Microsoft has eased us into the brand new new yr with simply 48 updates for the Windows, Office and .NET platforms. There have been no zero-days for January, and no reviews of publicly uncovered vulnerabilities or exploited safety points.Developers of advanced, line-of-business functions may must pay explicit consideration to how Microsoft has up to date the Message Queue system. Printing has been patched and minor updates to bluetooth and Windows shell sub-systems (shortcuts and wallpaper) require some testing earlier than deployment.The workforce at Readiness has crafted a helpful infographic that outlines the dangers related to every of the updates for this January launch.Known pointsEach month, Microsoft features a checklist of identified points that relate to the working system and platforms included within the newest replace cycle.
Microsoft reported the next error message for all Windows 10/11 desktop platforms: Using the FixedDrivesEncryptionKind or SystemDrivesEncryptionKind coverage settings within the BitLocker configuration service supplier (CSP) node in cellular system administration (MDM) apps may incorrectly present a 65000 error within the “Require Device Encryption” setting for some gadgets in your atmosphere.
Given the significance of emojis in immediately’s computing atmosphere, Microsoft additionally has a problem with the colour scale of sure 3D-like emoticons on all Windows builds. (As I’m “color dumb,” undecided if I needs to be 🙂 or 😞.)Major revisions So have been there main revisions among the many January updates? There are two solutions. The quick reply is there don’t seem like any patches with vital revisions that require administrator consideration this month.The lengthy reply: there could also be a problem with the Microsoft replace database and the way information is offered and deployed. With every replace cycle, the Readiness workforce employs an automatic system to parse/course of Microsoft updates and their related manifests and payloads. Our system reported many adjustments, which after a while proved to be false alarms. (By “giant variety of adjustments,” we imply a number of thousand.) We double-checked — it’s not us — it’s the information. We’ll see if the issue persists and replace our programs/bulletins accordingly. Mitigations and workaroundsMicrosoft printed the next vulnerability associated mitigations for this month’s launch:
CVE-2024-21320: Windows Themes Spoofing Vulnerability. Microsoft suggested that those that have disabled NTLM usually are not affected by this minor challenge. If this vulnerability is a priority in your group, apply the Restrict NTLM group coverage.
Each month, the Readiness workforce detailed analyses the Patch Tuesday updates and gives detailed, actionable testing steerage. This steerage relies on assessing a big software portfolio and the patches’ potential affect on the Windows platforms and software installations.The following adjustments have been included on this month’s replace and haven’t been raised as both elevated danger (of surprising outcomes) and don’t embody purposeful adjustments:
Printing has been up to date to forestall a distant code execution state of affairs. Printer redirection processes/configurations will want a take a look at cycle.
Bluetooth system recordsdata have been up to date on all presently supported Windows desktop builds. I’ve actual bother with Bluetooth testing as I discover Bluetooth connectivity flaky at finest. This month, take a look at Bluetooth mice, keyboards, and your headsets.
Base log recordsdata (BLF) have been a essential part of ransomware assaults all through 2023 as attackers exploited vulnerabilities within the Windows Error Reporting and Log file system (WER). These (BLF) file sorts have been up to date this month, and a Windows Error Log Reporting file take a look at will likely be required that features file create, learn, replace, and delete operations.
Core parts of the Microsoft Group Policy (GPO) administration instruments have been up to date, so GPO templates would require testing by directors and extra importantly, by delegated non-administrators.
There’s one other replace to how Windows handles file compression. This time we should always nonetheless anticipate to check file extraction, with much less deal with file-level compression. We recommend utilizing a command/batch file to run EXTRACT/Extrac32 on at the very least a number of hundred small to mid-size recordsdata.
You must embody a background picture or “Wallpaper” take a look at this month as a result of an replace to Windows Shell. This is a simple one. Can I see my company wallpaper after I login? Yes? Happy days!
For builders: Microsoft made a significant replace on how Message Queuing (MSMQ) works in Windows desktops this month. One sub-component of the MSMQ characteristic offers with Remote Procedure Calls (RPC) generally utilized in distributed functions. To take a look at your distributed, MSMQ, and RPC-driven company apps (you recognize who you might be) please be sure that the next part areas are included in your mission take a look at and launch schedule:
Message Queue (MSMQ) Services .
MSMQ Active Directory Domain Services Integration.
MSMQ Triggers .
HTTP, Routing Service and Multicasting Support.
MSMQ DCOM Proxy.
Automated testing will assist with these eventualities (particularly a testing platform that provides a “delta” or comparability between builds). However, in your line-of-business functions, getting the applying proprietor (doing UAT) to check and approve the outcomes remains to be important.Windows lifecycle replaceThis part contains essential adjustments to servicing (and most safety updates) to Windows desktop and server platforms.
REMINDER: Home, Pro, Pro Education, and Pro for Workstation editions of Windows 11, model 21H2 reached finish of service on Oct. 10, 2023.
Each month, we break down the replace cycle into product households (as outlined by Microsoft) with the next fundamental groupings:
Browsers (Microsoft IE and Edge).
Microsoft Windows (each desktop and server).
Microsoft Office.
Microsoft Exchange Server.
Microsoft Development platforms (NET Core, .NET Core and Chakra Core).
Adobe (or, in case you get this far).
BrowsersMicrosoft has launched 4 very small updates to the Chromium mission:We are fairly fortunate, as these are very lightweight updates. Nothing in comparison with the urgency and issue we used to expertise with updating Internet Explorer. Add these updates to your customary patch launch schedule.WindowsMicrosoft launched two essential updates and 38 patches rated essential to the Windows platform that cowl the next key parts:
Windows Kerberos.
Windows Hyper-V.
Windows Error log and reporting.
Networking and Bluetooth.
Windows Shell and Active Directory Group Policy objects.
With solely two patches (CVE-2024-20674 and CVE-2024-20700) rated essential and no reported zero-days, that is one other comparatively gentle month. Our focus for testing and deployment needs to be on administrator duties (validating backups, telemetry, and log recordsdata) and a number of the core inner options employed by builders for enterprise logic pushed distributed functions. Add this replace to your customary Windows platform launch schedule.Microsoft OfficeMicrosoft launched simply two (CVE-2024-20677 and CVE-2024-21318) patches for Office and Microsoft SharePoint. These are low-impact updates that ought to not have an effect on how Excel or Words handles numbers or formulation. Add these Office updates to your customary launch schedule.Microsoft Exchange ServerAs in December, Microsoft didn’t launch any updates for Microsoft Exchange Server. Don’t get too comfy. We assume the February replace goes to be an enormous one.Microsoft growth platformsMicrosoft launched six updates affecting Microsoft .NET, Visual Studio, and the SQL Client characteristic. All updates are rated essential. The SQL Client replace (CVE-2024-0056) would require some consideration. Scan your company Line of Business (LOB) or inner functions for .NET’s System.Data.SqlClient dependencies. Once you’ve a prioritized software checklist, please add these updates to your customary developer launch schedule.Adobe Reader (in case you get this far)No updates from Adobe for Reader or Acrobat this month however Microsoft has launched a single replace to the third social gathering database engine SQLite (CVE-2022-35737). This database engine replace ought to actually be included within the developer part, however strictly talking it is an open supply mission supported by Microsoft. Given our analysis on final yr’s patch and replace tendencies, we expect a larger-than-normal replace package deal for February. Automated testing goes to be key, with AI (most likely a “PatchGPT”) taking part in a big position in patch summaries, vulnerability assessments, and testing suggestions.
Copyright © 2024 IDG Communications, Inc.