{"id":17525,"date":"2020-01-23T08:30:04","date_gmt":"2020-01-23T16:30:04","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2020\/01\/23\/news-11260\/"},"modified":"2020-01-23T08:30:04","modified_gmt":"2020-01-23T16:30:04","slug":"news-11260","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2020\/01\/23\/news-11260\/","title":{"rendered":"Microsoft Patch Alert: January 2020 patches look relatively benign"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Thu, 23 Jan 2020 07:17:00 -0800<\/strong><\/p>\n

The big patching problems this month fell at the feet of admins who had to deal with an unholy mess of pressing exposures: Fixing the holes in Microsoft\u2019s RD Gateway (CVE-2020-0610; see Susan Bradley\u2019s Patch Watch<\/a>, paywalled); dealing with Server 2008 R2 systems that booted to Recovery mode<\/a> after installing the January patches; scrambling to pick up after breaches in Citrix networking products<\/a>; or the 334 Oracle security patches<\/a>. They all took a toll.<\/p>\n

Those of us not in charge of multinational networks could breathe a little easier. In spite of a stellar advertising campaign<\/a> from the National Security Agency (NSA), the Chain of Fools\/CurveBall CVE-2020-0601 hole hasn\u2019t turned into an active attack. As I said at the time<\/a>, it\u2019s a long way from a third-degree polynomial to working ransomware.<\/p>\n

Yes, you need to patch sooner or later. But, no, the sky isn\u2019t falling. Those reports of the internet\u2019s impending CurveBall doom were just a little bit overblown.<\/p>\n

As usual.<\/p>\n

I would conjecture that the January Patch Tuesday crop is relatively well-behaved because, at least apparently, they only contain security patches. Normally, Microsoft releases dozens of \u201coptional, non-security\u201d patches every month \u2013 bug fixes \u2013 but those annoying little gnats haven\u2019t made an appearance since October.<\/p>\n

I expect that will change shortly. We\u2019ll no doubt see dozens \u2013 if not hundreds \u2013 of smaller patches out in the usual \u201cC Week\/D Week\u201d cadence soon. Since we\u2019ve seen no such infestation in three months, you\u2019d be smart to avoid the \u201coptional\u201d patches, once they arrive, until they\u2019ve been well vetted.<\/p>\n

G\u00fcnter Born has put together a comprehensive list of printing problems<\/a> associated with recent patches. They seem to come and go \u2013 many different printers, many different symptoms.<\/p>\n

There are also many reports of January cumulative updates failing to install, with various error message.<\/p>\n

None of the problems seem particularly remarkable \u2013 or even replicable \u2013 to me, but if you get stuck trying to install one of the January patches, your opinion may vary.<\/p>\n

If you \u201cseek\u201d by clicking on the \u201cCheck for updates\u201d button in Win10 1809 or 1903, Microsoft warns that it may upgrade you to Win10 version 1909<\/a>:<\/p>\n

Current status as of Jan. 21:<\/p>\n

Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects \u201cCheck for updates\u201d via Windows Update. The recommended servicing status is Semi-Annual Channel.<\/p>\n

Of course, Microsoft disavowed any use of the bafflegab phrase \u201cSemi-Annual Channel\u201d<\/a> a year ago. Consistency. Hobgoblins. Little minds. Microsoft may feel that 1909 is ready for widespread deployment, but I\u2019m still seeing many reports of problems with Win10 version 1909 \u2013 the well-documented Search in File Explorer bugs<\/a>, power problems<\/a>, video problems<\/a>, Your Phone oddities<\/a>.<\/p>\n

In addition, Microsoft has warned that it\u2019s starting to force Win10 version 1809 customers onto 1909:<\/p>\n

“We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.”<\/p>\n

For reference, Win10 version 1809 is supposed to hit end of service on May 12. You 1809 users are getting four months shaved off of your promised end of life. As a Service.<\/p>\n

Remarkably, tests by @PKCano show that Microsoft is still honoring the \u201cDefer feature updates\u201d setting in Win10 version 1803 Pro. It looks like the methods for staying on 1803, 1809, and 1903 as documented in How to block the Windows 10 November 2019 Update, version 1909, from installing<\/a> still work. And if you want to upgrade to 1903, avoiding 1909 for the time being, the method described here<\/a> also works.<\/p>\n

Everybody\u2019s favorite whipping boy, Windows 7, got slapped with two bugs in the final round of free patches.<\/p>\n

Anybody using Win7 who installs the January patches will find that their \u201cstretched\u201d desktop wallpaper comes out black, which can look disconcertingly like a Black Screen of Death. Lawrence Abrams has a full description, and a clever workaround, at BleepingComputer<\/a>.<\/p>\n

More alarmingly, Microsoft posted Security Advisory ADV200001 on Jan. 17. The Advisory details yet another security hole<\/a> in Internet Explorer\u2019s JScript engine, CVE-2020-0674. There\u2019s a manual workaround with numerous side-effects, at least some of which have been overcome by a 0patch micropatch<\/a> that you can install if you feel threatened.<\/p>\n

Here\u2019s the big open question: Will Microsoft fix Windows 7 later this month, in spite of the Jan. 14 end of service deadline? Or will Win7 drift into the sunset with a Black Screen bug and a known IE hole?<\/p>\n

Seven semper fi.<\/p>\n

This isn\u2019t a widespread problem. It only applies to those who are running Office 365 ProPlus, which is directed at (but not limited to) Enterprises with savvy admins. But it\u2019s an astounding push nonetheless.<\/p>\n

In an official post from \u2018Softie Daniel Brown entitled,\u00a0Microsoft Search in Bing and Office 365 ProPlus<\/a>, Microsoft seems to be saying that everyone who installs the latest patch for Office 365 ProPlus will have their default search engine in Google Chrome changed to Bing<\/a>.<\/p>\n

I fully expect someone with some sense at Microsoft will swoop down in the next week or two and rescind the decision. But until that happens, this stands as a browser hijacking threat of unprecedented proportions.<\/p>\n

Join us for the latest <\/em>on AskWoody.com<\/em><\/a>.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Thu, 23 Jan 2020 07:17:00 -0800<\/strong><\/p>\n

\n
\n

The big patching problems this month fell at the feet of admins who had to deal with an unholy mess of pressing exposures: Fixing the holes in Microsoft\u2019s RD Gateway (CVE-2020-0610; see Susan Bradley\u2019s Patch Watch<\/a>, paywalled); dealing with Server 2008 R2 systems that booted to Recovery mode<\/a> after installing the January patches; scrambling to pick up after breaches in Citrix networking products<\/a>; or the 334 Oracle security patches<\/a>. They all took a toll.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[10516,10909,13764,714,10525],"class_list":["post-17525","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-microsoft","tag-microsoft-office","tag-pcs","tag-security","tag-windows"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17525","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17525"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17525\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17525"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17525"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17525"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}