{"id":12432,"date":"2018-05-30T04:30:06","date_gmt":"2018-05-30T12:30:06","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2018\/05\/30\/news-6201\/"},"modified":"2018-05-30T04:30:06","modified_gmt":"2018-05-30T12:30:06","slug":"news-6201","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/05\/30\/news-6201\/","title":{"rendered":"Microsoft Patch Alert: Major bugs introduced in May fixed, plenty of problems remain"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Wed, 30 May 2018 03:49:00 -0700<\/strong><\/p>\n

Once more we have a monthly Windows\/Office patch scorecard that needs a guidebook. Or two. And we just got a handful of buried warnings about problems in old patches, plus a brand new way to fry your network interface card.<\/p>\n

Thus continues the tradition of two cumulative updates per month for all of the supported Windows 10 versions \u2013 that\u2019s eight cumulative updates in total \u2013 in addition to bobs and weaves and a very long list of acknowledged bugs introduced by recent security patches in Windows 7.<\/p>\n

The strange behavior of the CredSSP update \u2013 where the Patch Tuesday fixes for all versions of Windows seemed to break Remote Desktop Protocol with a strange error message:\u00a0<\/a>\u201cThis could be due to CredSSP encryption oracle remediation\u201d has been resolved.<\/p>\n

Patch Lady Susan Bradley notes<\/a> (about all versions of Windows and Remote access):<\/p>\n

Be aware \u2014 if you are seeing RDP issues post patch Tuesday, the underlying issue is that there is a mismatch between patch levels. The updates for the RDP\/credssp came out in March and slowly Microsoft has been adjusting the mandate of the update. In May, the full \u201cyou must have a patch on both ends\u201d kicked in. So if you haven\u2019t updated your servers, but your workstations got patched you\u2019ll see the CredSSP error message.<\/p>\n

While there is a registry key to allow patched systems to connect to unpatched systems, it\u2019s much wiser to patch your servers. Note that if you held off patching your servers because of the networking side effects\/bugs, those were patched in the April.<\/p>\n

That\u2019s how you solve a CredSSP encryption oracle remediation problem. Obviously. Ahem.<\/p>\n

The unpaid beta testers for Windows 10 April 2018 Update (better known as version 1803) earned their salaries this month, with triple overtime. The embarrassing bug in the original 1803 (released April 30) bricked any computer with an Intel SSD6 drive<\/a>\u2013 including some of Microsoft\u2019s own Surface Pro 2017 computers.<\/p>\n

A similar, but different, bug dogged PCs with Toshiba SSDs<\/a>. The bug persisted in the first cumulative update for Win10 1803, but was finally put to sleep last week with the second cumulative update<\/a>, which finally made 1803 installable on most common PCs.<\/p>\n

Installable, mind you. Not stable. For example, there are many reports of 1803 driving batteries nuts<\/a>. I\u2019ve seen discussions<\/a> of the Surface Studio mouse and keyboard lock-ups after installing 1803, but no solutions \u2013 and there may be a similar problem with earlier versions of Win10. The Reddit 1803 megathread is up to 1,800 comments<\/a>\u2013 not all of which are glowing reports of happiness in 1803 land.<\/p>\n

The greatest malfeasance, in my opinion, is Microsoft\u2019s continuing push to install Win10 1803 on machines that are set to specifically avoid it<\/a>. Win10 1709 Home users get hit the worst. AskWoody reader IG puts it this way:<\/p>\n

I have found that (at least in my situation with my Lenovo and HP laptops) the best way to avoid the latest feature update for Windows 10 Home, is to not only set your connection to metered, but to also install the Windows update tool, (wushowhide). Despite being on a metered connection, the 1803 upgrade eventually showed up \u2018available to download\u2019 this week. Along with the 1803 update a 1709 update also showed up but required a \u2018retry.\u2019 Using the update tool I hid the 1803 upgrade, and the next time Windows automatically checked for updates, it was no longer available to download. I was also able to retry and install the current 1709 update without any issues.<\/p>\n

I continue to strongly recommend that you not hobnob with the cannon fodder and wait for Microsoft to show some restraint. Or at least some fixes. My original recommendations<\/a> for blocking 1803 still work, but you have to use all of them, altogether, all the time.<\/p>\n

If you\u2019re using Windows 10, you saw big multiple patches in April:<\/p>\n

Version 1703 remains stable (although there\u2019s a whole lotta patchin\u2019 goin\u2019 on) and 1709 has finally found some maturity. About a month too late.<\/p>\n

Windows 7 continues to be singled out for back-breaking patch-induced bugs. Microsoft officially acknowledges both of these bugs<\/em><\/strong>in the latest Win7\/Server 2008 R2 patch, KB 4103718<\/a>:<\/p>\n

As it turns out, the missing oem<number>.inf issue dates back to the March patches. According to an anonymous poster<\/a>:<\/p>\n

It\u2019s not only KB4103718 (May 8, 2018\u2014KB4103718 (Monthly Rollup)) that has been updated last Friday with the missing oem<number>.inf issue. The problem seems to date back to the March 2018 Security-Only and Monthly Rollup updates.<\/p>\n

All of the following knowledge base articles were updated with similar warnings on May 25:<\/p>\n

We\u2019re stuck between a rock and a hard place. Microsoft won\u2019t say which vendor(s) and\/or which network card(s) are getting cracked by the patch. There\u2019s speculation that the bad card is from Intel<\/a>, but we really don\u2019t know. Your only real recourse is to create a full backup prior to applying this month\u2019s patches, or to accept the possibility that you\u2019ll have to manually re-install them. Susan Bradley has detailed instructions<\/a>.<\/p>\n

That same anonymous poster goes on to advise:<\/p>\n

Also, there is a new, never heard before issue with the Win7 March 2018 Security-only update (KB4088878):<\/p>\n

Symptom: A 32-bit (x86) computer won\u2019t boot or keeps restarting after applying this security update.<\/p>\n

Workaround: Before applying this security update and subsequent security updates, uninstall the following external drivers until they are fixed by the vendor that owns them:<\/p>\n

It\u2019s not at all clear if that warning is only for 32-bit computers.<\/p>\n

If you want to see something scary, take a look at the current version of the \u201cKnown issues\u201d list for the Win7 Security-only patch, KB 4088878<\/a>. I count nine acknowledged bugs introduced in that one Security-only patch.<\/p>\n

Windows 8.1 \/ Server 2012 R2 continues to look good. By any objective measure, 8.1 is Microsoft\u2019s most stable version of Windows. By a long shot.<\/p>\n

I don\u2019t know of any pressing problems with this month\u2019s Office patches. Susan Bradley\u2019s Master Patchwatch List<\/a> gives them a clean bill of health, and @PKCano\u2019s list of non-security patches looks clean, too, although there are a number of acknowledged problems listed on the official Fixes pages<\/a>.<\/p>\n

Stay tuned.<\/p>\n

Thx to @PKCano, @sb and the Mentats-in-Training.<\/em><\/p>\n

Join us for the latest on the AskWoody Lounge<\/a><\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Wed, 30 May 2018 03:49:00 -0700<\/strong><\/p>\n

\n
\n

Once more we have a monthly Windows\/Office patch scorecard that needs a guidebook. Or two. And we just got a handful of buried warnings about problems in old patches, plus a brand new way to fry your network interface card.<\/p>\n

Thus continues the tradition of two cumulative updates per month for all of the supported Windows 10 versions \u2013 that\u2019s eight cumulative updates in total \u2013 in addition to bobs and weaves and a very long list of acknowledged bugs introduced by recent security patches in Windows 7.<\/p>\n

Conflicts with Remote Desktop<\/strong><\/h2>\n

The strange behavior of the CredSSP update \u2013 where the Patch Tuesday fixes for all versions of Windows seemed to break Remote Desktop Protocol with a strange error message:\u00a0<\/a>\u201cThis could be due to CredSSP encryption oracle remediation\u201d has been resolved.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714,10525],"class_list":["post-12432","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security","tag-windows"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12432","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12432"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12432\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12432"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12432"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12432"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}