Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Corrine

Pages: [1] 2 3 ... 91
1
Microsoft released KB5004296, the monthly “C” release preview cumulative update with non-security improvements and fixes for Windows 10 Versions 21H1, 20H2, and 2004.

Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest LCU. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

For information about the types of updates released by Microsoft each month see Windows 10 update servicing cadence primer.

Update: To get the update, go to Settings > Update & Security > Windows Update. The link to download and install the update can be found in the Optional updates available area. To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows 10 update history

2
Adobe released an optional hotfix for Adobe Acrobat DC and Adobe Reader DC for Windows that addresses important bug fixes for vulnerabilities described in the corresponding security bulletins of Reader and Acrobat.

Release date:  July 29, 2021
Vulnerability identifier: None
Platform: Windows

Bug fixes

Installers
  • 4336133: Acrobat prompting to update browser/operating system on a machine with IE11 due to IE7 emulation mode being enforced in embedded IE mode.
Browser
  • 4334561: SAP: Fixing a GDI leak in Acrobat & Reader
Update or Complete Download:  Reader DC and Acrobat DC were updated to version 21.005.20060.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Release Notes

3
Microsoft released an out-of-band non-security quality improvement update described as follows:

Quote
"Addresses an issue with devices that do not comply with section 3.2.1 of the RFC 4556 specification. Noncompliant printers, scanners, and multifunction devices might not work when you use smart card authentication (PIV). This issue occurs after you install the July 13, 2021 update on domain controllers (DC) in your environment. For more information, see KB5005408."

Update:  This out-of-band update can only be obtained from the standalone package at the Microsoft Update Catalog website.

4
We're all familiar with "Update Tuesday" or "Patch Tuesday" on the second Tuesday of each month.  Those updates include both security and non-security updates.  However, even though I identify the monthly “C Updates as "release preview cumulative update with non-security improvements and fixes", here's a link to the official description of the Monthly quality updates in the event anyone has questions.

5
General Software News, Updates & Discussions / Windows 11 Life Cycle
« on: July 21, 2021, 06:06:24 PM »
From Lifecycle FAQ - Windows:

New versions of Windows 11 will be released once per year. Customers should always install the latest version before the current version reaches end of servicing to remain supported by Microsoft.

Servicing Timeline will be 36 months with 1 release per year for the following versions:

     Windows 11 Enterprise
     Windows 11 Education
     Windows 11 IoT Enterprise

Servicing Timeline will be 24 months with 1 release per year for the following versions:

     Windows 11 Pro
     Windows 11 Pro Education
     Windows 11 Pro for Workstations
     Windows 10 Home*

*Home edition does not support the deferral of feature updates and will therefore typically receive a new version of Windows 11 prior to the end-of-servicing date shown.

6
Security Alerts & Briefings / Oracle Java Security Update Released
« on: July 20, 2021, 09:27:10 PM »
Oracle released the scheduled security updates for its Java SE Runtime Environment software.

Important: The Edge browser does not support plug-ins. In the event you still have a need for Java, it will be necessary to use Firefox or open with Internet Explorer by selecting the "More Actions" option located at the top of the Edge browser and then click "Open with Internet Explorer. (See Windows 10 and Java.)

Update: Get Java SE Runtime Environment Version 8u301 from https://www.oracle.com/java/technologies/javase-jre8-downloads.html or https://java.com/en/download/manual.jsp.

7
Pale Moon has been updated to version 29.3.0.  This is a development, bugfix and security release.  Linux versions may be slightly delayed since the update was released earlier than planned.  

Due to the security patches in this update, it is strongly recommended that those who haven't updated from version 29.1.1 or older due to extension compatibility update now.

See the Release Notes for a long list of fixes as well as implementation notes.

Update:  To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

Release Notes

8
Mozilla sent Firefox Version 90.0.1 to the release channel today.

Update:  To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

Release Notes

9
Releasing Windows 10 Build 19043.1147 (21H1) to Release Preview Channel

NOTE: Windows Insiders in the Beta Channel on 21H1 will not receive this update. We will be flighting Windows 11 Insider Preview builds to these Insiders soon!

This update includes the following improvements:
  • We fixed an issue with searchindexer. After you sign out, searchindexer continues to hold handles to the per user search database in the profile path, “C:\Users\username\AppData\Roaming\Microsoft\Search\Data\Applications\\”. As a result, searchindexer stops working and duplicate profile names are created.
  • We fixed an issue that prevents gaming services from opening certain games for desktop users.
  • We fixed an issue that prevents you from entering text using the Input Method Editor (IME). This might occur, for example, after startup if you have set the power options to shut down a laptop by closing its lid.
  • We changed the functionality for uploading new activity into Timeline. If you sync your activity history across your devices using your Microsoft account (MSA), you cannot upload new activity into the Timeline. You can still use Timeline and see your activity history (information about recent apps, websites, and files) on your local device. This does not affect Azure Active Directory (AAD) accounts. To view web history, Microsoft Edge and other browsers provide the option to view recent web activities. You can also view recently used files using Microsoft OneDrive and Microsoft Office.
  • We fixed an issue that might cause the File Explorer window to lose focus when you are mapping a network drive.
  • We fixed an issue that causes File Explorer to stop working after reaching 99% completion when you are deleting many files on a mapped network drive.
  • We fixed a timing issue in the Group Policy Registry Telemetry that causes Group Policy extension processing to fail.
  • We fixed an issue that repeatedly rebuilds the Windows Filtering Platform (WFP) filters. This issue occurs when a device is enrolled in a mobile device management (MDM) service and “MDMWinsOverGP” is set.
  • We fixed an issue with an MDM service that fails to correctly apply certain junk mail rules.
  • We fixed an issue that always reports the update build revision (UBR) as zero (0) on a device during enrollment to an MDM service.
  • We fixed an issue that causes the enrollment of the Elliptic Curve Digital Signature Algorithm (ECDSA) certificate to fail with the error, “0x80090027 NTE_INVALID_PARAMETER”. This issue occurs when the Trusted Platform Module (TPM) provider (the Microsoft Software Key Storage Provider) stores the key.
  • We fixed an issue with auditing events 4624 and 5142 that display the wrong event template when Dutch is the display language.
  • We fixed an issue that causes System Integrity to leak memory.
  • We fixed an issue that plays the sound for selecting something in a game loudly when you press the trigger button on a game controller.
  • We fixed an issue that prevents power plans and Game Mode from working as expected. This results in lower frame rates and reduced performance while gaming.
  • We fixed an issue in which “Network Internal Access” appears on the taskbar network icon on systems that access the internet from certain domains.
  • We fixed an issue in which the Network Connectivity Status Indicator (NCSI) fails to detect internet connectivity after you connect to a virtual private network (VPN).
  • We fixed an issue that causes printing to stop or prints the wrong output. This issue occurs when you print using a USB connection after updating to Windows 10, version 2004 or later.
  • We fixed a rare issue that might degrade performance in applications that call Gdiplus.dll!GdipMeasureString in a tight loop with a new font on each call. This issue occurs after installing Windows updates released on and after February 2021.
  • We fixed an issue that incorrectly routes some audio channels when streaming using certain fixed channel layouts.
  • We fixed an issue that always displays devices that RemoteFX USB redirects as “Remote Desktop Generic USB Device” instead of the actual device name.
  • We fixed an issue in which Set-RDSessionCollectionConfiguration does not set the camerastoredirect:s:value custom property.
  • We fixed a Local Security Authority Subsystem Service (LSASS) domain controller memory leak that is reported in Privileged Access Management (PAM) deployments.
  • We fixed an issue that prevents you from accessing a network drive that maps to a Distributed File System (DFS) root after you sign out.
  • We fixed an issue that prevents you from reconnecting to mapped network drives after you sign in and displays an access denied error. This issue occurs if you use the net use /deep option to create multiple drive mappings to different paths on the same encrypted file share.
  • We fixed an issue that prevents access to files on a Server Message Block (SMB) share when you enable Access Enabled Enumeration (ABE).
  • We fixed an issue that prevents the Windows Server service from starting if SrvComment is greater than 128 characters.
  • We fixed an issue in the Windows Network File System (NFS) client that might prevent you from renaming a file after mounting an NFS share. This issue occurs if you rename the file using File Explorer, but does not occur if you rename the file using command line.
  • We fixed an issue with an unhandled Open File dialog critical exception. As a result, Microsoft Foundation Class (MFC) applications might close unexpectedly.
  • We fixed an issue in which the Storage Sense page in Settings might incorrectly report the size of some storage devices that use the GUID Partition Table (GPT). The affected devices will incorrectly report in Storage Sense that the size is twice as large as the size reported in File Explorer. Note: This issue does not affect storage devices that use a master boot record (MBR).

10
Announcing Windows 10 Insider Preview Build 19044.1147 (21H2)

Note:  This Build is ONLY going to Insiders who were moved from the Beta Channel to the Release Preview Channel because their PC did not meet the hardware requirements for Windows 11.  In addition, the build is going to those Insiders via the “seeker” experience in Windows Update. This means these Insiders will need to go to Settings > Update & Security > Windows Update and choose to download and install 21H2.  After updating to Windows 10, version 21H2, new 21H2 updates will be received automatically through Windows Update.

Improvements:
  • We fixed an issue with searchindexer. After you sign out, searchindexer continues to hold handles to the per user search database in the profile path, “C:\Users\username\AppData\Roaming\Microsoft\Search\Data\Applications\\”. As a result, searchindexer stops working and duplicate profile names are created.
  • We fixed an issue that prevents gaming services from opening certain games for desktop users.
  • We fixed an issue that prevents you from entering text using the Input Method Editor (IME). This might occur, for example, after startup if you have set the power options to shut down a laptop by closing its lid.
  • We changed the functionality for uploading new activity into Timeline. If you sync your activity history across your devices using your Microsoft account (MSA), you cannot upload new activity into the Timeline. You can still use Timeline and see your activity history (information about recent apps, websites, and files) on your local device. This does not affect Azure Active Directory (AAD) accounts. To view web history, Microsoft Edge and other browsers provide the option to view recent web activities. You can also view recently used files using Microsoft OneDrive and Microsoft Office.
  • We fixed an issue that might cause the File Explorer window to lose focus when you are mapping a network drive.
  • We fixed an issue that causes File Explorer to stop working after reaching 99% completion when you are deleting many files on a mapped network drive.
  • We fixed a timing issue in the Group Policy Registry Telemetry that causes Group Policy extension processing to fail.
  • We fixed an issue that repeatedly rebuilds the Windows Filtering Platform (WFP) filters. This issue occurs when a device is enrolled in a mobile device management (MDM) service and “MDMWinsOverGP” is set.
  • We fixed an issue with an MDM service that fails to correctly apply certain junk mail rules.
  • We fixed an issue that always reports the update build revision (UBR) as zero (0) on a device during enrollment to an MDM service.
  • We fixed an issue that causes the enrollment of the Elliptic Curve Digital Signature Algorithm (ECDSA) certificate to fail with the error, “0x80090027 NTE_INVALID_PARAMETER”. This issue occurs when the Trusted Platform Module (TPM) provider (the Microsoft Software Key Storage Provider) stores the key.
  • We fixed an issue with auditing events 4624 and 5142 that display the wrong event template when Dutch is the display language.
  • We fixed an issue that causes System Integrity to leak memory.
  • We fixed an issue that plays the sound for selecting something in a game loudly when you press the trigger button on a game controller.
  • We fixed an issue that prevents power plans and Game Mode from working as expected. This results in lower frame rates and reduced performance while gaming.
  • We fixed an issue in which “Network Internal Access” appears on the taskbar network icon on systems that access the internet from certain domains.
  • We fixed an issue in which the Network Connectivity Status Indicator (NCSI) fails to detect internet connectivity after you connect to a virtual private network (VPN).
  • We fixed an issue that causes printing to stop or prints the wrong output. This issue occurs when you print using a USB connection after updating to Windows 10, version 2004 or later.
  • We fixed a rare issue that might degrade performance in applications that call Gdiplus.dll!GdipMeasureString in a tight loop with a new font on each call. This issue occurs after installing Windows updates released on and after February 2021.
  • We fixed an issue that incorrectly routes some audio channels when streaming using certain fixed channel layouts.
  • We fixed an issue that always displays devices that RemoteFX USB redirects as “Remote Desktop Generic USB Device” instead of the actual device name.
  • We fixed an issue in which Set-RDSessionCollectionConfiguration does not set the camerastoredirect:s:value custom property.
  • We fixed a Local Security Authority Subsystem Service (LSASS) domain controller memory leak that is reported in Privileged Access Management (PAM) deployments.
  • We fixed an issue that prevents you from accessing a network drive that maps to a Distributed File System (DFS) root after you sign out.
  • We fixed an issue that prevents you from reconnecting to mapped network drives after you sign in and displays an access denied error. This issue occurs if you use the net use /deep option to create multiple drive mappings to different paths on the same encrypted file share.
  • We fixed an issue that prevents access to files on a Server Message Block (SMB) share when you enable Access Enabled Enumeration (ABE).
  • We fixed an issue that prevents the Windows Server service from starting if SrvComment is greater than 128 characters.
  • We fixed an issue in the Windows Network File System (NFS) client that might prevent you from renaming a file after mounting an NFS share. This issue occurs if you rename the file using File Explorer but does not occur if you rename the file using command line.
  • We fixed an issue with an unhandled Open File dialog critical exception. As a result, Microsoft Foundation Class (MFC) applications might close unexpectedly.
  • We fixed an issue in which the Storage Sense page in Settings might incorrectly report the size of some storage devices that use the GUID Partition Table (GPT). The affected devices will incorrectly report in Storage Sense that the size is twice as large as the size reported in File Explorer. Note: This issue does not affect storage devices that use a master boot record (MBR).

11
LandzDown Lounge / Phishing Derby
« on: July 13, 2021, 06:04:51 PM »
ESET is having a contest.  See if you can spot suspicious emails and other phishing attempts. (ESET is also offering prizes.)

Phishing Derby

12
Security Alerts & Briefings / Microsoft July 2021 Security Updates
« on: July 13, 2021, 05:16:42 PM »
The Microsoft July 2021 security updates have been released and consist of 117 CVEs. Of these CVEs, 13 are rated Critical, 103 are rated Important, and one is rated moderate in severity.

According to Microsoft, six of these bugs are publicly known and four are under active attack at the time of release.

The updates apply to the following products: Microsoft Windows, Dynamics, Exchange Server, Microsoft Office, Windows Storage Spaces Controller, Bing, SharePoint Server, Internet Explorer (IE), Visual Studio, and OpenEnclave.

See the KBs listed at June 2021 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates.

Recommended Reading: See Dustin Childs review and analysis in Zero Day Initiative -- The July 2021 Security Update Review.

13
Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.
 
Release date:  July 13, 2021
Vulnerability identifier: APSB21-51
Platform: Windows and MacOS

Update or Complete Download

Reader DC and Acrobat DC were updated to version 21.005.20058.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

References

14
Mozilla sent Firefox Version 90.0 to the release channel today.  The update includes eight security updates of which five (5) are rated high and four (4) are rated moderate.

Firefox ESR was updated to Version 78.12.

To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

References

Security Updates
Release Notes
Rapid Release Calendar

15
Microsoft released an out-of-band update to address CVE-2021-34527, Windows Print Spooler Remote Code Execution Vulnerability for Windows 10 Versions 21H1, 20H2, 2004, 1909, 1809, 1803, 1507, and Windows 8.1

Although at the time of this posting, the KB Articles are not accessible yet, the Windows versions and assigned KB Articles are as follows:

Update:  To get the update, go to Settings > Update & Security > Windows Update.  The link to download and install the update can be found in the Optional updates available area.  To get the standalone package, go to the
Microsoft Update Catalog website.

Update history for Windows 10

Pages: [1] 2 3 ... 91