Connect with us

Tech

Microsoft will provide a solid Windows-focused update to the June patch on Tuesday

Published

on

 


The June patch Tuesday update, released on June 14, addresses 55 vulnerabilities in Windows, SQL Server, Microsoft Office, and Visual Studio (although this month is a Microsoft Exchange Server or Adobe update. There is a program). Also, a zero-day vulnerability in the major Windows component CVE-2022-30190 recommended Patch Now for Windows, but .NET, Office, and SQL Server updates can be included in the standard release schedule. ..

See this infographic for more information on the risks of deploying these patch Tuesday updates.

Key test scenarios

We have categorized the high-risk group and standard-risk group test scenarios in light of the many changes included in this June patch cycle.

These high-risk changes may include feature changes, may obsolete existing features, and may require new test plans. Test signed drivers on all platforms (x86, 64-bit) using physical and virtual machines (BIOS and UEFI). ) ::

Runs applications with signed and unsigned binaries (.EXE and .DLL). Run signed and unsigned drivers. Do not load unsigned drivers. The signed driver will be loaded. Use a SHA-1 signed driver and a SHA-2 signed driver.

Each of these high-risk test cycles should include manual shutdowns, restarts, and restarts. The following changes are not documented as containing functional changes, but at least “smoke testing” is required before general deployment.

Test a remote Credential Guard scenario. (These tests require Kerberos authentication and can only be used with the RDP protocol.) Test the Hyper-V server and start / stop / restart the virtual machine (VM). For remote VSS deployments over SMB, use a VSS-enabled backup application to perform shadow copy operations. Test deploy the sample application using AADJ and Intune. Make sure you deploy and revoke access as part of the test cycle.

In addition to these standard test guidelines, we recommend that all core applications have a testing regime that includes self-healing, uninstalling, and updating. This is due to this month’s Windows Installer (MSI) changes. There is a shortage of IT departments to test application portfolio update, repair, and uninstall features. We encourage you to challenge each application package as part of a quality assurance (QA) process that includes key application lifecycle stages of installation, activation, update, repair, and uninstallation.

If you do not test these steps, your IT system can at least be in an undesired state and will be in an unknown state.

Known issues

Every month, Microsoft publishes a list of known operating system and platform-related issues that affect this cycle. This month, we need to consider the following complex changes:

After you install this June update, Windows devices that use certain GPUs may cause your application to quit unexpectedly or have intermittent issues. Microsoft has published KB articles for Windows 11 (KB5013943) and Windows 10, version 21H2, all editions (KB5013942). There is no solution to these reported issues yet. After installing this month’s update, some .NET Framework 3.5 apps may have issues or may not be able to open. Microsoft states that this issue can be mitigated by re-enabling .NET Framework 3.5 and the Windows Communication Foundation in Windows Features.

As you may know, Microsoft released an out-of-band update (OOB) last month (May 19th). This update affected the following core Windows Server-based networking features:

The security vulnerabilities addressed by this OOB update only affect servers acting as domain controllers and application servers that are authenticated against domain controller servers. Desktop platforms are not affected. Due to this earlier patch, Microsoft recommends that you install this June update on any intermediate or application server that first passes the certificate of authentication from the authenticated client to the domain controller (DC). I am. Then install this update on all DC role computers. Alternatively, pre-populate 0x1F for CertificateMappingMethods as described in the Registry Key Information section of KB5014754 for all DCs. Remove the CertificateMappingMethods registry setting only after the June 14 update is installed on all intermediate or application servers and all DCs.

do you understand? Ironically, it’s important to note that the most detailed and order-specific set of instructions Microsoft has ever published is deeply buried in the middle of a very long technical article. We look forward to your attention.

Major revisions

Fewer “new” patches have been released this month, but there are many updated and newly released patches from the previous month.

CVE-2021-26414: Bypassing security features for Windows DCOM servers. With this month’s update installed, the DCOM server RPC_C_AUTHN_LEVEL_PKT_INTEGRITY will be enabled by default. Customers who need to do this can disable it using the RequireIntegrityActivationAuthenticationLevel registry key. Microsoft has published KB5004442 to assist with the required configuration changes. CVE-2022-23267: NET and Visual Studio denial of service vulnerability. This is a minor update for the affected application (currently affecting the MAC platform). No further action is required. CVE-2022-24513: Visual Studio privilege elevation vulnerability. This is a minor update to the list of affected applications (currently affecting the MAC platform). No further action is required. CVE-2022-24527: Microsoft Endpoint Configuration Manager privilege elevation. This major update for this patch is a bit confusing. This patch was incorrectly assigned to the Windows Security Updates group. Microsoft has removed this endpoint manager from the Windows group and provided the following options for accessing and installing this hotfix. Upgrade to the current branch version 2203 (build 5.00.9078) of Configuration Manager, which is available as an update in the console. .. For more information, see the Configuration Manager update 2203 installation checklist. Apply the hotfix. Customers who are running version 2111 from Microsoft Endpoint Configuration Manager version 1910 and cannot install Configuration Manager Update 2203 (build 5.00.9078) can download and install the hotfix KB12819689. CVE-2022-26832: .NET Framework denial of service vulnerability. This update includes coverage for the following affected platforms: Windows 10 version 1607, Windows Server 2016, and Windows Server 2016 (Server Core installation). No further action is required. CVE-2022-30190: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. This patch is personal and was affected by this issue of significantly improving server performance. If you have problems with MSDT, you should read the MSRC blogpost for detailed instructions on updating and mitigating. To fix the problem, I had to disable the MSDTURL protocol, which has its own problem.

I think you can safely handle Visual Studio updates. Also, implementing endpoint configuration manager changes can be time consuming, but neither change has a significant test profile. DCOM changes are different and difficult to test, and business owners typically need to validate business logic and desired results, as well as install / instantiate DCOM objects. Make sure you have a complete list of all applications that rely on DCOM and run business logic tests. Otherwise, you may experience unpleasant surprises in troubleshooting scenarios that are very difficult to debug.

Mitigation and workarounds

In this patch on Tuesday, Microsoft released one important mitigation for a serious vulnerability in Windows.

CVE-2022-30136: Remote code execution vulnerability in Windows Network File System. This is the first time I’ve seen it, but as a mitigation, I highly recommend installing the May 2022 update first. Once complete, you can reduce the attack surface by disabling NFSV4.1 using the following PowerShell command: “PS C: \ Set-NfsServerConfiguration -EnableNFSV4 $ false”

You must restart the target server to make this change.

Each month, the update cycle is categorized into product families (defined by Microsoft) in the following basic groupings:

Browsers (Microsoft IE and Edge); Microsoft Windows (both desktop and server); Microsoft Office; Microsoft Exchange; Microsoft Development Platforms (ASP.NET Core, .NET Core, and Chakra Core); Adobe (Retired ???, maybe next year).browser

There is a welcome trend towards fewer and fewer significant updates to the entire Microsoft browser portfolio. During this cycle, Microsoft released five updates to the Chromium version of Edge. All of these have a low risk of deploying and resolving the following reported vulnerabilities:

The main reason for this downtrend in browser-related security issues is the decline and current abolition of Internet Explorer (IE). IE is no longer officially supported this July. According to Microsoft, the future of Microsoft’s browser is Edge. Microsoft has provided a video overview of Internet Explorer’s retirement. Add these Chromium / Edge browser updates to the standard application release schedule.

Windows

Thirty-three of the 55 patch Tuesday updates this month, the Windows platform is the main focus, especially given the low-risk, unobtrusive updates to Microsoft browsers, Office, and the development platform (.NET). Windows Update covers a wide range of features including NTFS, Windows networks, codec (media) libraries, Hyper-V and Docker components. As mentioned earlier, the most difficult parts to test and troubleshoot are kernel updates and the Local Security Authority Subsystem (LSASS). Microsoft recommends a ring-based deployment approach. This works well with this month’s update, primarily due to the large number of core infrastructure changes that need to be captured in early testing. (Microsoft has released another video about the Windows 11 platform changes this month, which you can find here.)

Microsoft has fixed a widely exploited zero-day vulnerability in Windows Follina MSDT as CVE-2022-30190. As a result, three other important updates (CVE-2022-30136, CVE-2022-3063, and CVE-2020-30139) are “Patch Now” recommendations.

Microsoft office

Microsoft has released seven updates for the Microsoft Office platforms (SharePoint, Excel, and Office Core Foundation libraries), all of which were rated as important. Updating the SharePoint server is relatively low risk, but you need to restart the server. At first I was worried about the RCE vulnerability in Excel, but after a review, it seems that the remote code execution remote is referencing the attacker’s location. This Excel vulnerability is an arbitrary code execution vulnerability. Considering that it requires user interaction and access to the local target system, the risk is greatly reduced. Add these discreet Office updates to your standard patch deployment schedule.

Microsoft Exchange Server

There is a SQL server update this month, but no Microsoft Exchange Server update in June. This is good news.

Microsoft development platform

Microsoft has released a single, relatively low-risk (CVE-2022-30184) update to the .NET and Visual Studio platforms. If you’re using a Mac (I love the Mac version of Code), Microsoft recommends updating to Mac Visual Studio 2022 (still in preview) as soon as possible. As of July (yes, next month), the Mac version of Visual Studio 2019 will no longer be supported. And yes, it’s tough to lose patch support in the same month that the next version is released. Add this single .NET update to the standard development patch release schedule.

Adobe (actually, only the leader)

There are no Adobe Reader or Acrobat updates in this cycle. Adobe has released security bulletins for other applications (not related to Acrobat or PDF). All of these applications are rated at a minimum of Level 3 by Adobe. This is welcome as there will be a lot of work with the printer in the coming weeks.

Copyright © 2022 IDG Communications, Inc.

Sources

1/ https://Google.com/

2/ https://www.computerworld.com/article/3664171/microsoft-delivers-solid-windows-focused-updates-for-junes-patch-tuesday.html

The mention sources can contact us to remove/changing this article

What Are The Main Benefits Of Comparing Car Insurance Quotes Online

LOS ANGELES, CA / ACCESSWIRE / June 24, 2020, / Compare-autoinsurance.Org has launched a new blog post that presents the main benefits of comparing multiple car insurance quotes. For more info and free online quotes, please visit https://compare-autoinsurance.Org/the-advantages-of-comparing-prices-with-car-insurance-quotes-online/ The modern society has numerous technological advantages. One important advantage is the speed at which information is sent and received. With the help of the internet, the shopping habits of many persons have drastically changed. The car insurance industry hasn't remained untouched by these changes. On the internet, drivers can compare insurance prices and find out which sellers have the best offers. View photos The advantages of comparing online car insurance quotes are the following: Online quotes can be obtained from anywhere and at any time. Unlike physical insurance agencies, websites don't have a specific schedule and they are available at any time. Drivers that have busy working schedules, can compare quotes from anywhere and at any time, even at midnight. Multiple choices. Almost all insurance providers, no matter if they are well-known brands or just local insurers, have an online presence. Online quotes will allow policyholders the chance to discover multiple insurance companies and check their prices. Drivers are no longer required to get quotes from just a few known insurance companies. Also, local and regional insurers can provide lower insurance rates for the same services. Accurate insurance estimates. Online quotes can only be accurate if the customers provide accurate and real info about their car models and driving history. Lying about past driving incidents can make the price estimates to be lower, but when dealing with an insurance company lying to them is useless. Usually, insurance companies will do research about a potential customer before granting him coverage. Online quotes can be sorted easily. Although drivers are recommended to not choose a policy just based on its price, drivers can easily sort quotes by insurance price. Using brokerage websites will allow drivers to get quotes from multiple insurers, thus making the comparison faster and easier. For additional info, money-saving tips, and free car insurance quotes, visit https://compare-autoinsurance.Org/ Compare-autoinsurance.Org is an online provider of life, home, health, and auto insurance quotes. This website is unique because it does not simply stick to one kind of insurance provider, but brings the clients the best deals from many different online insurance carriers. In this way, clients have access to offers from multiple carriers all in one place: this website. On this site, customers have access to quotes for insurance plans from various agencies, such as local or nationwide agencies, brand names insurance companies, etc. "Online quotes can easily help drivers obtain better car insurance deals. All they have to do is to complete an online form with accurate and real info, then compare prices", said Russell Rabichev, Marketing Director of Internet Marketing Company. CONTACT: Company Name: Internet Marketing CompanyPerson for contact Name: Gurgu CPhone Number: (818) 359-3898Email: [email protected]: https://compare-autoinsurance.Org/ SOURCE: Compare-autoinsurance.Org View source version on accesswire.Com:https://www.Accesswire.Com/595055/What-Are-The-Main-Benefits-Of-Comparing-Car-Insurance-Quotes-Online View photos

ExBUlletin

to request, modification Contact us at Here or [email protected]