{"id":12831,"date":"2018-07-17T08:30:04","date_gmt":"2018-07-17T16:30:04","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/07\/17\/news-6598\/"},"modified":"2018-07-17T08:30:04","modified_gmt":"2018-07-17T16:30:04","slug":"news-6598","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/07\/17\/news-6598\/","title":{"rendered":"Stung by a festering pile of bugs on Patch Tuesday, MS releases 27 more patches"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Tue, 17 Jul 2018 09:21:00 -0700<\/strong><\/p>\n

In what is becoming a common occurrence, Microsoft\u2019s Patch Tuesday brought along so many bugs that they necessitated a remediation round. This month, unusually, it took only six days to get the exterminators out. <\/span><\/p>\n

Since these fixes are aimed at four specific bugs introduced on Patch Tuesday, they don\u2019t include the massive patches normally appearing on the second Patch Whateverday of the month. My guess is we\u2019ll see at least one more big set of Windows patches before the month is out. Oh, boy.<\/span><\/p>\n

Yesterday, Monday, July 16, Microsoft released 27 new security patches for Windows, bringing the total number of <\/span>patches so far this month<\/span><\/a> up to 156. The new patches fall into six separate groups:<\/span><\/p>\n

All six of the groups say they fix the same basic bugs. Er, issues. All of the acknowledged issues look like this:<\/span><\/p>\n

Win10 1703, Win8.1 and Win7 don\u2019t list the DHCP Failover bug. <\/span><\/p>\n

Yes, you read that correctly. If you installed <\/span>any <\/i><\/strong>of the Patch Tuesday patches for Windows, you got hit with at least three of those bugs. They won’t affect most of you. But for folks relying on those specific features, the bugs are deadly.<\/span><\/p>\n

How bad was it? On Sunday \u2014 five days after the buggy Patch Tuesday swarm came out of the underground \u2014 the Microsoft Exchange Team blog posted a <\/span>candidate evaluation<\/span><\/a>:<\/span><\/p>\n

The Exchange team is aware of issues with the Windows Operating System updates published July 10th, 2018, causing Exchange to not function correctly. The Windows servicing team has advised us that they will be releasing updates to the affected packages. We encourage Exchange customers to delay applying the July 10th updates, including the security updates released on the same date, on to an Exchange server until the updated packages are available.<\/span><\/p>\n

That\u2019s a good warning, but if you weren\u2019t perusing the Exchange Team blog on a Sunday afternoon, you may have missed it. Gawrsh.<\/span><\/p>\n

If you head over to Windows Update right now (ProTip: DON\u2019T<\/strong>), you may or may not find the July updates waiting. There\u2019s at least <\/span>one report<\/span><\/a> that you have to install last month\u2019s Preview before you can see the Patch Tuesday Win7 Monthly Rollup. <\/span><\/p>\n

Yet another reason to hold off on installing this month\u2019s Win7 patch. As if you needed another one. G\u00fcnter Born <\/span>reports on his blog<\/span><\/a> about a reader who says:<\/span><\/p>\n

After those recent updates, web servers are also not functioning well. When restarting a server under IIS, the server refuses to start again unless you do a reboot. Also all our custom services listening to a socket refuse to restart.<\/span><\/p>\n

Is anyone also having these issues? For a quick troubleshooting, I uninstalled KB4338818 and issue went away.<\/span><\/p>\n

Life as a server administrator dealing with broken updates s*cks!<\/span><\/p>\n

Born also reports that some Apache servers get stomped, too. It isn\u2019t clear to me if yesterday\u2019s Win7 patch, KB 4345459, fixes the problem \u2014 but if it does, the KB article doesn\u2019t bother to mention the fix.<\/span><\/p>\n

That\u2019s not all. There are five new .NET patches, falling into these groups:<\/span><\/p>\n

According to the KB articles, both of these patches continue to exhibit this \u201cknown issue\u201d:<\/span><\/p>\n

Users receive a “0x80092004” error when they try to install the July 2018 Security and Quality Rollup update KB4340557 or KB4340558 on Windows 8.1, Windows Server 2012 R2, or Windows Server 2012 after they install the June 2018 .NET Framework Preview of Quality Rollup updates KB4291497 or KB4291495 on systems that are running on .NET Framework 4.7.2, 4.7.1, 4.7, 4.62, 4.6.1, or 4.6.<\/span><\/p>\n

As Martin Brinkmann <\/span>explains on his Ghacks site<\/span><\/a>:<\/span><\/p>\n

It is possible that Microsoft did not update the description yet and that the issue is resolved. <\/span><\/p>\n

To answer the most obvious question, no, it doesn\u2019t appear as if anyone tests these things before they\u2019re shoved out the Windows Update chute.<\/span><\/p>\n

Thx to @abbodi86, @PKCano, @gborn, @ghacks and the legions of AskWoody sleuths.<\/span><\/em><\/p>\n

You can comment on this article on the <\/span><\/i>AskWoody Lounge<\/span><\/i><\/a>, but be forewarned: I goofed and let the SSL certificate expire Saturday night. You\u2019ll have to <\/span><\/i>poke through<\/span><\/i><\/a> your browser\u2019s defenses to get into the site. Hope to have it working again later today.<\/span><\/i><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Tue, 17 Jul 2018 09:21:00 -0700<\/strong><\/p>\n

\n
\n

In what is becoming a common occurrence, Microsoft\u2019s Patch Tuesday brought along so many bugs that they necessitated a remediation round. This month, unusually, it took only six days to get the exterminators out. <\/span><\/p>\n

Since these fixes are aimed at four specific bugs introduced on Patch Tuesday, they don\u2019t include the massive patches normally appearing on the second Patch Whateverday of the month. My guess is we\u2019ll see at least one more big set of Windows patches before the month is out. Oh, boy.<\/span><\/p>\n

Windows July patches, version 2<\/h2>\n

Yesterday, Monday, July 16, Microsoft released 27 new security patches for Windows, bringing the total number of <\/span>patches so far this month<\/span><\/a> up to 156. The new patches fall into six separate groups:<\/span><\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714,10525],"class_list":["post-12831","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security","tag-windows"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12831"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12831\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12831"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}