the security-only update for WIndows 8.1. As mentioned earlier, Windows 7 updates will only head to those that have paid for extended updates. Windows 8.1 updates, however, are available for all supported SKUs. Patch Tuesday: Here's what's new for Windows 8.1 and 7
  5. Windows administrators report wide-scale network printing problems after installing this week's September 2021 Patch Tuesday security updates. On Tuesday, Microsoft released sixty security updates and fixes for numerous bugs as part of their monthly Patch Tuesday updates, including a fix for the last remaining PrintNightmare vulnerability tracked as CVE-2021-36958. This vulnerability is critical to fix as it is used by numerous ransomware gangs and threat actors to immediately gain SYSTEM privileges on vulnerable devices, as demonstrated below. However, many Windows system administrators are now reporting [1, 2] that their computers can no longer print to network printers after installing the PrintNightmare fixes on their print servers. In conversations with multiple Windows admins dealing with these issues, they all told BleepingComputer that the updates are breaking their network printing, and they can only fix them by removing the updates. "The problem has happened for us on different sites. The print servers were 2012R2 and 2016. All worked fine before the update," one administrator told BleepingComputer. "After yesterday’s Windows Update, none of the network computers can print to Windows 10 computer we use as a print server," another admin told BleepingComputer. "As far as i know, this affected both printers with v3 and v4 drivers, but I'm not 100% sure (this issue was different from the issue emerged with the previous update which broke v3 printers). After uninstalling the patch on the server everything got back to normal," another admin told us yesterday. While all users are experiencing problems with network printing, they do not see the same errors. For example, one person told us that their devices are displaying a 4098 Warning in the Application event logs. This error states, "The user" preference item in the" Group Policy Object did not apply because it failed with error code '0x8007011b' This error was suppressed." Another admin told us that their Printer ports tab was blank, while another said they received "Access Denied" errors. These issues also appear to be affecting all network printers, including HP, Canon, Konica Minolta, and label printers, and for both Type 3 and Type 4 printer drivers. Those with USB printers connected directly to their computers are not having any issues. The updates associated with the new PrintNightmare security update and the subsequent network printing problems are: KB5005568 (Windows Server 2019) KB5005613 (Windows Server 2012 R2) KB5005627 (Windows Server 2012 R2) KB5005623 (Windows Server 2012) KB5005607 (Windows Server 2012) KB5005606 (Windows Server 2008) KB5005618 (Windows Server 2008) KB5005565 (Windows 10 2004, 20H2, and 21H1) KB5005566 (Windows 10 1909) KB5005615 (Windows 7 Windows Server 2008 R2) PrintNightmare fixes causing significant problems Unfortunately, to fix the PrintNightmare vulnerabilities, Microsoft has had to make significant changes over the past two months to the Windows Point and Print feature and how drivers can be installed from a print server. These changes include requiring administrator privileges to install a printer driver via the Point and Print feature. Once Microsoft made these changes, Windows users began receiving errors when trying to print, or Windows would prompt for an administrative password to update printer drivers. While Microsoft has introduced new registry settings that allow you to control these changes, disabling them will once again make a Windows device vulnerable. According to security researcher Benjamin Delpy, this week's PrintNightmare fix also introduced new changes that automatically block the CopyFiles directive print driver feature. Admins can configure this change via the Windows Registry CopyFilesPolicy value under the HKLM\Software\Policies\Microsoft\Windows NT\Printers key. When set to '1', CopyFiles will be enabled again. If other printer drivers are used in your organization that uses the CopyFiles directive, they will no longer work, leading to further conflicts. BleepingComputer has contacted Microsoft with questions about these issues but has not heard back at this time. New Windows security updates break network printing
  6. Today is Microsoft's September 2021 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of 60 flaws. Microsoft has fixed 60 vulnerabilities (86 including Microsoft Edge) with today's update, with three classified as Critical, one as Moderate, and 56 as Important. Of the total 86 vulnerabilities (including Microsoft Edge): 27 Elevation of Privilege Vulnerabilities 2 Security Feature Bypass Vulnerabilities 16 Remote Code Execution Vulnerabilities 11 Information Disclosure Vulnerabilities 1 Denial of Service Vulnerabilities 8 Spoofing Vulnerabilities For information about the non-security Windows updates, you can read about today's Windows 10 KB5005565 & KB5005566 cumulative updates. Microsoft fixes Windows MSHTML zero-day Microsoft has released a security update for the Windows MSHTML remote code execution vulnerability tracked as CVE-2021-40444. Last Tuesday, Microsoft disclosed a new zero-day Windows MSHTML remote code execution vulnerability that threat actors actively used in phishing attacks. These attacks distributed malicious Word documents that exploited the CVE-2021-40444 to download and execute a malicious DLL file that installed a Cobalt Strike beacon on the victim's computer. This beacon allows a threat actor to gain remote access to the device to steal files and spread laterally throughout the network. Soon after Microsoft disclosed the vulnerability, threat actors and security researchers began sharing guides on exploiting the vulnerability, which allowed anyone to start using it in attacks, as demonstrated below. With the September 2021 Patch Tuesday updates, Microsoft has released a security update for this vulnerability. As researchers discovered numerous ways to exploit the bug, including a bypass to mitigations, it is not clear if the security update fixes all of the techniques. Two zero-days fixed, with one actively exploited September's Patch Tuesday includes fixes for two zero-day vulnerabilities, with the MSHTML bug actively exploited in the wild. Microsoft classifies a vulnerability as a zero-day if publicly disclosed or actively exploited with no official security updates released. The publicly disclosed, but not actively exploited, zero-day vulnerability is: CVE-2021-36968 - Windows DNS Elevation of Privilege Vulnerability The only actively exploited vulnerability is the Windows MSHTML remote code execution vulnerability, as previously discussed: CVE-2021-40444 - Microsoft MSHTML Remote Code Execution Vulnerability Recent updates from other companies Other vendors who released updates in July include: Adobe released security updates for two products. Android's September security updates were released last week. Apple released security updates for iOS and macOS yesterday that fix two zero-day vulnerabilities exploited in the wild. One of the vulnerabilities was used to install the NSO Pegasus spyware on activists's devices. Cisco released security updates for numerous products this month. SAP released its September 2021 security updates. The September 2021 Patch Tuesday Security Updates Below is the complete list of resolved vulnerabilities and released advisories in the September 2021 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here. Tag CVE ID CVE Title Severity Azure Open Management Infrastructure CVE-2021-38648 Open Management Infrastructure Elevation of Privilege Vulnerability Important Azure Open Management Infrastructure CVE-2021-38645 Open Management Infrastructure Elevation of Privilege Vulnerability Important Azure Open Management Infrastructure CVE-2021-38647 Open Management Infrastructure Remote Code Execution Vulnerability Critical Azure Open Management Infrastructure CVE-2021-38649 Open Management Infrastructure Elevation of Privilege Vulnerability Important Azure Sphere CVE-2021-36956 Azure Sphere Information Disclosure Vulnerability Important Dynamics Business Central Control CVE-2021-40440 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important Microsoft Accessibility Insights for Android CVE-2021-40448 Microsoft Accessibility Insights for Android Information Disclosure Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-30606 Chromium: CVE-2021-30606 Use after free in Blink Unknown Microsoft Edge (Chromium-based) CVE-2021-30609 Chromium: CVE-2021-30609 Use after free in Sign-In Unknown Microsoft Edge (Chromium-based) CVE-2021-30608 Chromium: CVE-2021-30608 Use after free in Web Share Unknown Microsoft Edge (Chromium-based) CVE-2021-30607 Chromium: CVE-2021-30607 Use after free in Permissions Unknown Microsoft Edge (Chromium-based) CVE-2021-38641 Microsoft Edge for Android Spoofing Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-38642 Microsoft Edge for iOS Spoofing Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-38669 Microsoft Edge (Chromium-based) Tampering Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-36930 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-30632 Chromium: CVE-2021-30632 Out of bounds write in V8 Unknown Microsoft Edge (Chromium-based) CVE-2021-30610 Chromium: CVE-2021-30610 Use after free in Extensions API Unknown Microsoft Edge (Chromium-based) CVE-2021-30620 Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink Unknown Microsoft Edge (Chromium-based) CVE-2021-30619 Chromium: CVE-2021-30619 UI Spoofing in Autofill Unknown Microsoft Edge (Chromium-based) CVE-2021-30618 Chromium: CVE-2021-30618 Inappropriate implementation in DevTools Unknown Microsoft Edge (Chromium-based) CVE-2021-30621 Chromium: CVE-2021-30621 UI Spoofing in Autofill Unknown Microsoft Edge (Chromium-based) CVE-2021-30624 Chromium: CVE-2021-30624 Use after free in Autofill Unknown Microsoft Edge (Chromium-based) CVE-2021-30623 Chromium: CVE-2021-30623 Use after free in Bookmarks Unknown Microsoft Edge (Chromium-based) CVE-2021-30622 Chromium: CVE-2021-30622 Use after free in WebApp Installs Unknown Microsoft Edge (Chromium-based) CVE-2021-30613 Chromium: CVE-2021-30613 Use after free in Base internals Unknown Microsoft Edge (Chromium-based) CVE-2021-30612 Chromium: CVE-2021-30612 Use after free in WebRTC Unknown Microsoft Edge (Chromium-based) CVE-2021-30611 Chromium: CVE-2021-30611 Use after free in WebRTC Unknown Microsoft Edge (Chromium-based) CVE-2021-30614 Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip Unknown Microsoft Edge (Chromium-based) CVE-2021-30617 Chromium: CVE-2021-30617 Policy bypass in Blink Unknown Microsoft Edge (Chromium-based) CVE-2021-30616 Chromium: CVE-2021-30616 Use after free in Media Unknown Microsoft Edge (Chromium-based) CVE-2021-30615 Chromium: CVE-2021-30615 Cross-origin data leak in Navigation Unknown Microsoft Edge (Chromium-based) CVE-2021-26436 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important Microsoft Edge for Android CVE-2021-26439 Microsoft Edge for Android Information Disclosure Vulnerability Moderate Microsoft MPEG-2 Video Extension CVE-2021-38644 Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability Important Microsoft Office CVE-2021-38657 Microsoft Office Graphics Component Information Disclosure Vulnerability Important Microsoft Office CVE-2021-38658 Microsoft Office Graphics Remote Code Execution Vulnerability Important Microsoft Office CVE-2021-38650 Microsoft Office Spoofing Vulnerability Important Microsoft Office CVE-2021-38659 Microsoft Office Remote Code Execution Vulnerability Important Microsoft Office Access CVE-2021-38646 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2021-38655 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2021-38660 Microsoft Office Graphics Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2021-38651 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office SharePoint CVE-2021-38652 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office Visio CVE-2021-38654 Microsoft Office Visio Remote Code Execution Vulnerability Important Microsoft Office Visio CVE-2021-38653 Microsoft Office Visio Remote Code Execution Vulnerability Important Microsoft Office Word CVE-2021-38656 Microsoft Word Remote Code Execution Vulnerability Important Microsoft Windows Codecs Library CVE-2021-38661 HEVC Video Extensions Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2021-36968 Windows DNS Elevation of Privilege Vulnerability Important Visual Studio CVE-2021-36952 Visual Studio Remote Code Execution Vulnerability Important Visual Studio CVE-2021-26434 Visual Studio Elevation of Privilege Vulnerability Important Visual Studio CVE-2021-26437 Visual Studio Code Spoofing Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2021-38628 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2021-38638 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Authenticode CVE-2021-36959 Windows Authenticode Spoofing Vulnerability Important Windows Bind Filter Driver CVE-2021-36954 Windows Bind Filter Driver Elevation of Privilege Vulnerability Important Windows BitLocker CVE-2021-38632 BitLocker Security Feature Bypass Vulnerability Important Windows Common Log File System Driver CVE-2021-38633 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Common Log File System Driver CVE-2021-36963 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Common Log File System Driver CVE-2021-36955 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Event Tracing CVE-2021-36964 Windows Event Tracing Elevation of Privilege Vulnerability Important Windows Event Tracing CVE-2021-38630 Windows Event Tracing Elevation of Privilege Vulnerability Important Windows Installer CVE-2021-36962 Windows Installer Information Disclosure Vulnerability Important Windows Installer CVE-2021-36961 Windows Installer Denial of Service Vulnerability Important Windows Kernel CVE-2021-38626 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2021-38625 Windows Kernel Elevation of Privilege Vulnerability Important Windows Key Storage Provider CVE-2021-38624 Windows Key Storage Provider Security Feature Bypass Vulnerability Important Windows MSHTML Platform CVE-2021-40444 Microsoft MSHTML Remote Code Execution Vulnerability Important Windows Print Spooler Components CVE-2021-38667 Windows Print Spooler Elevation of Privilege Vulnerability Important Windows Print Spooler Components CVE-2021-38671 Windows Print Spooler Elevation of Privilege Vulnerability Important Windows Print Spooler Components CVE-2021-40447 Windows Print Spooler Elevation of Privilege Vulnerability Important Windows Redirected Drive Buffering CVE-2021-36969 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability Important Windows Redirected Drive Buffering CVE-2021-38635 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability Important Windows Redirected Drive Buffering CVE-2021-36973 Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability Important Windows Redirected Drive Buffering CVE-2021-38636 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability Important Windows Scripting CVE-2021-26435 Windows Scripting Engine Memory Corruption Vulnerability Critical Windows SMB CVE-2021-36960 Windows SMB Information Disclosure Vulnerability Important Windows SMB CVE-2021-36972 Windows SMB Information Disclosure Vulnerability Important Windows SMB CVE-2021-36974 Windows SMB Elevation of Privilege Vulnerability Important Windows Storage CVE-2021-38637 Windows Storage Information Disclosure Vulnerability Important Windows Subsystem for Linux CVE-2021-36966 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important Windows TDX.sys CVE-2021-38629 Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability Important Windows Update CVE-2021-38634 Microsoft Windows Update Client Elevation of Privilege Vulnerability Important Windows Win32K CVE-2021-38639 Win32k Elevation of Privilege Vulnerability Important Windows Win32K CVE-2021-36975 Win32k Elevation of Privilege Vulnerability Important Windows WLAN Auto Config Service CVE-2021-36965 Windows WLAN AutoConfig Service Remote Code Execution Vulnerability Critical Windows WLAN Service CVE-2021-36967 Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability Important Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws
  7. The September 2021 Patch Update is released and Microsoft is now rolling out new KB5005565 and KB5005566 cumulative updates for recent versions of Windows 10. Today's cumulative updates include security fixes for PCs with May 2021 Update (version 21H1), October 2020 Update (version 20H2), and May 2020 Update (version 2004). The update is now rolling out via Windows Update, WSUS, and the Microsoft Update Catalog with numerous bug fixes and performance enhancements. The full list of today's cumulative updates is below: Windows 10 version 1507 — KB5005569 (OS Build 10240.19060) Windows 10 version 1607 — KB5005573 (OS Build 14393.4651) Windows 10 version 1703 — EOS Windows 10 version 1709 — EOS Windows 10 version 1803 — EOS Windows 10 version 1809 — KB5005568 (OS Build 17763.2183) Windows 10 version 1903 — EOS Windows 10 version 1909 — KB5005566 (OS Build 18363.1801) Windows 10 version 2004, 20H2 and 21H1 — KB5005565 (OS Builds 19041.1237, 19042.1237, and 19043.1237) Like every Patch Tuesday, you can check for and install new updates by going to Settings, clicking on Windows Update, and selecting 'Check for Updates' to install the updates. Windows Update offering today's updates If you own multiple PCs or if you would like to patch the PCs manually, you can learn more about how to do so here. Today's Patch Tuesday updates also fix 60 security vulnerabilities, including a Windows MSHTML zero-day vulnerability tracked as CVE-2021-40444. What's new in the KB5005565 cumulative update With the KB5005565 update, Microsoft has addressed a bug that causes Bluetooth headsets to only work for voice calls and another bug that provides the wrong Furigana result when you cancel the Japanese reconversion. The company has also updated an issue that resets syncing for Microsoft OneDrive to “Known folders only” after you install a Windows update. After installing this update, Windows 10 2004 will be updated to build 19041.1237, Windows 10 20H2 will be updated to build 19042.1237, and Windows 10 21H1 will be updated to build 19043.1237. This cumulative update comes with the following highlighted fixes: Addresses an issue that causes PowerShell to create an infinite number of child directories. This issue occurs when you use the PowerShell Move-Item command to move a directory to one of its children. As a result, the volume fills up and the system stops responding. Updates a rare condition that causes Bluetooth headsets to only work for voice calls. Updates an issue that provides the wrong Furigana result when you cancel the Japanese reconversion. Updates an issue that resets syncing for Microsoft OneDrive to “Known folders only” after you install a Windows update. Updates an issue that prevents audio headsets that connect to a device using USB from working if the device has certain third-party audio drivers. Updates an issue with resizing images that might produce flickering and residual line artifacts. Updates an issue that prevents you from typing any words in the username box during the out-of-box experience (OOBE) process. This issue occurs when you use the Chinese Input Method Editor (IME). Updates an issue with copying and pasting a text box into Office 365 apps. If you use an IME, you won’t be able to insert text into the text box. Updates an issue that might cause your device to stop working when making a touch input gesture. This issue occurs if you bring more fingers into contact with the touchpad or screen during the middle of the gesture. Updates an issue that might cause an external monitor to display a black screen after Hibernation. This issue might occur when the external monitor connects to a docking station using a certain hardware interface. Updates an issue that resets the brightness for standard dynamic range (SDR) content on high-dynamic range (HDR) monitors. This occurs after you restart your device or reconnect to the device remotely. Windows 10 version 1909 is getting KB5005566 with identical fixes. Windows 10 KB5005565 & KB5005566 cumulative updates released
  8. Microsoft is releasing updates for all supported Windows versions today as part of its Patch Tuesday updates. This includes the Windows 10 versions currently supported, both completely and for specific SKUs, Windows 8.1, and customers that have opted for extended Windows 7 security updates. However, unlike Windows 10, Windows 8.1 and Windows 7 do not receive mid-month updates and are locked to just one update per month, unless there are urgent security fixes. As usual, there are two types of Windows 8.1 and Windows 7 updates – monthly rollup and security-only updates. While monthly rollups are served through Windows Update, security-only updates can only be manually installed. Both these updates are available for download through the Update Catalog. This month, there is also an IE security update rolling out to Windows 7 and 8.1 users, which you can check out here under KB5005563. To begin with, Windows 8.1 and the corresponding Windows Server release - Windows Server 2012 R2 - users are receiving monthly rollup KB5005613, which can be manually downloaded from the Update Catalog here. The improvements made as part of the update include the fix for the zero-day vulnerability: This update contains miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release. The known issue listed for the update is mentioned below: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. The security-only update is KB5005627 and can be found here for manual download and installation depending on the version. As mentioned earlier, these are not available through Windows Update. The changes and fixes are identical to that of the monthly rollup. Next up are Windows 7 and Windows Server 2008 R2 SP1. The monthly rollup heading out to these customers is termed KB5005633 and can be manually downloaded from here. These updates are only available for those that have opted for paid updates. The changes and fixes are as follows: Addresses an issue in which a driver might not install if the driver is signed with more than one code sign signatures. This update also contains miscellaneous security improvements to internal OS functionality. As is always the case, the known issues are separately mentioned in the KB article. Here is the list for Windows 7 users to note: Symptom Workaround After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as Failed in Update History. This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article. Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. The security-only update for this version is KB5005615 and can be manually downloaded from here. Just like for Windows 8.1, the fixes and known issues in the security-only update are identical to that of the monthly rollup. As usual, you can head to the linked KB articles to read through more information about the updates and useful links. Windows 7 and Windows 8.1 Patch Tuesday updates are now live
  9. The August 2021 Patch Tuesday is out and Microsoft has published several new cumulative updates (KB5005033 & KB5005031) for recent versions of Windows 10. Today's cumulative updates include security fixes for PCs with May 2021 Update, October 2020 Update, and May 2020 Update. The update is rollout via Windows Update, WSUS and Microsoft Update Catalog with numerous bug fixes and performance enhancements. Like every Windows Update, you can open Settings, click on Windows Update, and select 'Check for Updates' to install the updates. The full list of today's cumulative updates is below: Windows 10 version 1507 — KB5004249 (OS Build 10240.19003) Windows 10 version 1607 — KB5004238 (OS Build 14393.4530) Windows 10 version 1703 — EOS Windows 10 version 1709 — EOS Windows 10 version 1803 — EOS Windows 10 version 1809 — KB5004244 (OS Build 17763.2061) Windows 10 version 1903 — EOS Windows 10 version 1909 — KB5004245 (OS Build 18363.1679) Windows 10 version 2004, 20H2 and 21H1 — KB5004237 (OS Builds 19041.1110, 19042.1110, and 19043.1110) If you own multiple PCs or if you would like to patch the PCs manually, you can learn more about how to do this here. Microsoft also fixed 44 security vulnerabilities in the August 2021 Patch Tuesday updates. These updates include three fixes for zero-day vulnerabilities that were actively exploited or publicly disclosed, like PrintNightmare and PetitPotam. What's new in the KB5005033 cumulative update With the KB5005033 update, Microsoft has released numerous security and non-security improvements. For example, Microsoft fixed an issue that prevents power plans and Game Mode from working as expected, resulting in lower frame rates and reduced performance while gaming. Another bug has been fixed that causes the File Explorer window to lose focus when you are mapping a network drive. This cumulative updates comes with the following highlighted fixes: Changes the default privilege requirement for installing drivers when using Point and Print. After installing this update, you must have administrative privileges to install drivers. If you use Point and Print, see KB5005652, Point and Print Default Behavior Change, and CVE-2021-34481 for more information. We fixed an issue that prevents gaming services from opening certain games for desktop users. We fixed an issue that prevents you from entering text using the Input Method Editor (IME). This might occur, for example, after startup if you have set the power options to shut down a laptop by closing its lid. We fixed an issue with an MDM service that fails to correctly apply certain junk mail rules. We fixed an issue that always reports the update build revision (UBR) as zero (0) on a device during enrollment to an MDM service. We fixed an issue with auditing events 4624 and 5142 that display the wrong event template when Dutch is the display language. We fixed an issue that causes System Integrity to leak memory. We fixed an issue that plays the sound for selecting something in a game loudly when you press the trigger button on a game controller. We fixed an issue that prevents power plans and Game Mode from working as expected. This results in lower frame rates and reduced performance while We fixed an issue that prevents you from accessing a network drive that maps to a Distributed File System (DFS) root after you sign out. Windows 10 version 1909 is getting KB5005031 with identical fixes. Windows 10 KB5005033 & KB5005031 cumulative updates released
  10. Today is Microsoft's August 2021 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities and a total of 44 flaws, so please be nice to your Windows admins as they scramble to installed patches. Microsoft has fixed 44 vulnerabilities (51 including Microsoft Edge) with today's update, with seven classified as Critical and 37 as Important. Of the 44 vulnerabilities, 13 are remote code execution, eight are information disclosure, two are denial of service, and four are spoofing vulnerabilities. For information about the non-security Windows updates, you can read about today's Windows 10 KB5005033 & KB5005031 cumulative updates. Microsoft fixes PrintNightmare and PetitPotam attacks Microsoft has released security updates for two eagerly anticipated zero-day vulnerabilities that were discovered over the past month. One of the security updates fixes the PrintNightmare vulnerabilities that allow threat actors to gain SYSTEM level privileges simply by connecting to a remote print server under their control. Microsoft has fixed this vulnerability by requiring users have administrative privileges to install printer drivers using the Point and Print Windows feature. You can find more detailed information about the PrintNightmare vulnerability and the Point and Print mitigations in a dedicated article published today. Microsoft also fixed the PetitPotam NTLM relay attack vector that uses the MS-EFSRPC API to force a device to negotiate with a remote relay server under an attacker's control. A threat actor with low privileges could use this attack to take over a domain controller and thus the entire Windows domain. Three zero-days fixed, with one actively exploited August's Patch Tuesday includes three zero-day vulnerabilities, with one actively exploited in the wild. Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official security updates or released. The two publicly disclosed, but not actively exploited, zero-day vulnerabilities are: CVE-2021-36936 - Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-36942 - Windows LSA Spoofing Vulnerability The CVE-2021-36942 vulnerability is associated with the PetitPotam NTLM relay attack vector that allows the take over of domain controllers. Finally, one actively exploited elevation of privileges vulnerability was discovered by the Microsoft Security Response Center (MSRC) and Microsoft Threat Intelligence Center (MSTIC). CVE-2021-36948 - Windows Update Medic Service Elevation of Privilege Vulnerability It is unknown how threat actors used this vulnerability in attacks at this time. Recent updates from other companies Other vendors who released updates in July include: Adobe released security updates for two products. Android's August security updates were released last week. Cisco released security updates for numerous products this month. SAP released its August 2021 security updates. VMware released security updates for VMware Workspace ONE The August 2021 Patch Tuesday Security Updates Below is the complete list of resolved vulnerabilities and released advisories in the August 2021 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here. Tag CVE ID CVE Title Severity .NET Core & Visual Studio CVE-2021-34485 .NET Core and Visual Studio Information Disclosure Vulnerability Important .NET Core & Visual Studio CVE-2021-26423 .NET Core and Visual Studio Denial of Service Vulnerability Important ASP.NET Core & Visual Studio CVE-2021-34532 ASP.NET Core and Visual Studio Information Disclosure Vulnerability Important Azure CVE-2021-36943 Azure CycleCloud Elevation of Privilege Vulnerability Important Azure CVE-2021-33762 Azure CycleCloud Elevation of Privilege Vulnerability Important Azure Sphere CVE-2021-26428 Azure Sphere Information Disclosure Vulnerability Important Azure Sphere CVE-2021-26430 Azure Sphere Denial of Service Vulnerability Important Azure Sphere CVE-2021-26429 Azure Sphere Elevation of Privilege Vulnerability Important Microsoft Azure Active Directory Connect CVE-2021-36949 Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability Important Microsoft Dynamics CVE-2021-36946 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important Microsoft Dynamics CVE-2021-36950 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important Microsoft Dynamics CVE-2021-34524 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-30591 Chromium: CVE-2021-30591 Use after free in File System API Unknown Microsoft Edge (Chromium-based) CVE-2021-30592 Chromium: CVE-2021-30592 Out of bounds write in Tab Groups Unknown Microsoft Edge (Chromium-based) CVE-2021-30597 Chromium: CVE-2021-30597 Use after free in Browser UI Unknown Microsoft Edge (Chromium-based) CVE-2021-30594 Chromium: CVE-2021-30594 Use after free in Page Info UI Unknown Microsoft Edge (Chromium-based) CVE-2021-30596 Chromium: CVE-2021-30596 Incorrect security UI in Navigation Unknown Microsoft Edge (Chromium-based) CVE-2021-30590 Chromium: CVE-2021-30590 Heap buffer overflow in Bookmarks Unknown Microsoft Edge (Chromium-based) CVE-2021-30593 Chromium: CVE-2021-30593 Out of bounds read in Tab Strip Unknown Microsoft Graphics Component CVE-2021-34530 Windows Graphics Component Remote Code Execution Vulnerability Critical Microsoft Graphics Component CVE-2021-34533 Windows Graphics Component Font Parsing Remote Code Execution Vulnerability Important Microsoft Office CVE-2021-34478 Microsoft Office Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2021-36940 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office Word CVE-2021-36941 Microsoft Word Remote Code Execution Vulnerability Important Microsoft Scripting Engine CVE-2021-34480 Scripting Engine Memory Corruption Vulnerability Critical Microsoft Windows Codecs Library CVE-2021-36937 Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability Important Remote Desktop Client CVE-2021-34535 Remote Desktop Client Remote Code Execution Vulnerability Critical Windows Bluetooth Service CVE-2021-34537 Windows Bluetooth Driver Elevation of Privilege Vulnerability Important Windows Cryptographic Services CVE-2021-36938 Windows Cryptographic Primitives Library Information Disclosure Vulnerability Important Windows Defender CVE-2021-34471 Microsoft Windows Defender Elevation of Privilege Vulnerability Important Windows Event Tracing CVE-2021-34486 Windows Event Tracing Elevation of Privilege Vulnerability Important Windows Event Tracing CVE-2021-34487 Windows Event Tracing Elevation of Privilege Vulnerability Important Windows Event Tracing CVE-2021-26425 Windows Event Tracing Elevation of Privilege Vulnerability Important Windows Media CVE-2021-36927 Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability Important Windows MSHTML Platform CVE-2021-34534 Windows MSHTML Platform Remote Code Execution Vulnerability Critical Windows NTLM CVE-2021-36942 Windows LSA Spoofing Vulnerability Important Windows Print Spooler Components CVE-2021-34483 Windows Print Spooler Elevation of Privilege Vulnerability Important Windows Print Spooler Components CVE-2021-36947 Windows Print Spooler Remote Code Execution Vulnerability Important Windows Print Spooler Components CVE-2021-36936 Windows Print Spooler Remote Code Execution Vulnerability Critical Windows Services for NFS ONCRPC XDR Driver CVE-2021-36933 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important Windows Services for NFS ONCRPC XDR Driver CVE-2021-26433 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important Windows Services for NFS ONCRPC XDR Driver CVE-2021-36932 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important Windows Services for NFS ONCRPC XDR Driver CVE-2021-26432 Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability Critical Windows Services for NFS ONCRPC XDR Driver CVE-2021-36926 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important Windows Storage Spaces Controller CVE-2021-34536 Storage Spaces Controller Elevation of Privilege Vulnerability Important Windows TCP/IP CVE-2021-26424 Windows TCP/IP Remote Code Execution Vulnerability Critical Windows Update CVE-2021-36948 Windows Update Medic Service Elevation of Privilege Vulnerability Important Windows Update Assistant CVE-2021-36945 Windows 10 Update Assistant Elevation of Privilege Vulnerability Important Windows Update Assistant CVE-2021-26431 Windows Recovery Environment Agent Elevation of Privilege Vulnerability Important Windows User Profile Service CVE-2021-34484 Windows User Profile Service Elevation of Privilege Vulnerability Important Windows User Profile Service CVE-2021-26426 Windows User Account Profile Picture Elevation of Privilege Vulnerability Important Microsoft August 2021 Patch Tuesday fixes 3 zero-days, 44 flaws
  11. Windows 7 and 8.1 Patch Tuesday updates are live, here's the complete changelog Just like clockwork, Microsoft is today releasing cumulative updates to all supported Windows versions as part of its Patch Tuesday updates. These include Windows 10 versions that are fully supported – such as the three latest versions, and other SKUs that are supported for certain types of customers, along with Windows 8.1 and users that have opted for Windows 7 Extended Security Updates (ESUs). While Windows 8.1 and 7 usually receive a single update a month, the firm released emergency updates for the PrintNightmare vulnerability earlier this month, which will also be bundled into these packages. As is always the case with updates for Windows 8.1 and Windows 7, there are two types of updates. They are monthly rollup packages and security-only updates. While monthly rollups are automatically served through Windows Updates, security-only updates can be manually acquired from the Update Catalog and installed on systems. For Windows 8.1 and the corresponding Windows Server release, the update is KB5004298, which can also be downloaded from the Update Catalog here. The improvements and fixes made in this update are as follows: Addresses an issue in which 16-bit applications fail with an error message that states a general fault in VBRUN300.DLL. Addresses an issue in which some EMFs built by using third-party applications that use ExtCreatePen and ExtCreateFontIndirect render incorrectly. Adds Advanced Encryption Standard (AES) encryption protections for CVE-2021-33757. For more information, see KB5004605. Removes support for the PerformTicketSignature setting and permanently enables Enforcement mode. For more information and additional steps to enable protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049. Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, Windows Operating System Security, Windows Graphics, Microsoft Scripting Engine, Windows HTML Platforms, and Windows MSHTML Platform. The security-only update for Windows 8.1 is served by KB5004285, which can be downloaded manually from here. The changelog is similar to that of the monthly rollup, bringing fixes for CVE-2021-33757 and removing the PerformTicketSignature setting. It also contains the single known issue found in the rollup. The firm has listed one known issue that is common across both updates, which has been present for a long time. It is not clear when the renaming issue will be fixed. Here is the explanation of that issue provided by the company: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. Windows 7 and Windows Server 2008 R2 SP1 users that have opted for ESUs will receive monthly rollup via KB5004289 that can be found for manual download here. The security-only update is KB5004307 which can be manually downloaded from here. The changelogs for both the monthly rollup and security-only update are identical to that of Windows 8.1, which is listed above. The updates for Windows 7, however, have an additional known issue that might cause the update to fail. The rename bug in Cluster Shared Volume (CSV) folders affects this OS as well. Here is the changelog that details the additional issue: Symptom Workaround After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History. This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article. As usual, the monthly rollups will be served through Windows Update for supported devices. The security-only updates are to be manually pulled from the Update Catalog links. Windows 7 and 8.1 Patch Tuesday updates are live, here's the complete changelog
  12. Windows 10 Patch Tuesday updates are out now, here's what's new Today is the second Tuesday of the month, which means it time for Patch Tuesday, the day that all supported versions of Windows receive cumulative updates. This past month, however, has been a busy one for Windows with multiple updates rolling out to all supported versions, with some of them being mandatory ones to address the PrintNightmare vulnerability. Those fixes are rolled into these cumulative updates, for those that haven’t installed them yet. There have also been updates to address gaming performance and PDF issues. The Redmond firm also released the first Windows 11 Insider Preview build late last month, which has already begun being serviced with cumulative updates. However, there are no new updates being served for the Dev channel today as those releases might – for now – be tied to the usual Wednesday cadence. As for Windows 10, the three most recent – and fully supported – versions, 2004, 20H2, and 21H1 are receiving KB5004237, bumping the builds up to 19041.1110, 19042.1110, and 19043.1110, respectively. This is because the three versions are built on the same codebase, with the October 2020 Update and May 2021 Update being just enablement packages. The updates bring fixes for issues with certain printer types, such as Zebra printers, that were introduced as part of the PrintNightmare fixes. As usual, these updates will be offered to users via Windows Update. However, they can also be manually downloaded from the Update Catalog here. Here are the highlights of the update for the three fully supported Windows versions: Updates for verifying usernames and passwords. Updates to improve security when Windows performs basic operations. Updates an issue that might make printing to certain printers difficult. This issue affects various brands and models, but primarily receipt or label printers that connect using a USB port. And the complete list of fixes brought by this update are as follows: Addresses an issue that might make printing to certain printers difficult. This issue affects various brands and models, but primarily receipt or label printers that connect using a USB port. Removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049. For more information and steps to enable full protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049. Adds Advanced Encryption Standard (AES) encryption protections for CVE-2021-33757. For more information, see KB5004605. Addresses a vulnerability in which Primary Refresh Tokens are not strongly encrypted. This issue might allow the tokens to be reused until the token expires or is renewed. For more information about this issue, see CVE-2021-33779. Security updates to Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics. As is the case with these updates, the firm has listed the known issues in the build that users and admins must be aware of. Here is the complete list: Symptom Workaround When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function. We are working on a resolution and will provide an update in an upcoming release. Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect directly to Windows Update to receive updates are not affected. This includes devices using Windows Update for Business. Any device connecting to Windows Update should always receive the latest versions of the SSU and latest cumulative update (LCU) without any extra steps. To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the using SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cab Extract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:* You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business. However, if you are running older Windows 10 versions such as 1909, 1809, or others, you will also receive updates for the duration that your SKU is supported. Here is a summary of the Windows 10 versions that are still supported, the SKUs they are supported for, and the updates that are rolling out for them. Version KB Build Download Support 1909 KB5004245 18363.1679 Update Catalog Enterprise and Education SKUs 1809 KB5004244 17763.2061 Update Catalog Long Term Servicing Channel (LTSC) 1607 KB5004238 14393.4530 Update Catalog 1507 KB5004249 10240.19003 Update Catalog As usual, supported versions will receive mandatory updates via Windows Updates. They should be installed in the background. However, you can also head into Settings > Update & Security > Windows Update to check if these have been downloaded and are awaiting an install. Along with Windows 10, Microsoft is also releasing updates for Windows 8.1 users and those who have opted for Extended Security Updates for Windows 7. Windows 10 Patch Tuesday updates are out now, here's what's new
  13. Windows 7 and 8.1 Patch Tuesday updates are now out, here's the complete changelog As is the case every month, Microsoft is releasing cumulative updates for all supported Windows versions. These include the three most recent Windows 10 versions for consumers and a few versions that are supported for specific channels and select SKUs. Windows 8.1 and Windows 7 too are receiving updates, with the latter being reserved for those who have opted to pay for extended updates. As usual, the updates are split into two parts – monthly rollup and security-only updates. Monthly rollup packages are automatically served through Windows Update and security-only updates can be manually downloaded through the update catalog. Starting with Windows 8.1 and Windows Server 2012 R2, the monthly rollup is KB5003671 and can be downloaded manually from the Update Catalog here. The changelog for this patch includes: Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Storage and Filesystems, Windows HTML Platform, and Microsoft Scripting Engine. As for the security-only update, that is labeled as KB5003681 and can be manually downloaded from here. The list of fixes is similar to that of the monthly rollup. Here's the changelog posted by the firm: Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, and Windows Storage and Filesystems. Both updates share the same known issue that users must be aware of. Here are the problems documented by the firm: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. Moving on to Windows 7 and Windows Server 2008 R2 SP1, the monthly rollup is KB5003667 and can be downloaded from here manually. It comes with the following fixes and improvements detailed in the knowledge base changelog: Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Remote Desktop, Windows Storage and Filesystems, Windows HTML Platform, and Microsoft Scripting Engine. The security-only update is labeled KB5003694 and can be downloaded manually from the Update Catalog here. The fixes listed in this patch are as follows: Addresses an issue in the Server Message Block (SMB) protocol which may cause frequent crashes with Stop error 0xA on devices that run Windows Server 2008 R2 Service Pack 1 (SP1). Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Remote Desktop, and Windows Storage and Filesystems. Both these updates share the same set of known issues, with the renaming issue now being there on the list for a long time. Symptom Workaround After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive an error, "Cannot connect to , Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (.Net SqlClient Data Provider)" This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server. After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History. This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article. Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. As is always the case, you can head to Windows Update and check for updates to pull the monthly rollup patches. You can also head to the individual download links for the security-only updates which can only be manually installed. Windows 7 and 8.1 Patch Tuesday updates are now out, here's the complete changelog
  14. Microsoft June 2021 Patch Tuesday fixes 6 exploited zero-days, 50 flaws Today is Microsoft's June 2021 Patch Tuesday, and with it comes fixes for seven zero-day vulnerabilities and a total of 50 flaws, so Windows admins will be scrambling to get devices secured. Microsoft has fixed 50 vulnerabilities with today's update, with five classified as Critical and forty-five as Important. For information about the non-security Windows updates, you can read about today's Windows 10 KB5003637 & KB5003635 cumulative updates. Seven zero-day vulnerabilities fixed As part of today's Patch Tuesday, Microsoft has fixed seven zero-day vulnerabilities, with six of them known to be exploited in the past. The six actively exploited zero-day vulnerabilities are: CVE-2021-31955 - Windows Kernel Information Disclosure Vulnerability CVE-2021-31956 - Windows NTFS Elevation of Privilege Vulnerability CVE-2021-33739 - Microsoft DWM Core Library Elevation of Privilege Vulnerability CVE-2021-33742 - Windows MSHTML Platform Remote Code Execution Vulnerability CVE-2021-31199 - Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability In addition, the 'CVE-2021-31968 - Windows Remote Desktop Services Denial of Service Vulnerability' was publicly disclosed but not seen in attacks. Kaspersky discovered two of the zero-day vulnerabilities, so we will likely see a report coming soon explaining how they were used. Recent updates from other companies Other vendors who released updates in June include: Adobe released security updates for ten products. Android's June security updates were released yesterday. Cisco released security updates for numerous products this month. SAP released its June 2021 security updates. The June 2021 Patch Tuesday Security Updates Below is the full list of resolved vulnerabilities and released advisories in the June 2021 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here. Tag CVE ID CVE Title Severity .NET Core & Visual Studio CVE-2021-31957 .NET Core and Visual Studio Denial of Service Vulnerability Important 3D Viewer CVE-2021-31942 3D Viewer Remote Code Execution Vulnerability Important 3D Viewer CVE-2021-31943 3D Viewer Remote Code Execution Vulnerability Important 3D Viewer CVE-2021-31944 3D Viewer Information Disclosure Vulnerability Important Microsoft DWM Core Library CVE-2021-33739 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-33741 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important Microsoft Intune CVE-2021-31980 Microsoft Intune Management Extension Remote Code Execution Vulnerability Important Microsoft Office CVE-2021-31940 Microsoft Office Graphics Remote Code Execution Vulnerability Important Microsoft Office CVE-2021-31941 Microsoft Office Graphics Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2021-31939 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Outlook CVE-2021-31949 Microsoft Outlook Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2021-31964 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office SharePoint CVE-2021-31963 Microsoft SharePoint Server Remote Code Execution Vulnerability Critical Microsoft Office SharePoint CVE-2021-31950 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office SharePoint CVE-2021-31948 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office SharePoint CVE-2021-31966 Microsoft SharePoint Server Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2021-31965 Microsoft SharePoint Server Information Disclosure Vulnerability Important Microsoft Office SharePoint CVE-2021-26420 Microsoft SharePoint Server Remote Code Execution Vulnerability Important Microsoft Scripting Engine CVE-2021-31959 Scripting Engine Memory Corruption Vulnerability Critical Microsoft Windows Codecs Library CVE-2021-31967 VP9 Video Extensions Remote Code Execution Vulnerability Critical Paint 3D CVE-2021-31946 Paint 3D Remote Code Execution Vulnerability Important Paint 3D CVE-2021-31983 Paint 3D Remote Code Execution Vulnerability Important Paint 3D CVE-2021-31945 Paint 3D Remote Code Execution Vulnerability Important Role: Hyper-V CVE-2021-31977 Windows Hyper-V Denial of Service Vulnerability Important Visual Studio Code - Kubernetes Tools CVE-2021-31938 Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability Important Windows Bind Filter Driver CVE-2021-31960 Windows Bind Filter Driver Information Disclosure Vulnerability Important Windows Common Log File System Driver CVE-2021-31954 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Cryptographic Services CVE-2021-31201 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability Important Windows Cryptographic Services CVE-2021-31199 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability Important Windows DCOM Server CVE-2021-26414 Windows DCOM Server Security Feature Bypass Important Windows Defender CVE-2021-31978 Microsoft Defender Denial of Service Vulnerability Important Windows Defender CVE-2021-31985 Microsoft Defender Remote Code Execution Vulnerability Critical Windows Drivers CVE-2021-31969 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important Windows Event Logging Service CVE-2021-31972 Event Tracing for Windows Information Disclosure Vulnerability Important Windows Filter Manager CVE-2021-31953 Windows Filter Manager Elevation of Privilege Vulnerability Important Windows HTML Platform CVE-2021-31971 Windows HTML Platform Security Feature Bypass Vulnerability Important Windows Installer CVE-2021-31973 Windows GPSVC Elevation of Privilege Vulnerability Important Windows Kerberos CVE-2021-31962 Kerberos AppContainer Security Feature Bypass Vulnerability Important Windows Kernel CVE-2021-31951 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2021-31955 Windows Kernel Information Disclosure Vulnerability Important Windows Kernel-Mode Drivers CVE-2021-31952 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Important Windows MSHTML Platform CVE-2021-33742 Windows MSHTML Platform Remote Code Execution Vulnerability Critical Windows Network File System CVE-2021-31975 Server for NFS Information Disclosure Vulnerability Important Windows Network File System CVE-2021-31974 Server for NFS Denial of Service Vulnerability Important Windows Network File System CVE-2021-31976 Server for NFS Information Disclosure Vulnerability Important Windows NTFS CVE-2021-31956 Windows NTFS Elevation of Privilege Vulnerability Important Windows NTLM CVE-2021-31958 Windows NTLM Elevation of Privilege Vulnerability Important Windows Print Spooler Components CVE-2021-1675 Windows Print Spooler Elevation of Privilege Vulnerability Important Windows Remote Desktop CVE-2021-31968 Windows Remote Desktop Services Denial of Service Vulnerability Important Windows TCP/IP CVE-2021-31970 Windows TCP/IP Driver Security Feature Bypass Vulnerability Important Microsoft June 2021 Patch Tuesday fixes 6 exploited zero-days, 50 flaws
  15. Windows 10 KB5003637 & KB5003635 cumulative updates released As part of the June 2021 Patch Tuesday, Microsoft has released new cumulative updates for all supported version of Windows, including Windows 10 KB5003637 & KB5003635 for the Windows 10 May 2021 Update and Windows 10 October 2020 Update. The cumulative updates include security fixes for PCs with May 2021 Update, October 2020 Update and May 2020 Update. In this month's update, you can expect security fixes for the OS itself, browsers, core components and other basic functions. Like every Windows Update, you can open the Settings app and click on the Windows Update option to install the patches. If you own multiple PCs or if you would like to patch the PCs manually, you can learn more about it here. What's new in OS Builds 19043.1052, 19042.1052, 19041.1052 The cumulative update for Windows 10 2004 and Windows 10 20H2 is KB5003637 and it comes with these fixes: Security updates to the Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Virtualization, Windows Kernel, Windows HTML Platform and Windows Storage and Filesystems. Windows 10 version 1909 is getting KB5003635 with the same set of bug fixes highlighted above. News and Interests feed now available for everyone This update also enables the News and Interests feed feature for everyone. Called "News and Interests", it is a news feed based on Microsoft News (MSN) and it will give news stories, sports scores, finance and weather information. Windows 10's newsfeed works just like Google Discover and it will display stories based on your interests. However, you can customize the feed by opening Microsoft Edge and Microsoft account. The "News and Interests" feed will also include various widgets to display the weather and finance information in Microsoft Edge. Windows 10 KB5003637 & KB5003635 cumulative updates released
  16. Windows 7 and 8.1 Patch Tuesday updates are out, here's what's new As is the case every second Tuesday of the month, Microsoft is releasing cumulative updates for all supported Windows versions. That includes all supported Windows 10 versions, along with Windows 8.1, and Windows 7 customers that have opted to receive extended security updates. As for Windows 10 users, it must be noted that versions 1909, 1809, and 1803 will be reaching the end of support, with 1803 being completely unsupported – including for enterprises – starting today. As for Windows 7 and Windows 8.1 (and the corresponding Windows Server versions), there are two kinds of updates. The monthly rollup packages are downloaded automatically from the Windows Update, while security-only packages are made available for manual download. Starting with Windows 8.1, the monthly rollup for this month is KB5003209 and can be manually downloaded from the Update Catalog here. The changelog for the patch is as follows: Security updates to Windows App Platform and Frameworks, Windows Silicon Platform, and Microsoft Scripting Engine. As for known issues, there is just one known issue that is being tracked for a while, and it still seems to not have been addressed: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. Heading to the security-only update, it is listed in the knowledge base article KB5003220 and is available for manual download from here. It includes the following fixes and comes with the same known issue as that of the monthly rollup: Security updates to Windows App Platform and Frameworks, and Windows Silicon Platform. Moving on to Windows 7, the monthly rollup is KB5003233 and can be downloaded from the link here. The list of fixes being made to users of the OS with this month’s update includes the following: Addresses an issue in the Server Message Block (SMB) protocol which may cause frequent crashes with Stop error 0xA on devices that run Windows Server 2008 R2 Service Pack 1 (SP1). Security updates to Windows App Platform and Frameworks, Windows Silicon Platform, and Microsoft Scripting Engine. And here are the known issues that users should be aware of: Symptom Workaround After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History. This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article. Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. For those looking for the security-only update, it is KB5003228 for this month and can be manually pulled from the Update Catalog here. The list of changes and fixes are as follows: Addresses an issue in the Server Message Block (SMB) protocol which may cause frequent crashes with Stop error 0xA on devices that run Windows Server 2008 R2 Service Pack 1 (SP1). Security updates to Windows App Platform and Frameworks, and Windows Silicon Platform. The known issues for this update are shared with the monthly rollup, which means that the rename operation problem – which has been around for a while now, is still not fixed. As usual, you can head to Windows Update and check for updates to pull the monthly rollup patches. You can also head to the individual download links for the security-only updates which can only be manually installed. Source: Windows 7 and 8.1 Patch Tuesday updates are out, here's what's new
  17. Patch Tuesday: Here's what's new for Windows 7 and 8.1 Today is the second Tuesday of April, and with it, Microsoft is once again releasing new updates for all supported versions of Windows, including Windows 10, Windows 8.1, and Windows 7 - as long as you're a business paying for extended security updates. As usual, there are two types of updates for both Windows 8.1 and Windows 7, as well as their server counterparts - a monthly rollup that's usually installed automatically and a security-only update that you have to install manually. Starting with Windows 8.1, the monthly rollup update is KB5001382 and you can download it manually here. It includes the following changes: Addresses a time zone change for Volgograd, Russia from UTC+4 to UTC+3 Moscow Standard Time (MSK). Addresses a time zone change for The Republic of South Sudan from UTC+3 to UTC+2 Juba. For more information about this change, see KB 4601275. Addresses an issue with security vulnerabilities identified by a security researcher. Because of these security vulnerabilities, this and all future Windows updates will no longer contain the RemoteFX vGPU feature. For more information about the vulnerability and its removal, see CVE-2020-1036 and KB4570006. Secure vGPU alternatives are available using Discrete Device Assignment (DDA) in Windows Server LTSC releases (Windows Server 2016 and Windows Server 2019) and Windows Server SAC releases (Windows Server, version 1803 and later versions). Addresses an issue that prevents you from specifying up to 255 columns when you use the Jet Text installable indexed sequential access method (IISAM) format. Security updates to Windows Input and Composition, Windows Fundamentals, Windows Hybrid Cloud Networking, Windows Kernel, and Windows Media. There's nothing new in terms of known issues, but the one we've been saying for a while now is still here: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. As for the security-only update, that's labeled KB5001393 and you can download it manually here. It only includes the following: Addresses a time zone change for Volgograd, Russia from UTC+4 to UTC+3 Moscow Standard Time (MSK). Addresses a time zone change for The Republic of South Sudan from UTC+3 to UTC+2 Juba. For more information about this change, see KB 4601275. Security updates to Windows Input and Composition, Windows Fundamentals, Windows Hybrid Cloud Networking, Windows Kernel, and Windows Media. It has the same known issue as the monthly rollup. Moving on to Windows 7, the monthly rollup update is KB5001335 and you can download it manually here. It includes the following changes: Addresses a time zone change for Volgograd, Russia from UTC+4 to UTC+3 Moscow Standard Time (MSK). Addresses a time zone change for The Republic of South Sudan from UTC+3 to UTC+2 Juba. For more information about this change, see KB 4601275. Addresses an issue with security vulnerabilities identified by a security researcher. Because of these security vulnerabilities, this and all future Windows updates will no longer contain the RemoteFX vGPU feature. For more information about the vulnerability and its removal, see CVE-2020-1036 and KB4570006. Secure vGPU alternatives are available using Discrete Device Assignment (DDA) in Windows Server LTSC releases (Windows Server 2016 and Windows Server 2019) and Windows Server SAC releases (Windows Server, version 1803 and later versions). Addresses an issue that prevents you from specifying up to 255 columns when you use the Jet Text installable indexed sequential access method (IISAM) format. Addresses an issue if you monitor for these events, Windows Backup will not report a successful Event ID 14 or backup finished Event ID 4 after you apply update KB4561643 or KB4556843. Security updates to Windows Apps, Windows Hybrid Cloud Networking, Windows Kernel, and Windows Media. It has the same known issue as the updates above. Finally, the security-only update for Windows 7 is KB5001392 and you can download it manually here. It also has the same known issue as the other updates, and includes these changes: Addresses a time zone change for Volgograd, Russia from UTC+4 to UTC+3 Moscow Standard Time (MSK). Addresses a time zone change for The Republic of South Sudan from UTC+3 to UTC+2 Juba. For more information about this change, see KB 4601275. Security updates to Windows Apps, Windows Hybrid Cloud Networking, and Windows Media. As a reminder, only select users are eligible to get updates for Windows 7, since it's no longer supported for the general public. Also, as mentioned at the start, the monthly rollup updates will generally install automatically over time, but you can install them manually if you prefer. The security-only updates can only be installed manually using the links above. Source: Patch Tuesday: Here's what's new for Windows 7 and 8.1
  18. Here's what's new for Windows 8.1 and 7 this Patch Tuesday We're already three months deep into 2021, and as we reach the second Tuesday of March, that means it's time once again for Microsoft to update every supported version of Windows. Naturally, the most recent versions of Windows 10 are getting updates, but Windows 8.1 is also still supported. And, for businesses paying for extended security updates, so is Windows 7. There are updates heading out to both of these Windows releases, and as usual, there are two types of updates for both Windows 8.1 and Windows 7, as well as their server counterparts - a monthly rollup that's usually installed automatically and a security-only update that you have to install manually. Starting with Windows 8.1, the monthly rollup update is labeled KB5000848 and you can download it manually here. It includes the following changes: Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain CVE-2020-17049 protections released between November 10 and December 8, 2020 and configured PerfromTicketSignature to 1 or larger. Ticket acquisition fails with KRB_GENERIC_ERROR if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the USER_NO_AUTH_DATA_REQUIRED flag being set for the user in User Account Controls. Addresses an elevation of privilege security vulnerability documented in CVE-2021-1640 related to print jobs submitted to “FILE:” ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online. Security updates to Windows Fundamentals, Windows Shell, Windows UAC, Windows Hybrid Cloud Networking, Windows Media, and Windows Graphics. There's a single known issue, which is the same we've been seeing for months now: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. And as for the security-only update, that's KB5000853, and you can download it manually here. It includes the first and last bullet points from the monthly rollup update, and it has the same known issue. Moving on to Windows 7, again, you'll need to be paying for extended security updates to get any updates at this point. If you are, the monthly rollup you'll get is KB5000841 and you can download it manually here. Here's what's included: Addresses an elevation of privilege security vulnerability documented in CVE-2021-1640 related to print jobs submitted to “FILE:” ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online. Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain CVE-2020-17049 protections released between November 10 and December 8, 2020 and configured PerfromTicketSignature to 1 or larger. Ticket acquisition fails with KRB_GENERIC_ERROR if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the USER_NO_AUTH_DATA_REQUIRED flag being set for the user in User Account Controls. Security updates to Windows Fundamentals, Windows Shell, Windows UAC, Windows Hybrid Cloud Networking, and Windows Media. The single known issue is the same as the one for the Windows 8.1 updates. Finally, the security-only update for Windows 7 is KB5000851 and it can be downloaded manually here. It only includes the last two points of the updates mentioned above and has the same known issue as the other updates. Source: Here's what's new for Windows 8.1 and 7 this Patch Tuesday
  19. Not sure if this goes here. Today 15th January 2014 I decided to run windows updates, a.k.a. patch Tuesday. I started it at 01:30. Downloaded, asked for a reboot. Windows rebooted. Then the pause, the update screen the ticker stating how much is done. Stuck at 32%. Then b.s.o.d. This happened twice. Finally it worked, so I thought. Darn updates interfered with my u.s.b. 3 2 t.b. h.d.d. configuration. Now one don't work. I fixed this before, by unplugging the u.s.b. 3 drive affected, rebooting and after display screen plugging in u.s.b. 3 drive. However go to desktop; notified that drivers were being installed, then crashed again. Anyone else having problems with windows updates released on January 14th 2014?
  20. Here's what's new for Windows 8.1 and 7 this Patch Tuesday We are now in the second Tuesday of September, and in usual Microsoft fashion, that means it's Patch Tuesday. Every supported version of Windows is getting updates today, and that includes Windows 8.1. Plus, if you're paying for extended security updates (ESU), there are new updates for Windows 7, too. As usual, there are two flavors of the monthly updates, one containing only security fixes and one with other quality fixes, the monthly rollup update. For Windows 8.1, the monthly rollup is KB4577066, and it can be downloaded manually here. It contains the following fixes: Updates time zone information for Yukon, Canada. Addresses an issue when you evaluate the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows. Addresses a security vulnerability issue with user proxies and HTTP-based intranet servers. After you install this update, HTTP-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy. If you must leverage a user proxy, you must configure the behavior by using the Windows Update policy “Allow user proxy to be used as a fallback if detection using system proxy fails.” This change does not affect customers who secure their Windows Server Update Services (WSUS) servers that use the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols. For more information, see Ensuring clients stay secure, changes to scans against Windows Server Update Service (WSUS) servers. Security updates to Windows Media, Windows Input and Composition, Windows App Platform and Frameworks, Windows Graphics, Windows Cloud Infrastructure, Windows Authentication, Windows Cryptography, Windows Fundamentals, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Storage and Filesystems, Windows Network Security and Containers, Windows Update Stack, the Microsoft Scripting Engine, and Windows SQL components. It also has a single known issue that's been around for months: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. As for the security-only update, it's KB4577071, and it can be downloaded manually here. It only includes these updates: Security updates to Windows Media, Windows Input and Composition, Windows App Platform and Frameworks, Windows Graphics, Windows Cloud Infrastructure, Windows Authentication, Windows Cryptography, Windows Fundamentals, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Storage and Filesystems, Windows Network Security and Containers, Windows Update Stack, and Windows SQL components. It has the same known issue as the monthly rollup. As for Windows 7, which - again - is only getting updates for paying ESU customers, the monthly rollup update is KB4577051, and it can be downloaded manually here. Here's what's changed: Updates time zone information for Yukon, Canada. Addresses a security vulnerability issue with user proxies and HTTP-based intranet servers. After you install this update, HTTP-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy. If you must leverage a user proxy, you must configure the behavior by using the Windows Update policy “Allow user proxy to be used as a fallback if detection using system proxy fails.” This change does not affect customers who secure their Windows Server Update Services (WSUS) servers that use the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols. For more information, see Ensuring clients stay secure, changes to scans against Windows Server Update Service (WSUS) servers. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Cloud Infrastructure, Windows Authentication, Windows Cryptography, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Storage and Filesystems, Windows Network Security and Containers, the Microsoft Scripting Engine, and Windows SQL components. The only known issue is the same as for Windows 8.1. Microsoft also notes that the update will fail to install if you don't have a valid key to receive security updates beyond the original end of support date. As for the security-only update, it's KB4577053, and it can be downloaded manually here. It contains these changes: Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Cloud Infrastructure, Windows Authentication, Windows Cryptography, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Storage and Filesystems, Windows Network Security and Containers, and Windows SQL components. It has the same known issue mentioned above. As a reminder, the quality updates are usually automatically installed through Windows Update, but you'll need to download the security-only updates manually if you want them. Here's what's new for Windows 8.1 and 7 this Patch Tuesday
  21. Patch Tuesday: Here's what's new for Windows 8.1 and 7 this month We're 13 days into October, but it's not truly a new month until Microsoft releases its Patch Tuesday updates for Windows, and as we're on the second Tuesday of the month, that happens today. Along with all supported versions of Windows 10, there are also new cumulative updates rolling out to Windows 8.1 and some Windows 7 users. There are two kinds of updates for each operating system - the monthly rollup update and the security-only update. For Windows 8.1, the monthly rollup update is KB4580347 and you can download it manually here. It includes the following changes: Corrects the end date for daylight savings time (DST) in 2021 for the Fiji Islands. For more information, see DST correction in Windows for the Fiji Islands: October 13, 2020. Addresses an issue where Group Policy recursively deletes critical files when the "Delete local user profile policy" is enabled. Addresses an issue in which a Null port is created through the user interface. Adds a notification to Internet Explorer 11 that informs users about the end of support for Adobe Flash in December 2020. For more information, see KB4581051. Addresses an issue with Microsoft Edge IE Mode that occurs when you enable Configure enhanced hang detection for Internet Explorer mode in Microsoft Edge. Allows administrators to disable JScript in specific security zones. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Shell, Windows Silicon Platform, Windows Cloud Infrastructure, Windows Fundamentals, Windows Authentication, Windows Virtualization, Windows Kernel, Windows Core Networking, Windows Network Security and Containers, Windows Remote Desktop, and Windows SQL components. It also has a couple of known issues: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. When installing a third-party driver, you might receive the error, “Windows can’t verify the publisher of this driver software”. You may also see the error “No signature was present in the subject” when attempting to view the signature properties using Windows Explorer. This issue occurs when an improperly formatted catalog file is identified during validation by Windows. Starting with this release, Windows will require the validity of DER encoded PKCS#7 content in catalog files. Catalogs files must be signed per section 11.6 of describing DER-encoding for SET OF members in X.690. If this happens, you should contact the driver vendor or device manufacturer (OEM) and ask them for an updated driver to correct the issue. As for the security-only update, it's KB4580358 and you can download it manually here. It only includes the first and last of the bullet points from the monthly rollup. It also has the same known issues as the monthly rollup. Of course, for Windows 7, only certain businesses can legitimately obtain the updates, since you need to be paying for extended security updates (ESU) after Microsoft dropped extended support for the operating system at the start of the year. The monthly rollup here is KB4580345, and you can download it manually here. It includes the following changes: Addresses an issue that might cause the Graphics Device Interface (GDI) to access internal regions incorrectly causing unexpected UI experiences. This issue can cause additional or missing screen elements, screen flickering, or a trailing screen. Corrects the end date for daylight savings time (DST) in 2021 for the Fiji Islands. For more information, see DST correction in Windows for the Fiji Islands: October 13, 2020. Addresses an issue where Group Policy recursively deletes critical files when the "Delete local user profile policy" is enabled. Addresses an issue in which a Null port is created through the user interface. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Shell, Windows Silicon Platform, Windows Cloud Infrastructure, Windows Fundamentals, Windows Authentication, Windows Virtualization, Windows Core Networking, Windows Network Security and Containers, Windows Storage and Filesystems, Windows SQL components, and Windows Remote Desktop. The update has one known issue: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. The security-only update here is KB4580387 and you can get it manually here. It includes the same changes as the monthly rollup, except the third and fourth bullet points. It also has the same known issue. As usual, the monthly rollup updates should install automatically sooner or later, but if you want the security-only updates, you'll need to install them manually from the links above. Patch Tuesday: Here's what's new for Windows 8.1 and 7 this month
  22. Microsoft releases Windows 10 builds 19041.572, 18363.1139 - here's what's new Today is Patch Tuesday, and you know what that means. All supported versions of Windows are getting updated today. In the arena of Windows 10, that means every version except for version 1511. Yes, Microsoft still supports nine versions of Windows 10, plus there's an update that Insiders are getting today for version 20H2. Let's start with the newest version. If you're on Windows 10 version 2004 or an Insider on version 20H2, you'll get KB4579311, bringing the build number to 19041.572 or 19042.572, respectively. You can manually download it here, and these are the highlights: Updates to improve security when using Microsoft Office products. Updates for verifying usernames and passwords. Updates to improve security when Windows performs basic operations. Here's the full list of fixes: Addresses an issue with a possible elevation of privilege in win32k. Addresses an issue with the Group Policy service that might recursively delete critical files in alphabetic order from %systemroot%\systm32. This issue occurs when a policy has been configured to delete cached profiles. These file deletions might cause stop error “0x5A (CRITICAL_SERVICE_FAILED)” boot failures. Addresses an issue with creating null ports using the user interface. Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Fundamentals, Windows Authentication, Windows Virtualization, and Windows Kernel. There are also two known issues: Symptom Workaround Users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks. You might have issues with input, receive unexpected results, or might not be able to enter text. For more information about the issues, workaround steps, and the currently resolved issues, please see KB4564002 When installing a third-party driver, you might receive the error, “Windows can’t verify the publisher of this driver software”. You might also see the error, “No signature was present in the subject” when attempting to view the signature properties using Windows Explorer. This issue occurs when an improperly formatted catalog file is identified during validation by Windows. Starting with this release, Windows will require the validity of DER encoded PKCS#7 content in catalog files. Catalogs files must be signed per section 11.6 of describing DER-encoding for SET OF members in X.690. If this happens you should contact the driver vendor or device manufacturer (OEM) and ask them for an updated driver to correct the issue. Next up, if you're still on Windows 10 version 1909 or 1903, you'll get KB4577671, bringing the build number to 18363.1139 or 18362.1139, respectively. You can manually download it here, and these are the highlights: Updates to improve security when using Microsoft Office products. Updates for verifying usernames and passwords. Updates to improve security when Windows performs basic operations. Updates for storing and managing files. Here's the full list of fixes: Addresses an issue with a possible elevation of privilege in win32k. Addresses an issue with the Group Policy service that might recursively delete critical files in alphabetic order from %systemroot%\systm32. This issue occurs when a policy has been configured to delete cached profiles. These file deletions might cause stop error “0x5A (CRITICAL_SERVICE_FAILED)” boot failures. Addresses an issue with creating null ports using the user interface. Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Shell, Windows Cloud Infrastructure, Windows Fundamentals, Windows Authentication, Windows Virtualization, Windows Kernel, and Windows Storage and Filesystems. This one also has two known issues: Symptom Workaround When updating to Windows 10, version 1903 or Windows 10, version 1909 from any previous version of Windows 10, you might receive a compatibility report dialog with "What needs your attention" at the top and the error, "Continuing with the installation of Windows will remove some optional features. You may need to add them back in Settings after the installation completes." You might receive this compatibility warning when LOCAL SYSTEM accounts are blocked in a firewall from accessing the internet via HTTP. This is caused by the Windows 10 Setup Dynamic Update (DU) being unable to download required packages. If your device has access to HTTP blocked for LOCAL SYSTEM accounts, to mitigate this issue you can enable HTTP access for the Windows 10 Setup Dynamic Update (DU) using the LOCAL SYSTEM account. After you have allowed access, you can restart installation of the update and you should not see the warning. You can also continue by clicking the OK button or use the /compat IgnoreWarning command to ignore compatibility warnings but this might also ignore other warnings that your device might be affected by. We are working on a resolution and will provide an update in an upcoming release. When installing a third-party driver, you might receive the error, “Windows can’t verify the publisher of this driver software”. You might also see the error, “No signature was present in the subject” when attempting to view the signature properties using Windows Explorer. This issue occurs when an improperly formatted catalog file is identified during validation by Windows. Starting with this release, Windows will require the validity of DER encoded PKCS#7 content in catalog files. Catalogs files must be signed per section 11.6 of describing DER-encoding for SET OF members in X.690. If this happens you should contact the driver vendor or device manufacturer (OEM) and ask them for an updated driver to correct the issue. Windows 10 version 1809 is only supported for another month, but if you're on that version, you'll get KB4577668, bringing the build number to 17763.1518. You can manually download it here, and these are the highlights: Updates to improve security when using Microsoft Office products. Updates for verifying usernames and passwords. Updates to improve security when Windows performs basic operations. Updates for storing and managing files. Here's the full list of fixes: Addresses an issue with a possible elevation of privilege in win32k. Addresses an issue that causes apps that use Dynamic Data Exchange (DDE) to stop responding when you attempt to close the app. Addresses an issue with the Group Policy service that might recursively delete critical files in alphabetic order from %systemroot%\systm32. This issue occurs when a policy has been configured to delete cached profiles. These file deletions might cause stop error “0x5A (CRITICAL_SERVICE_FAILED)” boot failures. Addresses an issue with creating null ports using the user interface. Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Shell, Windows Cloud Infrastructure, Windows Fundamentals, Windows Authentication, Windows Virtualization, Windows Kernel, and Windows Storage and Filesystems. This one also has two known issues: Symptom Workaround After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING _COMPONENT_NOT_FOUND." Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release. When installing a third-party driver, you might receive the error, “Windows can’t verify the publisher of this driver software”. You might also see the error, “No signature was present in the subject” when attempting to view the signature properties using Windows Explorer. This issue occurs when an improperly formatted catalog file is identified during validation by Windows. Starting with this release, Windows will require the validity of DER encoded PKCS#7 content in catalog files. Catalogs files must be signed per section 11.6 of describing DER-encoding for SET OF members in X.690. If this happens you should contact the driver vendor or device manufacturer (OEM) and ask them for an updated driver to correct the issue. Finally, there are a bunch of versions that aren't supported for regular consumers, but are supported under certain conditions. Here are those updates. Version KB Build Download Support 1803 KB4580330 17134.1792 Update Catalog Enterprise and Education SKUs 1709 KB4580328 16299.2166 Update Catalog 1703 KB4580370 15063.572 Update Catalog Surface Hub only 1607 KB4580346 14393.3986 Update Catalog Long-Term Servicing Branch 1507 KB4580327 10240.18725 Update Catalog All of these updates are mandatory. You can install them through Windows update, or they'll install in the background at some point. Microsoft releases Windows 10 builds 19041.572, 18363.1139 - here's what's new
  23. 0days, a failed patch, and a backdoor threat. Update Tuesday highlights A few of the more notable updates in this month's patch batch from Microsoft. Enlarge 67 with 39 posters participating, including story author Microsoft on Tuesday patched 120 vulnerabilities, two that are notable because they’re under active attack and a third because it fixes a previous patch for a security flaw that allowed attackers to gain a backdoor that persisted even after a machine was updated. Zero-day vulnerabilities get their name because an affected developer has zero days to release a patch before the security flaw is under attack. Zero-day exploits can be among the most effective because they usually go undetected by antivirus, intrusion prevention systems, and other security protections. These types of attacks usually indicate a threat actor of above-average means because of the work and skill required to identify the unknown vulnerability and develop a reliable exploit. Adding to the difficulty: the exploits must bypass defenses developers have spent considerable resources implementing. A hacker's dream: Bypassing code-signing checks The first zero-day is present in all supported versions of Windows, including Windows 10 and Server 2019, which security professionals consider two of the world’s most secure operating systems. CVE-2020-1464 is what Microsoft is calling a Windows Authenticode Signature Spoofing Vulnerability. Hackers who exploit it can sneak their malware onto targeted systems by bypassing a malware defense that uses digital signatures to certify that software is trustworthy. Authenticode is Microsoft’s in-house code-signing technology for ensuring that an app or driver comes from a known and trusted source and hasn’t been tampered with by anyone else. Because they modify the OS kernel, drivers can be installed on Windows 10 and Server 2019 only when they bear one of these cryptographic signatures. On earlier Windows versions, digital signatures still play an important role in helping AV and other protections to detect malicious wares. The typical route for attackers to bypass this protection is to sign their malware with a valid certificate stolen from a legitimate provider. The investigation into Stuxnet, the worm that’s widely believed to have targeted Iran’s nuclear program a decade ago, was one of the first times researchers had discovered the tactic being used. Since then, however, researchers have found the practice dates back to at least 2003 and is much more widespread than previously thought. Stolen certificates continue to be a regular occurrence with one of the more recent incidents using a certificate stolen in 2018 from Nfinity Games to sign malware that infected several Massively Multiplayer Online game makers earlier this year. CVE-2020-1464 made it possible for hackers to achieve the same bypass without the hassle of stealing a valid certificate or worrying it might be revoked. The host of Windows versions affected suggests that the vulnerability has existed for years. Microsoft provided no details about the cause of the vulnerability, how it’s exploited, by whom, or who the targets are. Microsoft typically credits the researchers who reported flaws it fixes, but Microsoft’s acknowledgment page for this month’s Update Tuesday makes no mention at all of CVE-2020-1464. A Microsoft representative said the discovery was made internally through research done at Microsoft. IE: As old as it is insecure The other zero-day under attack can install malware of an attacker's choice when targets view malicious content with Internet explorer, an ancient browser with an outdated code base that’s vulnerable to all kinds of exploits. According to security firm Sophos, CVE-2020-1380 stems from a use-after-free class of bug that allows attackers to load malicious code into a memory location that has been freed up once its previous contents are no longer in use. The vulnerability resides in the just-in-time compiler of IE’s JavaScript engine. One way attackers can exploit the flaw is by planting booby-trapped code on a website the target visits. Another method is to embed a malicious ActiveX control in an application or Microsoft Office document that uses the IE rendering engine. Despite being harmful, Windows will show that the ActiveX control is “safe for initialization.” There’s no doubt that the in-the-wild exploits are alarming to the people or organizations under attack. But all in all, CVE-2020-1380 is less concerning to the Internet as a whole because of the small base of users threatened. With the rise of advanced protections in Chrome, Firefox, and Edge, IE has gone from a browser with near-monopoly usage to one with less than 6% marketshare. Anyone still using it should give it up for something with better defenses. A “leet” bug with an elusive fix The third fix released on Tuesday is CVE-2020-1337. Its number, 1337, which hackers often use to spell “leet,” as in “elite,” is one noteworthy trait. The more important distinction is that it’s a patch for CVE-2020-1048, an update that Microsoft released in May. The May patch was supposed to fix a privilege escalation vulnerability in the Windows Print Spooler, a service that manages the printing process, including locating printer drivers and loading them and scheduling print jobs. In short, the flaw made it possible for an attacker with the ability to execute low-privileged code to establish a backdoor on vulnerable computers. The attacker could return any time after that to escalate access to all-powerful System rights. The vulnerability was the result of the print spooler allowing an attacker to write arbitrary data to any file on a computer with system privileges. That made it possible to drop a malicious DLL and get it executed by a process running with system privileges. A detailed technical description of this flaw is provided in this post from researchers Yarden Shafir & Alex Ionescu. They note that the print spooler has received little attention from researchers despite being some of the oldest code still running in Windows. Less than two weeks after Microsoft issued the patch, a researcher with the handle math1as submitted a report to the bug bounty service Zero Day Initiative that showed the update failed to fix the vulnerability. The discovery required Microsoft to develop a new patch. The result is the one that was released on Tuesday. ZDI has a full breakdown of the failed patch here. In all, this month’s Update Tuesday patched almost three-dozen vulnerabilities rated critical and many more with lower ratings. Within a day or so of release, Windows automatically downloads patches and installs them at times when the computer isn’t in use. For most people, this automatic update system is fine, but if you’re like me and want to install them right away, that’s easy, too. On Windows 10, go to Start > Settings > Update & Security > Windows Update, and click Check for Updates. On Windows 7, go to Start > Control Panel > System and Security > Windows Update and click Check for Updates. A reboot will be required. 0days, a failed patch, and a backdoor threat. Update Tuesday highlights
  24. Here's what's new for Windows 7 and 8.1 this Patch Tuesday If you look at your calendars today, you may notice that it's the second Tuesday of August, and that means it's time for this month's Patch Tuesday from Microsoft. As usual, every supported version of Windows is getting updates, and that includes Windows 8.1. Windows 7 is no longer support for most users, but if you're paying for Extended Security Updates (ESU), you can still get updates for a few more years. As usual, there are two types of updates going out - a monthly rollup update and a security-only update. The monthly rollup updates are usually installed automatically on supported devices, but the security-only updates need to be downloaded manually. For Windows 8.1, the monthly rollup update is KB4571703, and it can be downloaded manually here. Here's what's new: Addresses an issue that prevents you from installing some .msi apps. This occurs when a device is managed by a Group Policy that redirects the AppData folder to a network folder. Addresses an issue in Universal Windows Platform (UWP) apps that allows single sign-on authentication when an app does not have the Enterprise Authentication capability. With the release of CVE-2020-1509, UWP applications might begin prompting the user for credentials. Addresses an issue in Microsoft Edge IE Mode when opening multiple documents from a SharePoint site. Addresses an issue in Microsoft Edge IE Mode that occurs when you browse using anchor links. Addresses an issue with loading Browser Helper Objects in Microsoft Edge IE Mode. Addresses an issue where certain applications that rely on the JScript Scripting Engine become unresponsive under load. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Shell, Windows Cloud Infrastructure, Windows Authentication, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Network Security and Containers, Windows Storage and Filesystems, Windows File Server and Clustering, Windows Hybrid Storage Services, Windows SQL components, Microsoft Scripting Engine, and Windows Remote Desktop. There is a known issue with this release, and it's similar to what we've seen in a few previous updates: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. As for the security-only update, it's KB4571723, and you can download it manually here. It only includes the security updates mentioned in the monthly rollup above. The known issue is also the same. Turning to Windows 7, which is only supported for paying ESU customers, the monthly rollup update is KB4571729, and it can be downloaded manually here. It includes the following improvements and fixes: Addresses an issue that prevents you from installing some .msi apps. This occurs when a device is managed by a Group Policy that redirects the AppData folder to a network folder. Addresses an issue in Microsoft Edge IE Mode when opening multiple documents from a SharePoint site. Addresses an issue in Microsoft Edge IE Mode that occurs when you browse using anchor links. Addresses an issue with loading Browser Helper Objects in Microsoft Edge IE Mode. Addresses an issue where certain applications that rely on the JScript Scripting Engine become unresponsive under load. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Cloud Infrastructure, Windows Authentication, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Storage and Filesystems, Windows Network Security and Containers, Windows File Server and Clustering, Windows Hybrid Storage Services, Microsoft Scripting Engine, and Windows SQL components. The single known issue is the same one as what's listed above for Windows 8.1. Finally, the security-only update for Windows 7 is KB4571719, and you can download it manually here. As you'd expect, it includes the same security fixes as the monthly rollup, but nothing else. The known issue is also the same. Here's what's new for Windows 7 and 8.1 this Patch Tuesday
  25. Microsoft releases Windows 10 builds 19042.630, 18363.1198 - here's what's new Today is the second Tuesday of the month, making it Patch Tuesday, the day that all supported versions of Windows get updates. For Windows 10, that still means that every single version since release, except for 1511 and 1709, is getting an update; so much for the simplicity of an evergreen OS. Indeed, versions 1507, 1607, 1703, 1803, 1809, 1903, 1909, 2004, and 20H2 are getting updates today. However, consumers on Windows 10 Home or Pro will only get it if they're on version 1809 or higher. Support for version 1809 ends today (it continues for another six months if you're on Windows 10 Enterprise or Education), and support for version 1903 ends next month. In fact, when support for version 1903 comes to an end, it will be the third time ever that Microsoft has completely ended support for a version of Windows 10. If you're on one of the two newest versions of Windows 10, 20H2 or 2004, you're going to get KB4586781, bringing the build number to 19042.630 or 19041.630, respectively. You can manually download it here, and these are the highlights: Updates to improve security when using input devices such as a mouse, keyboard, or pen. Updates to improve security when using Microsoft Office products. Updates to improve security when Windows performs basic operations. Updates the 2020 DST start date for the Fiji Islands to December 20, 2020. Here's the full list of fixes: Updates the 2020 DST start date for the Fiji Islands to December 20, 2020. Security updates to the Microsoft Scripting Engine, Windows Input and Composition, Microsoft Graphics Component, the Windows Wallet Service, Windows Fundamentals, and the Windows Kernel. This one has two known issues: Symptom Workaround Users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks. You might have issues with input, receive unexpected results, or might not be able to enter text. For more information about the issues, workaround steps, and the currently resolved issues, please see KB4564002 System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when managed devices are updated using outdated bundles or media through an update management tool such as Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager. This might also happen when using outdated physical media or ISO images that do not have the latest updates integrated. Note Devices using Windows Update for Business or that connect directly to Windows Update are not impacted. Any device connecting to Windows Update should always receive the latest versions of the feature update, including the latest LCU, without any extra steps. If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks. If you're on Windows 10 version 1909 or 1903, you'll get KB4586786, bringing the build number to 18363.1198 or 18362.1198, respectively. You can manually download it here, and these are the highlights: Updates the 2020 DST start date for the Fiji Islands to December 20, 2020. Updates to improve security when using Microsoft Office products. Updates to improve security when using input devices such as a mouse, keyboard, or pen. Updates to improve security when Windows performs basic operations. Here's the full list of fixes: Updates the 2020 DST start date for the Fiji Islands to December 20, 2020. Addresses an issue with the package frame launcher (PSF) that passes a malformed parameter to a shim. Security updates to the Microsoft Scripting Engine, the Microsoft Graphics Component, Windows Input and Composition, the Windows Wallet Service, Windows Fundamentals, and the Windows Kernel. This update has one known issue: Symptom Workaround System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when managed devices are updated using outdated bundles or media through an update management tool such as Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager. This might also happen when using outdated physical media or ISO images that do not have the latest updates integrated. Note Devices using Windows Update for Business or that connect directly to Windows Update are not impacted. Any device connecting to Windows Update should always receive the latest versions of the feature update, including the latest LCU, without any extra steps. If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks. If you're still on Windows 10 version 1809, you'll get KB4586793, bringing the build number to 17763.1577. You can manually download it here, and these are the highlights: Updates to improve security when using Microsoft Office products. Updates to improve security when using input devices such as a mouse, keyboard, or pen. Updates to improve security when Windows performs basic operations. Updates the 2020 DST start date for the Fiji Islands to December 20, 2020. Here's the full list of fixes: Updates the 2020 DST start date for the Fiji Islands to December 20, 2020. Security updates to the Microsoft Scripting Engine, Microsoft Graphics Component, Windows Input and Composition, the Windows Wallet Service, Windows Fundamentals, and the Windows Kernel. This one also has one known issue: Symptom Workaround After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND." Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release. The rest of the updates are only available for certain SKUs of Windows 10. Here's the full list: Version KB Build Download Support 1803 KB4586785 17134.1845 Update Catalog Enterprise and Education SKUs 1703 KB4586782 15063.2554 Update Catalog Surface Hub only 1607 KB4586830 14393.4046 Update Catalog Long-Term Servicing Branch 1507 KB4586787 10240.18756 Update Catalog As always, Patch Tuesday updates are mandatory. That means that you can install them through Windows Update, and if you don't, they'll be installed automatically at some point. Microsoft releases Windows 10 builds 19042.630, 18363.1198 - here's what's new
×
×
  • Create New...