Patch Tuesday

Products Expected to Receive Security Updates for July Patch Tuesday

The security updates and associated KB articles aren’t quite available yet, but here’s what we’ve been told to expect. Expect security updates for the following product areas: Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps .NET Framework Adobe Flash Player Microsoft Exchange Server As always…test, test, TEST. Microsoft’s track record for introducing problems in its products due to security patches is getting worse  – if that was even possible.   Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!

June 27 Windows 7 Rollup Reported to Deliver Yet Another Unintended Circumstance

Back to the drawing board. The June 2017 updating nightmare just won’t end. Its six days into July already and another bug from the Windows 7 rollup has surfaced. According to a new “known issues in this update” in KB4022168… After you install this update, Internet Explorer 11 may close unexpectedly when you visit some websites. When the problem occurs, you may receive an error message that resembles the following: We were unable to return you to [previous URL] Internet Explorer has stopped trying to restore this website. It appears the website continues to have a problem. The problem may occur if the website is complex and uses certain web API’s. Microsoft is researching this problem and will update this article when more information becomes available So, pat...

Microsoft Finally Issues Fixes for Outlook 2016 Woes

Microsoft spent the latter part of June fixing issues it introduces during the first part of the same month through delivery of its security updates. One are that caused great concern was for Microsoft Outlook. The company delivered fixes for Outlook 2010 and 2013 (see: Microsoft Fixes June Outlook Woes with End of Month Patch) but it took longer to make the fixes for Outlook 2016 available. Those updates are available now: Update for Microsoft Outlook 2016 (KB3213654) 32-Bit Edition Update for Microsoft Outlook 2016 (KB3213654) 64-Bit Edition  Associated KB article: KB3213654   Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!

Missing DirectX Dependency Causes Windows Server 2016 Core Update to Break WPF

If you’re running Windows Server 2016 Core and have installed .NET Framework 4.7, certain dialog windows will not load. Microsoft is aware of the problem and is investigating a solution. KB article (KB4034015): WPF window can’t be loaded after you install the .NET Framework 4.7 on Windows Server 2016 (Server Core)   Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!

List of June 2017 Security Downloads for Non-supported Microsoft Platforms

Microsoft went against the grain again this month, delivering security updates for older Windows versions due to a severe vulnerability in the wild (Microsoft Security Advisory 4025685). These security updates are not delivered through Windows Update since the operating system versions are no longer supported by Microsoft, but they are available for download and manual installation. Microsoft has put together a web page that gives information and provides links to manually download applicable security updates. The updates are available for Windows XP, Windows Vista, Windows 8, and Windows Server 2003. The page: Microsoft security advisory 4025685: Guidance for older platforms: June 13, 2017 Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev...

32-bit Outlook 2010 Patch Pulled, New One Promised

Its been a rough month for Microsoft, but the customers are really the victim here. The company deployed its updates as normal on Patch Tuesday, but those updates delivered new problems that Microsoft has spent the last week trying to get right before the long July 4th weekend. One of the areas where problems were introduced, was Microsoft Outlook. Customers have had to deal with several issues with Outlook since Patch Tuesday. Microsoft delivered supposed fixed updates just a couple days ago, but now we learn that one of those updates had problems, was removed, and will be replaced (sometime). The original KB article (KB3015545) has the updated information, though if you don’t scan the page carefully you’ll miss it. Here it is: Note A new update for 32-bit Outlook 2010 is unde...

Microsoft Makes Patching Windows Server 2016 Predictable

In an effort to streamline updates for Windows Server 2016, Microsoft is making changes to align the server operating system with the client operating system (Windows 10). In a blog post announcement, the following changes are coming for Windows Server 2016 updating… All updates released over a given month will be rolled up in a single package (cumulative update) Windows Server 2016 will joining Patch Tuesday with a cumulative update that includes new security and quality fixes The 3rd week of the month a non-security / quality update will be released Automatic Updates (AU) is enabled by default on Windows Server 2016 and configured to: Download updates for me, but let me choose when to install them   Looking for an awesome, no-nonsense technical conference for IT Pros, Develope...

Outlook Woes for June, Take 3

After delivering some updates for Outlook early in the month, Microsoft offered some new ones on Tuesday in hopes of fixing issues that it erroneously introduced. If you’re new to this, catch up here: Microsoft Fixes June Outlook Woes with End of Month Patch Today, customers are reporting that there may be issues with the new patches. In one case, KB3015545 caused Outlook to crash and corrupt a user’s OST. Others have reported that the update really doesn’t seem to solve the issue – i.e., the issue still exists after installation. One person reported that just installing KB3015545 over top of the old KB3203467 did nothing. They had to uninstall KB3203467 first and then install KB3015545. We’ll keep reporting as more information rolls in, but the bottom line is...

Microsoft Releases New Azure AD Connect to Plug Security Hole

With cloud use becoming more prevalent, unknown security issues will abound. Microsoft is now warning customers using its Azure AD Connect tool should upgrade quickly to a new version it has released. The old version has a security vulnerability that allows Elevation of Privilege. Microsoft Security Advisory 4033453 The update addresses a vulnerability that could allow elevation of privilege if Azure AD Connect Password writeback is misconfigured during enablement. An attacker who successfully exploited this vulnerability could reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts. The issue is addressed in the latest version (1.1.553.0) of Azure AD Connect by not allowing arbitrary password reset to on-premises AD privileged user accounts. The m...

Microsoft Rolls Out Windows 10 Cumulative Update, Fixes Printing Issue

As promised, Microsoft is rolling out updates today to solve many issues left from earlier patches this month. So far… Microsoft Fixes June Outlook Woes with End of Month Patch Microsoft’s Patch for the Patch, Windows 7 Rollup Available Now Microsoft is also now delivering a cumulative update for all supported Windows 10 versions. The article assignment is KB4022716. There’s a long list of fixes in this update, including (at the very top) one most customers were waiting for. A printing problem in Internet Explorer 11 was created with the last cumulative update earlier this month. The same bug was introduced into Windows 7 and has also been fixed (according to Microsoft) in Windows 7’s rollup today.   Looking for an awesome, no-nonsense technical conference for ...

Microsoft’s Attempt to Fix a Windows Kernel Vulnerability in June Fails, Case Reopened

A flaw reported by Google to Microsoft in Windows 7 through Windows 10 was supposedly fixed during Patch Tuesday this month (June 2017). But, according to Google and confirmed by Microsoft, the patch did not fix the open hole. As such, Google has reopened the case… Windows Kernel pool memory disclosure in nt!NtNotifyChangeDirectoryFile According to Microsoft’s confirmation, customers shouldn’t expect a fix until July or August. MSRC has indeed confirmed that the fix released on June Patch Tuesday is incorrect and doesn’t resolve the bug properly. As such, the vulnerability still reproduces on Windows 7-10 with the original proof-of-concept program. A revised fix is expected to be shipped in the July (7/11) or August (8/8) Patch Tuesday at the latest.   Looking ...

Microsoft Fixes June Outlook Woes with End of Month Patch

Microsoft is spending the month of June fixing problems brought on by updates it delivered at the beginning of the month. Earlier, the company released a rollup for Windows 7 to fix some things. Now, it is also delivering Outlook-specific updates to solve some of the other issues affecting customers…namely… When you open an attachment whose file name includes an ellipsis (…) or an exclamation point (!), the files are blocked and you receive a warning message. If an email message includes an attached email message, and the attached email message’s subject line includes an unsafe file name extension (as listed in the Blocked attachments in Outlook Office webpage), the email attachment is blocked for recipients. When you open attachments that use ShowLevel1Attach, you ...