A Lighter-than-normal Patch Tuesday for December, 2019

Credit to Author: alexandrebecholey| Date: Wed, 11 Dec 2019 00:36:22 +0000

There may be a smaller overall tally of things to fix this month than in recent update cycles, but at least one bug is being exploited in the wild<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/gu6tev4DC1Q” height=”1″ width=”1″ alt=””/>

Read more

Microsoft to end updates to Windows 7's free AV software, Security Essentials

Credit to Author: Gregg Keizer| Date: Mon, 09 Dec 2019 11:05:00 -0800

Microsoft will not provide new malware signatures for its home-grown Security Essentials software after it retires Windows 7 in five weeks.

“No, your Windows 7 computer is not protected by MSE ((Microsoft Security Essentials)) after January 14, 2020,” the company said in a support document mainly concerned about the Extended Security Updates (ESU) being shilled to enterprises. “MSE is unique to Windows 7 and follows the same lifecycle dates for support.”

Security Essentials, a free antivirus (AV) program that launched in 2008, was originally limited to consumers. However, in 2010, Microsoft expanded the licensing to small businesses, defined as those with 10 or fewer PCs. Two years after that, MSE was replaced by Windows Defender with the launch of Windows 8.

To read this article in full, please click here

Read more

All’s clear to install Microsoft’s November patches

Credit to Author: Woody Leonhard| Date: Thu, 05 Dec 2019 07:46:00 -0800

The November passel of patches didn’t include anything earth-shattering; there were no emergency security breaches storming the gates, but good patching hygiene dictates that you get your machine braced for the next round.

If you install patches manually one by one (“Group B,” which I don’t recommend for mere mortals), you need to make sure you have the proper Servicing Stack Updates in place. They’ve all changed in the past month.

To read this article in full, please click here

Read more

Microsoft Patch Alert: November patches behave themselves – with a few exceptions

Credit to Author: Woody Leonhard| Date: Tue, 03 Dec 2019 10:29:00 -0800

What a relief. The only major patching problem for November came from Office, not Windows. We had a handful of completely inscrutable patches – including two .NET non-security previews that apparently did nothing – but that’s the worst of it.

November saw the last security patch for Win10 version 1803. Win10 version 1909 got released, gently. We also had a much-hyped “exploited” zero-day security hole in Internet Explorer (again) that didn’t amount to a hill of beans (again).

To read this article in full, please click here

Read more

Microsoft starts releasing fixes for Access bugs introduced in Office security patches this month

Credit to Author: Woody Leonhard| Date: Tue, 19 Nov 2019 06:09:00 -0800

Although we’ve been promised no “C” or “D” week second cumulative updates for the rest of the year — at least for Windows — Microsoft has acknowledged a bug it created in last week’s Patch Tuesday Office patches, and now promises that it’ll update the bad fixes on most machines this week or next. Those are “C” week and “D” week, respectively.

The cause du jour: a bug in all of this month’s Office security patches that throws an error in Access saying, “Query xxxx is corrupt,” when in fact the query in question is just fine. Microsoft describes the erroneous error message on its Office Support site:

To read this article in full, please click here

Read more

Patch Tuesday arrives with Access error, 1909 in tow, and a promise of no more 'optional' patches this year

Credit to Author: Woody Leonhard| Date: Wed, 13 Nov 2019 07:59:00 -0800

The patches haven’t yet been out for 24 hours and already we’re seeing a lot of activity. Here’s where we stand with the initial wave of problems.

Malicious Software Removal Tool installation error 800B0109 

Many early patchers found that the MSRT, KB 890830, kept installing itself over and over again. Poster IndyPilot80 says:

It sits at “Installing: 0%” for a couple minutes then goes away. When I hit “Check for Updates” it shows up again and does the same thing.

To read this article in full, please click here

Read more

Patch Tuesday targets Hyper-V virtual machines in November, 2019 updates

Credit to Author: SophosLabs Offensive Security| Date: Tue, 12 Nov 2019 17:15:50 +0000

Microsoft released their monthly security updates for November, 2019, this morning. This month, Microsoft said the company fixed a total of 73 vulnerabilities across its product lines. Thirteen of the fixes address problems Microsoft classifies as Critical, the most urgent type of problem to address. The company classified the repair of an additional 59 bugs [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/BBm3ctmT8pE” height=”1″ width=”1″ alt=””/>

Read more