{"id":17159,"date":"2019-12-11T08:30:04","date_gmt":"2019-12-11T16:30:04","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/12\/11\/news-10895\/"},"modified":"2019-12-11T08:30:04","modified_gmt":"2019-12-11T16:30:04","slug":"news-10895","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2019\/12\/11\/news-10895\/","title":{"rendered":"Patch Tuesday brings a reprise of the Autopilot debacle, now quashed, and another Win7 nag"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Wed, 11 Dec 2019 07:33:00 -0800<\/strong><\/p>\n

Patch Tuesday in December rarely brings anything worthwhile\u00a0\u2014 everybody\u2019s on vacation, or wants to be on vacation\u00a0\u2014 and this month\u2019s no exception. We got patches for 36 separately identified security holes and two new advisories, full of sound and fury but covering very little.<\/span><\/p>\n

The one \u201cexploited\u201d security hole\u00a0\u2014\u00a0<\/span>CVE-2019-1458<\/span><\/a> Win32k Elevation of Privilege Vulnerability\u00a0\u2014 shouldn\u2019t cause any heartburn. Microsoft <\/span>says<\/span><\/a>:<\/span><\/p>\n

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.<\/span><\/p>\n

Then Microsoft gives the hole an \u201cImportant\u201d severity rating, a big step below the \u201cCritical\u201d that\u2019s <\/span>de rigeur<\/span><\/i>. Short version: Although you need to patch sooner or later, you don\u2019t need to worry about any of the security holes right now.<\/span><\/p>\n

Remember back in October when Microsoft mysteriously pushed out a patch for Autopilot, a little-known app that helps companies set up new machines? I wrote about it in “<\/span>Microsoft pushes, then yanks, rogue kinda-security patch KB 4523786, ostensibly for Autopilot<\/span><\/a>.”\u00a0<\/span><\/p>\n

Looks like the cows are out of the barn again. Microsoft released KB 4532441 yesterday, the latest \u201cCumulative update for Autopilot in Windows 10, versions 1903 and 1909: December 10, 2019.\u201d Once again, many folks saw that they were being offered the patch (although this time it apparently only went out to 1903 and 1909 Pro customers). Once again, the patch was offered repeatedly, even after it was installed properly. Once again, Microsoft yanked the patch, then <\/span>updated the KB article<\/span><\/a> to say:<\/span><\/p>\n

This update was available through Windows Update. However, we have removed it because it was being offered incorrectly. When an organization registers or configures a device for Windows Autopilot deployment, the device setup automatically updates Windows Autopilot to the latest version.<\/span><\/p>\n

Note<\/strong>\u00a0There is no effect on Windows Autopilot being offered to Windows 10 devices. If you were offered this update and do not use Autopilot, installing this update will not affect you. Windows Autopilot update should not be offered to Windows 10 Home.<\/span><\/p>\n

Those who cannot remember the past are condemned to repeat it.<\/span><\/p>\n

In addition to the usual laundry list of patches, we also saw:<\/span><\/p>\n

A new <\/span>Malicious Software Removal Tool<\/strong>. Folks who downloaded the patches early may have missed it, because MS didn\u2019t push it until several hours after the initial patching payload.<\/span><\/p>\n

Updates for <\/span>.Net Framework<\/strong> 3.5.x, 4.6.x, 4.7.x, 4.8 and more. Dozens of them. Martin Brinkmann has the full list <\/span>on ghacks.net<\/span><\/a>.<\/span><\/p>\n

As well as the usual assortment of O<\/a><\/span>ffice security patches<\/span><\/a>.<\/span><\/p>\n

There are new Servicing Stack Updates for Server 2008 and Server 2012, with manual download links as usual in <\/span>ADV990001<\/span><\/a>. If you don\u2019t know about Servicing Stack Updates, don\u2019t sweat it.<\/span><\/p>\n

December\u2019s Windows 7\/Server 2008 R2 Monthly Rollup brings a full-screen nag for upgrading to Windows 10, due to appear starting on January 15. Here\u2019s what <\/span>Microsoft says<\/span><\/a>:<\/span><\/p>\n

IMPORTANT<\/strong> Starting on January 15, 2020, a full-screen notification will appear that describes the risk of continuing to use Windows 7 Service Pack 1 after it reaches end of support on January 14, 2020. The notification will remain on the screen until you interact with it. This notification will only appear on the following editions of Windows 7 Service Pack 1:<\/span><\/p>\n

Note <\/strong>The notification will not appear on domain-joined machines or machines in kiosk mode.<\/span><\/p>\n

Remarkably, the Security-only patch,\u00a0KB 4530692, doesn\u2019t include the nag, which is embodied in the program EOSNotify.exe. Apparently the nag will only appear once, take up the whole screen and, once you\u2019ve dismissed it, never return again. You\u2019ll be forgiven if you recall similar promises during the \u201cGet Windows 10\u201d GWX campaign<\/a>.<\/span><\/p>\n

For those of you who can\u2019t be bothered to dismiss the nag screen (or worry that it won\u2019t go away as easily as Microsoft says), you can set this registry key:<\/span><\/p>\n

HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionEOSNotify<\/span><\/p>\n

To have the value “DiscontinueEOS”=dword:00000001<\/span><\/p>\n

We\u2019ll be covering that nag and its aftereffects extensively as details unfold. Remember that more than a quarter of all Windows users are on Win7.<\/span><\/p>\n

Watch the bugs come out of the, uh, woodwork <\/span><\/i>on AskWoody<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Wed, 11 Dec 2019 07:33:00 -0800<\/strong><\/p>\n

\n
\n

Patch Tuesday in December rarely brings anything worthwhile\u00a0\u2014 everybody\u2019s on vacation, or wants to be on vacation\u00a0\u2014 and this month\u2019s no exception. We got patches for 36 separately identified security holes and two new advisories, full of sound and fury but covering very little.<\/span><\/p>\n

The one \u201cexploited\u201d security hole\u00a0\u2014\u00a0<\/span>CVE-2019-1458<\/span><\/a> Win32k Elevation of Privilege Vulnerability\u00a0\u2014 shouldn\u2019t cause any heartburn. Microsoft <\/span>says<\/span><\/a>:<\/span><\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[10516,714,10525],"class_list":["post-17159","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-microsoft","tag-security","tag-windows"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17159","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17159"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17159\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17159"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17159"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17159"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}