Though a DNS spoofing vulnerability in Windows (CVE-2020-1464) has been rated as a zero-day because of reviews of exploitation within the wild, the main target for this month’s updates must be on testing key Windows options previous to deployment. Primarily, printing and back-up situations would require your consideration. You may also have to work with a number of and probably overlapping updates to Window and the .NET improvement platform and, in some circumstances, Windows Store updates to your utility portfolio.Given the quantity and nature of modifications we’ve seen within the replace testing cycle in the course of the previous month, we advise a “Patch Now” strategy to Windows 10, however with an prolonged check cycle on printing and extra consideration to the Windows 8.x platforms.You can discover our risk-based evaluation infographic right here. Key testing situationsThis part displays a few of our “replace hotspot” evaluation that covers each desktop and server platforms throughout a number of variations of Windows. Each utility portfolio is exclusive and represents a definite testing profile. For this August replace cycle, we’ve recognized the next areas the place additional testing could also be warranted on your atmosphere:Test your printers, together with digital printers. And, just be sure you open at the very least one PDF file (efficiently).
Test your backup RESTORE situations after putting in the most recent replace and following a reboot.
UWP deployments could require extra testing. This August replace addresses a difficulty in Universal Windows Platform (UWP) apps that enables single sign-on authentication when an app doesn’t have the Enterprise Authentication functionality. With the discharge of CVE-2020-1509, UWP functions would possibly start prompting the consumer for credentials.
Starting in July 2020, all Windows Updates will disable the RemoteFX vGPU characteristic due to a safety vulnerability. For extra details about the vulnerability, see CVE-2020-1036 and KB4570006. After you put in this replace, makes an attempt to start out digital machines (VM) which have RemoteFX vGPU enabled will fail. You canlearn extra right here.
Once you might be performed testing your functions, it’s possible you’ll wish to reboot twice as a result of latest modifications within the Secure Boot blacklist. Known pointsEach month, Microsoft features a listing of recognized points that relate to the working system and platforms included on this replace cycle. I’ve referenced just a few key points that relate to the most recent builds from Microsoft, together with:After putting in KB4550969 or later, when utilizing Microsoft Edge Legacy, you would possibly obtain the error,”0x80704006. Hmmmm…can’t attain this web page” when making an attempt to achieve web sites on non-standard ports. Microsoft advises to make use of the most recent model of (Chromium) Edge
You can even discover Microsoft’s abstract of Known Issues for this launch in a single web page.Major revisionsTwo main revisiosn for documentation causes have been launched for July by Microsoft:CVE-2020-0794: A documentation replace to affected platforms. No motion required.
CVE-2020-1347: A documentation replace to affected platforms. No motion required.
Mitigations and workaroundsFor this August launch of updates, Microsoft has revealed a small variety of potential workarounds and mitigation methods that apply to vulnerabilities (CVEs) addressed this month, together with:Each month, we break down the replace cycle into product households (as outlined by Microsoft) with the next fundamental groupings:Browsers (Microsoft IE and Edge)
Microsoft Windows (each desktop and server)
Microsoft Office (Including Web Apps and Exchange)
Microsoft Development platforms (ASP.NET Core, .NET Core and Chakra Core)
Adobe Flash Player.
BrowsersThis month’s browser replace brings 5 essential updates to Microsoft’s Edge (HTML) and Internet Explorer. It appears like the identical previous points with ActiveX controls and PDF (reminiscence) dealing with that would result in distant code execution situations via a consumer visiting a specifically crafted web site.If you’ve got a company safety coverage for dealing with ActiveX controls in place, then the urgency of those patches is far decreased. Watching a number of the “test patterns” from Microsoft over the previous few weeks, I’d advocate a full UAT check run on company browser primarily based techniques with a deal with printing and printing PDF’s.Hint: change the paper dimension to letter, then authorized and again once more. Or A4 to letter after which again once more. Either manner, exit from every browser and watch your reminiscence profile on your periods. Add this replace to your usually scheduled launch schedule.Microsoft WindowsEven with the 10 essential rated vulnerabilities adopted by 79 points rated as vital by Microsoft, it is a single vulnerability for August we’d like fear about: CVE-2020-1464. This spoofing vulnerability within the certificates validation chain has been reported as exploited within the wild and, thus, must be thought-about a zero-day.Microsoft has not revealed any acknowledgements on who (publicly) reported the difficulty and has indicated that its inside analysis workforce had found the vulnerability beforehand – presumably even way back to 2003. Working with Microsoft over the previous 12 months, one of many main issues for our group has been provide chain compromises. Expect to see extra of those sorts of points and corresponding fixes within the close to future. For all of the system directors at present managing legacy techniques underneath the Microsoft Extended Security Update (ESU) program, that is the primary month the place the next working techniques is not going to obtain elective, non-security updates (C-Releases):Windows 10, Version 1607
Windows Server 2012 (R2)
Windows 8.1
In addition to a number of the urgency of this month’s Windows replace, Microsoft has begun “bifurcating” some updates with some key vulnerabilities addressed through a Windows replace and/or a .NET replace. For instance, there are two safety updates for Windows 10 1908 and Server 2019 to deal with the a number of variations of .NET that could be current on the goal techniques. To add to this, some updates are actually included in Windows Store (CVE-2020-1560, CVE-2020-1585) not Windows replace. We will see extra of this multi-update technique within the coming months. Add this month’s Windows replace to your “Patch Now” launch cycle.Microsoft OfficeWith a single essential vulnerability in Microsoft Outlook, this replace cycle for Microsoft Office is extra pressing than ordinary. Unfortunately, the preview pane in Outlook is the assault vector that makes this reminiscence corruption situation a specific fear. In addition to this critical safety situation, Microsoft has launched 19 different vital updates for Outlook and Excel.SharePoint Server will get an replace (CVE-2020-1580) this month that addresses one other XSS (Cross-Scripting) vulnerability, which would require a reboot to the server. Given these points and the opposite related zero-days on the Windows platform, we advocate a “Patch Now” for the August Office updates.Microsoft improvement platformsCompared with the quite critical points with Windows this month, Microsoft’s improvement platform has a comparatively quiet replace cycle. With one distant code vulnerability (CVE-2020-1046) rated as essential and three remaining points affecting .NET and ASP.NET all with low(ish) exploitability indexes, add these updates to your customary improvement replace cycle.Adobe Flash PlayerMicrosoft has not launched any updates for the Adobe product household for this month. That stated, a key a part of the testing profile for all Windows updates embody:opening a PDF file.
altering the letter dimension.
printing the PDF file.
exiting the appliance (probably a browser).
restarting the appliance with out errors.
We counsel a “smoke-test” of those key options on your line-of-business (LOB) functions previous to deployment of this month’s Windows updates.
Copyright © 2020 IDG Communications, Inc.