{"id":11162,"date":"2018-01-18T08:30:15","date_gmt":"2018-01-18T16:30:15","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/01\/18\/news-4933\/"},"modified":"2018-01-18T08:30:15","modified_gmt":"2018-01-18T16:30:15","slug":"news-4933","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/01\/18\/news-4933\/","title":{"rendered":"More Windows patches, primarily previews, point to escalating problems this month"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Thu, 18 Jan 2018 06:39:00 -0800<\/strong><\/p>\n

Never give a sucker an even break. Yesterday, on a very out-of-band Wednesday, Microsoft released preview patches for Windows 8.1 (but not 7!), Server 2012, and Windows 10 1709 (for bricked AMD machines only), with preview cumulative updates for Win10 1703 and 1607. There are also nine different .NET preview patches.<\/p>\n

What should you do? Nothing. More accurately, make sure you DON\u2019T install any of them. Fortunately, all of these patches require that you download and install them \u2014 and you\u2019d have to be crazy (or an admin trying to shore up some critical servers) to dive into the cesspool.<\/p>\n

It\u2019s the same advice I\u2019ve been giving all month. There\u2019s nothing here that you need right now \u2014 there are no known exploits for Meltdown or Spectre in the wild, in particular \u2014 and machines are dropping like flies.<\/p>\n

Unbootable state for AMD devices in Windows 10 Version 1709<\/a> \u2014 KB 4073290.<\/strong> This is another one of those weird \u201cinstall this patch on AMD machines that got bricked\u201d patches where you only know for sure that you need the patch if you already got clobbered by the original 1709 Cumulative Update \u2014\u00a0and managed to get your machine back and running.<\/p>\n

I talked about <\/a>analogous patches for Win7 and 8.1 machines earlier this week. I\u2019ve seen exactly zero advice from Microsoft about these patches \u2014 how to tell if your machine needs KB 4073290 (without bricking your machine) and whether you need to install the cumulative update after you install KB 4073290, just for starters. There\u2019s no indication whether KB 4073290 is a cumulative update or not.<\/p>\n

Jan. 17, 2018\u2014KB4057144 (OS Build 15063.877)<\/a> \u2014 Win10 Version 1703 cumulative update.<\/strong> This is the second CU for 1703 so far this month. This patch \u201caddresses [an] issue where some customers with AMD devices get into an unbootable state.\u201d There are a dozen or so additional fixes. Like all of the Meltdown\/Spectre patches, you need to use antivirus software that sets the correct registry key <\/a>before KB 4057144 will install. KB 4057144 isn\u2019t being pushed out Windows Update; it\u2019s only available by manually downloading it from the Update Catalog<\/a>.<\/p>\n

Jan. 17, 2018\u2014KB4057142 (OS Build 14393.2034)<\/a> \u2014 Win10 Version 1607 cumulative update.<\/strong> This is the second one this month. Like the Win10 1703 patch, this one \u201caddresses [an] issue where some customers with AMD devices get into an unbootable state,\u201d but it also includes dozens of additional fixes. Apparently this patch is incompatible with Microsoft\u2019s Windows Defender Credential Guard \u2014 the KB article states:<\/p>\n

After installing this update, servers where Credential Guard is enabled may experience an unexpected restart with the error, “The system process lsass.exe terminated unexpectedly with status code -1073740791. The system will now shut down and restart.”<\/p>\n

This isn\u2019t the only patch that\u2019s throwing the Credential Guard error. Microsoft has gone back in to the KB articles for the past four Win10 1607\/Server 2016 cumulative updates and added that same admonition, going back to Nov. 27.<\/p>\n

Jan. 17, 2018\u2014KB4057402 (Preview of Monthly Rollup)<\/a> \u2014 a Monthly Rollup Preview for Server 2012.<\/strong> Oddly, the KB article doesn\u2019t say anything about fixing the problem that bricks AMD processors.<\/p>\n

Jan. 17, 2018\u2014KB4057401 (Preview of Monthly Rollup)<\/a> \u2014 ditto for Win8.1\/ Server 2012 R2.<\/strong><\/p>\n

That\u2019s it for Windows. I have no idea why the two Monthly Rollup Preview patches don\u2019t specifically refer to the AMD bluescreens caused by this month\u2019s earlier Monthly Rollups. And I have no idea why there\u2019s no Win7 Monthly Rollup Preview.<\/p>\n

The .NET patch previews read like a Most Wanted list:<\/p>\n

No, Microsoft hasn\u2019t bothered to standardize the naming of .NET patches just yet.<\/p>\n

These .NET patches are particularly welcome because the .NET patches released so far this month have been riddled with bugs. On the MSDN blog<\/a>, @abbodi86 notes:<\/p>\n

The KB4055002 Security and Quality Rollup for .NET Framework 4.7.1 on Windows 7 messes up .NET 4.7.1 installation. It replaces some 4.7.1 files with older 4.7 files including GlobalUserInterface.CompositeFont \u00a0<\/p>\n

That, in turn, has led to all sorts of problems with font selection in WPF applications.<\/p>\n

The patch carnage this month has been horrendous. If my notes are accurate, so far this month Microsoft has had patches on:<\/p>\n

And that doesn\u2019t include the Surface firmware and driver patches.<\/p>\n

Once again, the entire patching situation has turned into a steaming pile of cow dung<\/a>. Your only safe option is to refrain from patching until Microsoft gets its act together. Take solace in the likelihood that the first widespread Meltdown\/Spectre malware is likely to get attached to a web browser \u2014 and the browser manufacturers are circling the wagons quickly.<\/p>\n

Poster @Sessh on AskWoody has a very sobering observation:<\/a><\/p>\n

Microsoft issues a Windows 10 update that renders people\u2019s computers useless forcing the casual computer user (read: most PC owners) to have to pay money out of pocket to fix a problem directly caused by Microsoft\u2019s incompetence and was not in any way their fault? How does that even make sense? It\u2019s amazing the hoops users are expected to jump through just to make their W10 PC\u2019s work at all which now includes doing BIOS updates to prevent said updates from ruining your computer? Seriously? There are people that are actually cool with this level of incompetence? It\u2019s unbelievable what some people are willing to put up with these days.<\/p>\n

Special thanks to @MrBrian, @abbodi86 and @PKCano<\/p>\n

Join us for group therapy on the <\/em>AskWoody Lounge<\/em><\/a>.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Thu, 18 Jan 2018 06:39:00 -0800<\/strong><\/p>\n

\n
\n

Never give a sucker an even break. Yesterday, on a very out-of-band Wednesday, Microsoft released preview patches for Windows 8.1 (but not 7!), Server 2012, and Windows 10 1709 (for bricked AMD machines only), with preview cumulative updates for Win10 1703 and 1607. There are also nine different .NET preview patches.<\/p>\n

What should you do? Nothing. More accurately, make sure you DON\u2019T install any of them. Fortunately, all of these patches require that you download and install them \u2014 and you\u2019d have to be crazy (or an admin trying to shore up some critical servers) to dive into the cesspool.<\/p>\n

It\u2019s the same advice I\u2019ve been giving all month. There\u2019s nothing here that you need right now \u2014 there are no known exploits for Meltdown or Spectre in the wild, in particular \u2014 and machines are dropping like flies.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714,10761],"class_list":["post-11162","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security","tag-windows-10"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11162","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=11162"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11162\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=11162"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=11162"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=11162"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}