Updates to Exchange and Microsoft Installer drive Patch Tuesday testing

Review

Updates to Exchange and Microsoft Installer drive Patch Tuesday testing

Ziya McKinley

November 12, 2021

This is a comparatively mild Patch Tuesday replace from Microsoft, although wo vital vulnerabilities within the Windows platform (CVE-2021-38631 and CVE-2021-41371), each regarding Remote Desktop Protocol dealing with, have been disclosed and are lending some urgency to making use of Windows updates. And we now have one other technically difficult replace to Microsoft Exchange Server to handle as effectively.Pay shut consideration to the Servicing Stack Updates (SSU) this month, as it could have an effect on how your functions set up (with explicit concentrate on the un-installation course of). Microsoft has already stated there won’t be a C patch cycle launch subsequent month, which suggests the December Patch Tuesday launch needs to be mild. You can discover extra details about the danger of deploying these Patch Tuesday updates with this infographic.Key testing eventualitiesThere are not any reported high-risk adjustments to the Windows platform this month. However, there may be one reported practical change, and a further characteristic:You should take a look at your printers once more. Try utilizing Notepad first, then Adobe Reader (PDFs) and embody pictures (PNG, JPG, BMP). Testing is very essential if in case you have V3 printer drivers.
If your line-of-business apps are utilizing COM (or heaven forbid DCOM), you have to a full burn-in take a look at. Changes within the COM STA Threading mannequin may result in troublesome trouble-shooting eventualities.
Using the Microsoft Movies and TV utility, play MP4 movies and examine for audio points.
You is probably not utilizing Internet explorer (IE), however functions could have dependencies on IE parts (IEFRAME.DLL). Assess your utility portfolio for this key dependency, after which take a look at for Office part integration points and tabbed searching.
Also, take a look at Microsoft Timeline, as minor adjustments have been made to how your information is managed.
The greatest difficulty (or engineering activity) this month is the necessity to validate that your functions set up, restore, replace, and uninstall accurately. Check your Windows Installer logs (0’s for fulfillment). I believe it is a huge job as we generally concentrate on utility installations; this time we now have to take a look at how functions are uninstalled. Once an utility has been uninstalled, the goal machine needs to be clear, error logs empty, and no functions damaged. Getting this proper will enable for the following MSI Installer replace to run easily.Known pointsEach month, Microsoft features a record of identified points that relate to the working system and platforms included on this replace cycle. Here are just a few key points that relate to the newest builds from Microsoft, together with:After putting in the June 21, 2021 (KB5003690) replace, some units can not set up new updates, such because the July 6, 2021 (KB5004945) or later updates. You will obtain the error message, “PSFX_E_MATCHING_BINARY_MISSING.” For extra info and a workaround, see KB5005322.
Some Windows 10 LTSC methods are encountering a difficulty after putting in KB4493509. Devices with some Asian language packs put in could obtain the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.” Microsoft is at the moment engaged on a repair.
Windows print purchasers would possibly encounter the next errors when connecting to a distant printer shared on a Windows print server: 0x000006e4 (RPC_S_CANNOT_SUPPORT), 0x0000007c (ERROR_INVALID_LEVEL), 0x00000709 (ERROR_INVALID_PRINTER_NAME). Microsoft is engaged on this difficulty. We anticipate that there could also be an OOB replace to handle these earlier than December’s B launch (Patch Tuesday). The excellent news right here is that the majority of those reported printer points relate to company environments (e.g., printer servers mixed with a website controller); most residence customers won’t be affected by the safety issues or printing issues.
After putting in this month’s Microsoft replace, connecting to units in an untrusted area utilizing Remote Desktop would possibly fail to authenticate when utilizing good card authentication. You would possibly obtain the immediate “Your credentials did not work.” This difficulty is resolved utilizing Known Issue Rollback (KIR) — which is form of thrilling. Microsoft now permits for policy-driven execution paths of managed code. In case you encounter points, you’ll be able to roll again the execution path of the affected information, placing that piece of code again to a “pre-patch” state. To do that efficiently, it’s essential ensure you have the proper coverage information to your platform. You can discover the related coverage information for every Windows model right here:One of one of the best methods to see whether or not there are identified points that have an effect on your goal platform is to take a look at the numerous configuration choices for downloading patch information on the Microsoft Security Update steering web site or the abstract web page for this month’s safety replace. Major revisionsNo main revisions (and even documentation updates) this month.Mitigations and workaroundsAs of Nov. 12, Microsoft has not revealed any mitigations or workarounds regarding this month’s replace cycle.Each month, we break down the replace cycle into product households (as outlined by Microsoft) with the next primary groupings:Browsers (Microsoft IE and Edge);
Microsoft Windows (each desktop and server);
Microsoft Office;
Microsoft Exchange;
Microsoft Development platforms (ASP.NET Core, .NET Core and Chakra Core);
Adobe (retired???, not but).
BrowsersMicrosoft has launched a single essential replace to Microsoft Edge. At its core, this patch is a Chromium code replace, but it surely impacts how Edge’s IE mode operates. The potential enterprise affect of this replace is marginal, so add this comparatively easy replace to your common launch schedule.WindowsThe Microsoft Windows platform obtained 28 updates, with three rated as essential and the remaining patches rated as essential. The greatest concern are the 2 publicly reported Remote Desktop Protocol (RDP) points (CVE-2021-38631 and CVE-2021-41371). Microsoft has been engaged on the RDP protocol extensively for the previous 12 months with vital updates launched with every Patch Tuesday. I’ve at all times had my doubts about RDP, although Microsoft provides some steering and instruments to safe your distant desktops. Given the latest provide chain issues, and the shortage of absolutely built-in RDP alternate options, I believe patching early and sometimes is our greatest possibility. Add these updates to your Windows “Patch Now” schedule.Microsoft OfficeMicrosoft launched 4 updates, all of them rated as essential. Affecting Access, Word, and Excel, these vulnerabilities require each native entry to the goal system and person interplay. Unfortunately, one Excel associated difficulty (CVE-2021-42292) has been reported as exploited (although registered by Microsoft as proof-of-concept). Though these Office associated safety points should not “wormable,” a publicly reported exploitation of a distant code execution vulnerability raises the danger considerably for enterprise clients. Add these updates to your “Patch Now” launch schedule.Microsoft Exchange ServerMicrosoft launched three essential updates (CVE-2021-1349, CVE-2021-42305, CVE-2021-42321) for Exchange Server this month. All three updates hyperlink again to a single Knowledge Base (KB) article, KB5007049. These updates would require a server reboot and there’s a distinct likelihood that this may occasionally trigger an set up failure or break the Exchange Server (“break” as in no distant login). There are various identified points with this replace regarding guide installs and UAC points. Thoroughly take a look at this replace earlier than any manufacturing deployments.Microsoft improvement platformsThis month’s replace is a bit more fascinating than typical. We have two updates (each rated as essential) to Visual Studio that would result in elevation-of-privilege eventualities. And unusually, Microsoft has added an Open Source venture vulnerability from August to this month’s November replace. The essential rated difficulty within the OpenSSL cryptography framework (CVE-2021-3711) is consumed by Microsoft Visual Studio and due to this fact was thought-about a major threat to Visual Studio customers. This is a good name by Microsoft and actually demonstrates its dedication to all these open-source tasks. Add these updates to your common developer roll-out schedule.Adobe (actually simply Reader)This month, Adobe has launched three decrease rated points affecting their RoboHelp (APSB21-87), InCopy (APSB21-110) and Creative Cloud desktop (APSB21-111) functions. Though there are not any updates to Adobe Reader, we extremely advocate that you simply take a look at out printing your PDF’s because of the adjustments within the Windows printing system. In addition, you might must examine that the auto-update characteristic remains to be working in Adobe Reader as soon as this month’s replace has been put in.