{"id":9804,"date":"2017-10-11T04:30:01","date_gmt":"2017-10-11T12:30:01","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/10\/11\/news-3577\/"},"modified":"2017-10-11T04:30:01","modified_gmt":"2017-10-11T12:30:01","slug":"news-3577","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/10\/11\/news-3577\/","title":{"rendered":"Early reports of myriad Microsoft Patch Tuesday problems"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/images.idgesg.net\/images\/article\/2017\/09\/windows_patch_security5-100734739-large.3x2.jpg\"\/><\/p>\n<p><strong>Credit to Author: Woody Leonhard| Date: Wed, 11 Oct 2017 04:28:00 -0700<\/strong><\/p>\n<p>This month\u2019s <a href=\"https:\/\/www.computerworld.com\/article\/3230140\/microsoft-windows\/another-banner-patch-tuesday-with-a-word-zero-day-and-several-bugs.html\">massive bundle<\/a> of Patch Tuesday patches almost certainly contains more than a few surprises, and they\u2019re only starting to surface. Here\u2019s a rundown of what I\u2019ve seen in the wee hours of Wednesday morning.<\/p>\n<p>There are lots of reports of delayed, failed and rolled back installations of <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4041676\/windows-10-update-kb4041676\" rel=\"nofollow\">KB 4041676<\/a>, the Win10 Creators Update (version 1703) monthly cumulative update, which brings 1703 up to build 15063.674. A quick glance at the KB article confirms that there are dozens and dozens of fixes in this cumulative update \u2014 a remarkable state of affairs, considering the Fall Creators Update, version 1709, is due on Oct. 17.<\/p>\n<p>Overnight, <a href=\"http:\/\/www.borncity.com\/blog\/2017\/10\/11\/windows-10-v1703-installationsprobleme-bei-kb4041676\/\" rel=\"nofollow\">G\u00fcnter Born<\/a> and <a href=\"http:\/\/news.softpedia.com\/news\/windows-10-cumulative-update-kb4041676-fails-to-install-freezes-during-download-517987.shtml\" rel=\"nofollow\">Bogdan Popa<\/a> accumulated long lists of people reporting problems with the update, including reports of <a href=\"https:\/\/www.reddit.com\/r\/Windows10\/comments\/75iff0\/october_windows_10_cumulative_updates_are_out\/\" rel=\"nofollow\">hangs<\/a>, <a href=\"https:\/\/answers.microsoft.com\/en-us\/windows\/forum\/windows_10-windows_install-winpc\/my-computer-keeps-restarting-because-windows\/6bd536d4-0beb-4331-b663-db06fc293bfb\" rel=\"nofollow\">uncontrolled restarts<\/a>, and <a href=\"https:\/\/answers.microsoft.com\/en-us\/windows\/forum\/windows_10-update-winpc\/problems-downloading-cumulative-update-for-windows\/f1868501-ebcc-4b31-a82d-c8cc8a7f7dd3\" rel=\"nofollow\">exceedingly slow downloads<\/a>. Born <a href=\"http:\/\/www.borncity.com\/blog\/2017\/10\/11\/windows-10-v1703-installationsprobleme-bei-kb4041676\/\" rel=\"nofollow\">reports<\/a> that the source of some problems may be attributable to Norton. If you\u2019re having problems, my <a href=\"https:\/\/www.computerworld.com\/article\/2990931\/microsoft-windows\/windows-10-installation-problems-and-what-to-do-about-them.html\">long-standing advice<\/a> for cleaning things up and running the Update Troubleshooter may help.<\/p>\n<p>For those of you wondering what happened to this month\u2019s Flash security patches, there\u2019s a surprising answer: You aren\u2019t seeing any Adobe security patches this month because there aren\u2019t any! <a href=\"https:\/\/helpx.adobe.com\/flash-player\/release-note\/fp_27_air_27_release_notes.html\" rel=\"nofollow\">All of this month\u2019s patches<\/a> are quality updates, er, bug fixes.<\/p>\n<p>@PKCano on AskWoody has <a href=\"https:\/\/askwoody.com\/forums\/topic\/patch-tuesday-patches-are-out-2\/#post-136382\" rel=\"nofollow\">confirmed<\/a> that there were no .NET Security-only updates this month. All of the .NET updates contain non-security patches only.<\/p>\n<p><a href=\"https:\/\/askwoody.com\/forums\/topic\/patch-tuesday-patches-are-out-2\/#post-136435\" rel=\"nofollow\">@MrBrian<\/a> found this little gem in two Microsoft posts:<\/p>\n<p>All updates for .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 require the D3 Compiler to be installed. We recommend that you install the included D3 Compiler before applying this update. For more information about the D3 Compiler, see KB 4019990.<\/p>\n<p>MrBrian goes on to note<\/p>\n<p>On a Windows 7 x64 virtual machine with no Windows monthly rollups installed, and .NET Framework 4.6.1 installed, Windows Update does not list the October 2017 .NET Framework monthly rollup\u2026 But the manual installer for the October 2017 .NET Framework monthly rollup successfully installed. Ugh!<\/p>\n<p>Tero Alhonen has <a href=\"https:\/\/twitter.com\/teroalhonen\/status\/918006218093887489\" rel=\"nofollow\">important information<\/a> about the TPM vulnerability. You may recall that Microsoft\u2019s <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/ADV170012\" rel=\"nofollow\">Security Advisory ADV170012<\/a> contains the warning:<\/p>\n<p>Do NOT apply the TPM firmware update prior to applying the Windows operating system mitigation update. Doing so will render your system unable to determine if your system is affected. You will need this information to conduct full remedation.<\/p>\n<p>And ZDI illuminates:<\/p>\n<p>This is just a stop-gap measure and still requires manual intervention. When the actual firmware updates roll out from TPM vendors, the process will need to happen all over again \u2014 except this time, new TPM firmware needs to be installed on every affected device.<\/p>\n<p>Which is enough to tie any admin in knots. Alhonen offers some insight:<\/p>\n<p>If your hardware is a Surface device, firmware updates are yet not available as of October 10, 2017. Surface Laptop and the Surface Pro (released in June 2017) are NOT affected\u2026 [for Surface Pro 3] Infineon firmware version 5.0 TPM is not safe. Please update your firmware.<\/p>\n<p>If you\u2019re patching the 2015 LTSC version of Windows 10, you need to see Microsoft&#8217;s \u00a0admission that the Windows Presentation Framework may get munged. <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4048718\/wpf-crashes-after-the-october-2017-security-and-monthly-quality-rollup\" rel=\"nofollow\">WPF crashes after the October 2017 Security and Monthly Quality Rollup is applied on Windows 10 version 1507 that has Microsoft .NET Framework 4.6.2 installed.<\/a><\/p>\n<p>There\u2019s also a lot of confusion about Microsoft\u2019s <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/CVE-2017-11776\" rel=\"nofollow\">explanation for its fix<\/a> of CVE-2017-11776. Microsoft says: \u201cAn attacker who exploited the vulnerability could use it to obtain the email content of a user,\u201d when in fact no attack is necessary. The <a href=\"https:\/\/www.sec-consult.com\/en\/blog\/2017\/10\/fake-crypto-microsoft-outlook-smime-cleartext-disclosure-cve-2017-11776\/index.html\" rel=\"nofollow\">SEC-Consult blog<\/a> has a detailed explanation:<\/p>\n<p>If you used Outlook\u2019s S\/MIME encryption in the past 6 months (at least, we are still waiting for Microsoft to release detailed information and update the blog) your mails might not have been encrypted as expected. In the context of encryption this can be considered a worst-case bug.<\/p>\n<p>Kevin Beaumont (@GossiTheDog) has tied the pieces together and concluded:<\/p>\n<p>Outlook S\/MIME bug is absolutely reproducible, I just did it. Does not need an attacker. Microsoft have classified it wrong.<\/p>\n<p>So if you used Outlook\u2019s S\/MIME encryption for text emails in the past six months, your emails haven\u2019t been encrypted at all. The \u201cencrypted\u201d emails went out in plain text, no antivirus backdoor required. Gotcha.<\/p>\n<p>No definitive word as yet on whether the Win 8.1 Monthly Rollup, <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4041693\" rel=\"nofollow\">KB 4041693<\/a>, or the Security-only update, <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4041687\" rel=\"nofollow\">KB 4041687<\/a>, fix the baffling problem where Win 8.1 customers <a href=\"https:\/\/www.computerworld.com\/article\/3228104\/microsoft-windows\/win-81-monthly-rollup-leaves-customers-unable-to-use-microsoft-account.html\">can\u2019t sign in with a Microsoft account<\/a>. That bug was introduced in the September Monthly Rollup. The topic isn\u2019t even mentioned in the KB articles.<\/p>\n<p>\u2026 and it\u2019s been less than a day since the patches rolled out.<\/p>\n<p><em>Got a patching problem? Hit us on the <a href=\"https:\/\/askwoody.com\/forums\/topic\/patch-tuesday-patches-are-out-2\/#post-136562\" rel=\"nofollow\">AskWoody Lounge<\/a>.<\/em><\/p>\n<p><a href=\"https:\/\/www.computerworld.com\/article\/3232624\/microsoft-windows\/early-reports-of-myriad-microsoft-patch-tuesday-problems.html#tk.rss_security\" target=\"bwo\" >http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/images.idgesg.net\/images\/article\/2017\/09\/windows_patch_security5-100734739-large.3x2.jpg\"\/><\/p>\n<p><strong>Credit to Author: Woody Leonhard| Date: Wed, 11 Oct 2017 04:28:00 -0700<\/strong><\/p>\n<article>\n<section class=\"page\">\n<p>This month\u2019s <a href=\"https:\/\/www.computerworld.com\/article\/3230140\/microsoft-windows\/another-banner-patch-tuesday-with-a-word-zero-day-and-several-bugs.html\">massive bundle<\/a> of Patch Tuesday patches almost certainly contains more than a few surprises, and they\u2019re only starting to surface. Here\u2019s a rundown of what I\u2019ve seen in the wee hours of Wednesday morning.<\/p>\n<p>There are lots of reports of delayed, failed and rolled back installations of <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4041676\/windows-10-update-kb4041676\" rel=\"nofollow\">KB 4041676<\/a>, the Win10 Creators Update (version 1703) monthly cumulative update, which brings 1703 up to build 15063.674. A quick glance at the KB article confirms that there are dozens and dozens of fixes in this cumulative update \u2014 a remarkable state of affairs, considering the Fall Creators Update, version 1709, is due on Oct. 17.<\/p>\n<p class=\"jumpTag\"><a href=\"\/article\/3232624\/microsoft-windows\/early-reports-of-myriad-microsoft-patch-tuesday-problems.html#jump\">To read this article in full or to leave a comment, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714,10525],"class_list":["post-9804","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security","tag-windows"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/9804","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=9804"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/9804\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=9804"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=9804"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=9804"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}