![](\"https:\/\/images.idgesg.net\/images\/article\/2017\/09\/windows_patch_security9-100734738-large.3x2.jpg\"\/)
<\/p>\n
Credit to Author: Woody Leonhard| Date: Tue, 10 Oct 2017 13:28:00 -0700<\/strong><\/p>\n It’s going to be a banner patching month.\u00a0I count 151 separate security patches<\/a>\u00a0and 48 Knowledge Base articles<\/a>,\u00a0as well as the odd Security Advisory.<\/p>\n The Windows patch Release Notes <\/a>point to four known bugs:<\/p>\n The cumulative update for Win10 Creators Update<\/a>, version 1703<\/strong>\u00a0\u2014 which sports dozens of fixes \u2014 has a couple of problems: Systems with support enabled for USB Type-C Connector System Software Interface (UCSI) may experience a blue screen or stop responding with a black screen when a system shutdown is initiated, and it may change Czech and Arabic languages to English for Microsoft Edge and other applications.<\/p>\n The cumulative update for Win10 Anniversary Update<\/a>, version 1607<\/strong>, has a handful of problems: Downloading updates using express installation files may fail, after installing a delta update package; the KB numbers appear twice under Installed Updates; and package users may see an error dialog that indicates that an application exception has occurred when closing some applications.\u00a0<\/p>\n The cumulative update for the original version of Win10<\/a>, usually called 1507<\/strong>, has a similar problem: Package users may see an error dialog that indicates that an application exception has occurred when closing some applications. Apparently this fix is only for the LTSC version.<\/p>\n The Monthly Rollup for Win7<\/a> also has an acknowledged bug: an error dialog that indicates that an application exception has occurred when closing some applications.<\/p>\n Martin Brinkmann has his usual exhaustive list on ghacks<\/a>:<\/p>\n Windows 7<\/strong>: 20 vulnerabilities of which 5 are rated critical, 15 important<\/p>\n Windows 8.1<\/strong>: 23 vulnerabilities of which 6 are rated critical, 17 important<\/p>\n Windows 10 version 1607<\/strong>: 29 vulnerabilities, 6 critical, 23 important<\/p>\n Windows 10 version 1703<\/strong>: 29 vulnerabilities of which 6 are rated critical, 23 important<\/p>\n SANS Internet Storm Center has released its list<\/a> \u2014 as has the Zero Day Initiative<\/a>.<\/p>\n There are some worrisome exposures that we\u2019ll be following closely:<\/p>\n CVE-2017-11779<\/strong>\u00a0\u2014 a major problem with DNS security, but it\u2019s only a problem if your DNS server has been overtaken. Nick Freeman at Bishop Fox<\/a> notes:<\/p>\n if an attacker controls your DNS server (e.g., through a man-in-the-middle attack or a malicious coffee-shop hotspot) \u2014\u00a0they can gain access to your system<\/strong>. This doesn\u2019t only affect web browsers \u2014 your computer makes DNS queries in the background all the time, and any query can be responded to in order to trigger this issue.<\/p>\n Sounds grisly, but Microsoft says<\/a> the flaw hasn\u2019t been exploited, and rates it as \u201cExploitation less likely.\u201d If somebody can hijack your DNS server, you\u2019re in a world of hurt anyway.<\/p>\n CVE-2017-11826<\/strong>\u00a0\u2014 a known, and exploited, zero-day attack in Word, discovered by Qihoo 360<\/a>. It\u2019s another attack that relies on disguising an RTF file as a Word DOC or DOCX, then using the good services of Word (or its Viewer) to pounce on your machine. The Microsoft security advisory<\/a> says it\u2019s been fixed this month in all versions of Word, the Word Viewer and the Office Compatibility Pack.\u00a0<\/p>\n Finally, Security Advisory ADV170012<\/strong> \u2014 Vulnerability in TPM could allow Security Feature Bypass<\/a> contains this little gotcha:<\/p>\n WARNING: Do NOT apply the TPM firmware update prior to applying the Windows operating system mitigation update. Doing so will render your system unable to determine if your system is affected. You will need this information to conduct full remedation.<\/p>\n ZDI goes on to explain:<\/p>\n The patch provided by Microsoft is only a temporary measure though, and here\u2019s where it gets truly complicated. The TPM manufacturers need to produce a firmware update to completely resolve this, as the bug itself is present in the TPM firmware \u2014 not in Windows itself. This patch is one of several designed to offer a workaround by generating software-based keys whenever possible. Even after a vendor\u2019s firmware update is applied, you\u2019ll need to re-generate new keys to replace the previously generated weak ones.<\/p>\n This is just a stop-gap measure and still requires manual intervention. When the actual firmware updates roll out from TPM vendors, the process will need to happen all over again \u2014 except this time, new TPM firmware needs to be installed on every affected device.<\/p>\n Sounds like it\u2019s going to be a woolly month.<\/p>\n As Computerworld<\/em>‘s\u00a0Gregg Keizer notes<\/a>, today marks the last update for the Windows 10 Fall Update (later called the November Update), version 1511. Those of you on the Long Term Servicing Channel (formerly the Long Term Servicing Branch) need not fear \u2014 1511 will be supported forever, or at least until Oct. 14, 2025. But those of you who don\u2019t have LTSC and its requisite Volume License with Software Assurance better move beyond 1511. Pro tip: If you\u2019re on 1511, move to 1703 before Oct. 17, after which it\u2019ll be much harder to avoid 1709.<\/p>\n Note that Microsoft has, in the past, released truly critical security patches for versions of Windows that are beyond end of life. Which is an interesting philosophical observation.<\/p>\n Today also memorializes the demise of Office 2007. No, you don\u2019t need to run out and buy Office 2016 or rent Office 365. But you do need to be aware that Office 2007 is going to sprout security holes \u2014 and you won\u2019t be getting any patches, unless Redmond relents and figures that fixing the elderly branches of the Office ecosystem is worth the time and effort.<\/p>\n Hit a problematic patch? Holler on the AskWoody Lounge<\/a>.<\/em><\/p>\n http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" Credit to Author: Woody Leonhard| Date: Tue, 10 Oct 2017 13:28:00 -0700<\/strong><\/p>\n It’s going to be a banner patching month.\u00a0I count 151 separate security patches<\/a>\u00a0and 48 Knowledge Base articles<\/a>,\u00a0as well as the odd Security Advisory.<\/p>\n The Windows patch Release Notes <\/a>point to four known bugs:<\/p>\n<\/p>\n