Items tagged with Patch-Tuesday

After last week's out-of-band update to patch the PrintNightmare vulnerability, Microsoft has now released more vulnerability fixes as part of Patch Tuesday. With this update, the Redmond, Washington-based company knocked out a whopping 117 security issues that garnered a variety of concerns. Patch Tuesday has become something a holiday (or recurring nightmare) on the second Tuesday of each month for IT administrators, as Microsoft pushes out the latest security updates to its products. For this Patch Tuesday, a rather extensive list including Microsoft Office products, Microsoft networking products, and a swath of Windows products have been given security updates. Many of the vulnerabilities... Read more...
Yesterday was Microsoft’s routine Patch Tuesday release, which tackled quite a few vulnerabilities, 55 to be exact. Though this may seem like a lot, it is actually the smallest update from the company since 2020, but it does take care of some big problems. This includes a rather worrisome wormable HTTP protocol-stack vulnerability within Windows that thankfully has not been seen exploited in the wild. Of the 55 fixes coming with this patch, the wormable HTTP protocol-stack vulnerability, denoted by CVE-2021-31166, is the most concerning. This vulnerability has been given a rather high Common Vulnerability Scoring System (CVSS) score at 9.8 out of 10, which means it can be dangerous if used.... Read more...
Earlier today, we reported on DNS issues with the latest Patch Tuesday update (KB5001330 and 1337), and the Windows 10 pain train does not seem to be slowing down. Users are now reporting a variety of gaming-related issues such as unstable frame rates and game stutters.  Earlier this week, Reddit user /u/m4dden posted to the Windows 10 subreddit that he was facing numerous issues while trying to play games. These included stuttering, unstable FPS, broken VSync, and FPS drops when sharing games in Discord calls with screen share. After he uninstalled the new patch, the issues seemed to all disappear, making Windows 10 the culprit. There are 72 comments on the post at the time of writing,... Read more...
Last month, several issues with printers appeared when Microsoft released its regularly scheduled Windows 10 update. Another Patch Tuesday has come and gone, but not without additional concerns from from users. Some Windows 10 corporate users are reporting DNS and shared folder issues, with the current fix being to simply roll back the update. After installing the new updates, which brought security vulnerability and bug fixes to users, some people reported having DNS resolution issues that could stop access to shared folders on servers when they attempted to identify them by name. If a user used the IP address for the server instead, they would have no issues. However, that is rather inconvenient.... Read more...
Earlier in March, Microsoft released a Patch Tuesday update, which unfortunately unleashed numerous printer-related issues that led to some cases of the Blue Screen of Death (BSOD). This was caused by driver conflicts within Windows when users went to print. The company then quickly acknowledged the problem, provided a workaround, and a subsequent patch in the following days. Now, Microsoft is releasing a new out-of-band update to squash the issue once and for all…hopefully. As Microsoft explains in its recent announcements, issues arose when users went to print graphical content. The problem, stemming from the March 9th and March 15th updates, could result in “missing or solid color... Read more...
Last week, Microsoft pumped out Windows OS builds 19041.867 and 19042.867 in typical Patch Tuesday fashion. This was a minor security update that only had a couple of highlights, but it also had another problem lurking within. When users attempted to use specific printers in some apps, they would receive a blue screen (BSOD) with an “APC_INDEX_MISMATCH.” While there is no patch for this problem yet, Microsoft has published a workaround that we show below. According to Microsoft, the APC_INDEX_MISMATCH issue only seemed to affect “a subset of Type 3 printer drivers and does not affect printer drivers that are Type 4.” Basically, a type 3 driver makes it so print jobs are... Read more...
Microsoft is moving to make computer users safer and to help eliminate the risk associated with exploits that rely on VBScript for older versions of Windows. The software giant has announced that in the next Patch Tuesday, which happens on August 13, 2019, it will move forward with its plan to axe VBScript. After the update is applied, VBScript will be disabled by default on Internet Explorer 11 for pre-Windows 10 machines. The disabling of VBScript will roll out via cumulative updates for Windows 7, 8, and 8.1. The move is a good thing for Windows users as VBScript is the preferred target of many hackers. VBScript has been around for a long time surfacing in 1996 as a scripting language for... Read more...
Few things are more annoying than when a Windows update wreaks havoc on your system. It's a case of the cure being worse than the disease, as Ray Stevens sang about in his comical song "Doctor Doctor (Have Mercy On Me)." We saw this play out recently when it was reported that a Patch Tuesday roll out was causing boot problems on some systems with certain antivirus software installed, and the list of affected AV software appears to be growing. Image Source: Flickr via Rory Finneren Originally, Microsoft only said that the update was conflicting with some machines that have Sophos Endpoint Protection installed. Sophos also acknowledged the problem, saying it had received reports of PCs failing... Read more...
In a new post on its Windows Blog, Microsoft details its Windows Update mechanism, allowing us to peer inside the company process to see how those precious updates are rolled out. While some Windows updates have clearly not gone according to plan, the vast majority do, and given the complexity and reach of these updates, it's actually surprising we don't see even more issues than we do. According to Microsoft, it delivers updates to about one thousand devices per second, ultimately topping one billion devices per month. That's not only Windows 10, but every version if Windows that Microsoft still supports - even where that support seems unlikely. Windows XP is tied in with these numbers,... Read more...
A few botched updates from Microsoft this week have us questioning their forced update strategy with Windows 10.  If you've had issues logging into your Windows 7 computer, if Outlook is crashing randomly, or if you are unable to open documents from Sharepoint, the fixes are below.  The troublesome KB's in question are KB3055034, KB3101521, and KB3097877.KB3055034 was actually released in October but most users probably haven't encountered any issues stemming from it because it seems to only break Office programs when files are opened from Sharepoint.  We are covering it now because Microsoft has now released a superseding KB3101521 update which, well, still breaks Sharepoint... Read more...
In a Microsoft post announcing a mostly uninteresting list of products and their respective dates for when Microsoft will terminate support for them is a notable standout: Windows 7. Within the next six months, all versions of Windows 7 will enter the Extended Support phase, which lasts for 5 years and includes free security updates and paid hotfix support, but Mainstream Support for the popular OS will cease as of January 13, 2015. What that means in practice is that although you can rest easy knowing that Windows 7 will remain secure until 2020, it won’t be getting any new features. This is standard procedure for Microsoft, and indeed the company spells out these policies fairly clearly... Read more...
It’s Patch Tuesday folks, and Microsoft has issued its monthly slew of updates. It’s more or less good news, as there are just four this time around, and none are labelled as “critical”--all four are merely “important”. Bulletin 1 is a remote code execution vulnerability that affects all versions of Microsoft Office (2003 and up), Web Apps, and SharePoint Server 2010 Service Pack 1 and later. Bulletin 2 is aimed at solving a problem with a PDF exploit in targeted attacks that Microsoft first addressed in Security Advisory (2914486) which allowed for an elevation of privilege in a kernel component of Windows XP and Windows Server 2003. Newer versions of the... Read more...