[ad_1]
As we approach the end of the "Week C" update (ie the week that contains the third Tuesday of the month), there is no bugs in the Windows and Office patches and some traps. As long as you avoid Microsoft patches for Intel's Meltdown / Specter bugs, you should be in good shape.
Why a patch on Monday?
On September 17th, Microsoft released two very exclusive cumulative updates for Windows 10:
- KB 4464218 brings Win10 1803 to construction 17134.286
- KB 4464217 brings Win10 1709 to build 16299.666
The two cumulative updates fix a bug introduced in the July 24th cumulative updates. The bug causes Microsoft Intune to stutter because it looks in the wrong place for user profiles. The second cumulative update also fixes an obscure VPN bug.
I do not know why Microsoft released these patches on a Monday. They could certainly have waited until Tuesday – the "week C" Tuesday being traditionally used to correct the bugs introduced during the patch Tuesday. Someone has clearly jumped the torch, and people who adapt to make a living are not really happy to have their chains wanked.
We never had a cumulative update for Win10 1703. Maybe it was not affected by the July 24 bug. Maybe it's too long in the tooth, support for 1703 to expire next month.
We also got an out-of-band cumulative update for Windows 7 Internet Explorer, KB 4463376, on a week B Friday afternoon.
Second Win10 cumulative updates
If September follows the precedent established this year, we will likely see another round of cumulative Win10 updates during "D Week" – next Tuesday, September 25th. At the same time, and 8.1. Of course, you should ignore them.
More firmware updates
We're getting more and more firmware updates for Microsoft Surface devices. Over the past month, firmware / driver patches have been installed for Surface Pro 3, Surface Pro 4, Surface Pro 2017, Surface Book and even Surface Studio. This is a global transformation (or a massive fix) that has not been extended to the Surface Laptop, Book 2, or Go. Encore.
Meanwhile, I still hear complaints about the Surface Pro 4 update.
More fixes from Intel microcode
Although there is still no threat of merger or credible issuance (Specter v 1, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.8, 2, 3, 3a, 4 or 5) , Microsoft continues to release microcode updates for Intel processors on machines running Win10 version 1709 and 1803. Sometimes, installers try to install Intel updates on AMD processors, but what is the hay.
I come back to Helen Bradley's statement last month:
Unless you are a nation-state, have a major asset in a cloud server, or are running for a government office, I think we're spending a lot more than we should. I still think attackers will hit me with malware, attacking me with phishing, ransomware, etc., etc. far more than anyone will use these secondary channel attacks to get information from me. Remember that the attacker must first access your system and I always think that he will use the many other ways to attack me more easily than this attack. Also keep in mind that we will not have a complete solution to this problem for several years. Intel and AMD will have to redesign the chips to be finally repaired.
If you are concerned about such things, indulge yourself and visit Intel (probably via the manufacturer of your computer) and install the specific patches you need. And remember that they do not solve the problem completely.
If you want to use the Microsoft approach to microcode, give up hope and follow Bradley's advice. right here.
The bottom line
The July patches were an absolute disaster. August is significantly improved. Now, although the month is not over yet, September seems to be going well – if you skip the Patch Monday blunder and release Meltdown and Spectrum.
Despite several warnings from Chicken Little this month, there have been no widespread attacks that warrant the installation of any of the September patches.
The PatchList Master of Susan Bradley is relatively serene.
There is something to hope for. In October, we receive a "week E" – there are five Tuesdays in October. This will be the first "E Week" since Microsoft has adopted the "Week A" bafflegab. What wonders are waiting?
Thx at @sb and @PKCano
Patching problems? Join us at AskWoody.
Source link