Patch Tuesday

  • Today is Patch Tuesday, and while that means that all supported versions of Windows 10 get updates, older versions of Windows get patches as well. The includes Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. If you’re on Windows 7 SP1 or Windows Server 2008 R2 SP1, you’ll get KB4493472 as the monthly rollup. You can manually download it here, and it contains the following fixes: Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers. These protections are enabled by default for the Windows Client, but disabled by default for Windows Server. For Windows Client (IT Pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable or disable these mitigations for VIA-based computers. Addresses an issue that causes the error “0x3B_c0000005_win32k!vSetPointer” when the kernel mode driver, win32k.sys, accesses an invalid memory location. Addresses an issue in which netdom.exe fails to run, and the error, “The command failed to complete successfully” appears. Addresses an issue that may prevent Custom URI Schemes for Application Protocol handlers from starting the corresponding application for local intranet and trusted sites on Internet Explorer. Addresses an issue that may cause authentication issues for Internet Explorer 11 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Security updates to Windows Kernel, Windows Server, Graphics Component, Windows Input and Composition, Windows Datacenter Networking, Windows MSXML, and the Microsoft JET Database Engine. Read More Via Neowin
  • June 14, 2017

    Microsoft Patch Tuesday June 2017

    As Microsoft does on the second Tuesday of every month they release updates named Patch Tuesday. The number of supported operating system versions shrank by one as Vista support ended back in April 2017. The same is true for the Windows 10 RTM version which is also no longer supported. Microsoft included a Windows XP patch in its June Patch Tuesday releases for a zero-day exploit in Internet Explorer 8. This was unexpected but Microsoft said it was necessary due to an “Elevated Risk.” Windows XP was initially scheduled to enter End of Life (EOL) status in 2008, seven years after its launch, and while April 2008’s Service Pack 3 was the last official update bundle its popularity led to several stays of execution through to 2014 Microsoft addressed ongoing security issues threatening corporate customers who had not yet made the leap to the operating system’s successors. Windows XP still stands as one of Microsoft bestselling operating systems and the argument remains does Microsoft still need to be patching a 13-year-old operating system. They recently released a patch for the WannaCry security issue as well. June 2017 Patch Tuesday Microsoft is releasing 97 CVEs, nearly double the number of vulnerabilities patched in May.  Across them all these vulnerabilities there are security updates for the following software and services: Microsoft Edge Browser Microsoft Windows Microsoft Office Microsoft Scripting Engine Windows OLE Microsoft GDI and Uninscribed engines Adobe Flash Player Microsoft SharePoint Windows Search Internet Explorer Seven of the vulnerabilities were rated “Critical”, and Microsoft Office had several updates marked as “Important”. There was one update marked as “Moderate” and one marked as “Low” both were updated patches for Microsoft Edge. It was a pretty big patch Tuesday but not the biggest we have even seen we will wait as always to...