What is Patch Management?

What is Patch Management?

In today’s digital world, software vulnerabilities have become a widespread concern. Cybercriminals are always looking for ways to exploit these vulnerabilities, resulting in devastating security breaches. That’s where patch management comes in. In this article, we’ll discuss what patch management is, its importance, and best practices to implement it.

What is Patch Management?

Patch management is the process of acquiring, testing, and installing software updates or patches to address vulnerabilities or issues in software applications. Software developers regularly release patches to fix software vulnerabilities or bugs that have been discovered.

Patch management is a critical aspect of cybersecurity. Cybercriminals often use unpatched software vulnerabilities as a way to infiltrate computer systems, networks, or applications. As a result, the implementation of patch management is necessary to ensure the security and integrity of computer systems and networks.

Why is Patch Management Important?

Patch management is essential because it helps to ensure that software applications are up to date and secure. Cybersecurity is an ongoing process that requires constant attention and maintenance. Failing to implement patch management leaves systems vulnerable to security breaches, which could have disastrous consequences.

The Risks of Not Implementing Patch Management

Failing to implement patch management can lead to several risks. Some of these risks include:

  • Cyber attacks: Unpatched vulnerabilities provide an open door for cybercriminals to exploit computer systems or networks.
  • Data breaches: Cybercriminals use unpatched vulnerabilities to gain unauthorized access to sensitive data or personally identifiable information.
  • Legal consequences: Non-compliance with data protection laws can result in legal action or fines.
  • Reputation damage: Cybersecurity breaches can have a significant impact on an organization’s reputation.

Best Practices for Patch Management

Patch management can be a complex process, but some best practices can help make the process more manageable. These include:

  • Developing a patch management policy
  • Prioritizing patches based on criticality
  • Regularly testing patches before deployment
  • Automating patch management where possible
  • Establishing a patch management team
  • Maintaining an inventory of hardware and software

The Patch Management Process

The patch management process typically involves four steps:

  1. Discovery: Identifying the software applications that require updates or patches.
  2. Assessment: Determining the criticality of the vulnerabilities and prioritizing patches.
  3. Testing: Testing patches to ensure they do not cause any adverse effects on software applications or systems.
  4. Deployment: Installing patches and monitoring their effectiveness.

The Importance of Testing Patches

Testing patches is critical to the patch management process. It ensures that patches do not cause any adverse effects on software applications or systems. Testing should be conducted in a controlled environment to minimize the risk of any issues occurring.

Automating Patch Management

Automating patch management can make the process more efficient and reduce the workload on IT staff. Automated patch management systems can detect and deploy patches automatically, reducing the risk of human error and ensuring that software applications are up to date.

Developing a Patch Management Policy

Developing a patch management policy is an essential component of patch management. The policy should outline the process for acquiring, testing, and installing patches. It should also specify who is responsible for each step of the process and what actions will be taken in the event of a security breach.

The Role of Cybersecurity Professionals in Patch Management

Cybersecurity professionals play a crucial role in patch management. They are responsible for identifying vulnerabilities, testing patches, and ensuring that patches are deployed promptly. Cybersecurity professionals should also monitor systems and applications for any signs of unauthorized access or security breaches.

SnaPatch: Streamline Your Patch Management with SCCM Add-On

SnaPatch is a patch management add-on for System Centre Configuration Manager (SCCM) that automates the snapshot process of virtual machines before deploying Windows patches. With SnaPatch, you can easily and quickly schedule snapshots of your virtual machines, which allows you to restore to the original state if any patch causes an issue to your virtual machines.

This tool also integrates with Microsoft’s SCCM and VMware or HyperV, giving you access to view detailed information about your SCCM environment. You can see the patching compliance of each server from within each collection, with detailed information about the number of updates missing for each class (i.e., security, critical, service packs, etc.).

Moreover, SnaPatch lets you deploy patches directly to your SCCM clients from the tool, and it automatically deletes snapshots based on retention policy. With email reminders before the system deletes them, you can exclude servers from the snapshot auto-delete policy.

If you are looking for a patch management solution for your SCCM, SnaPatch is the right tool for you. It is easy to set up, with a simple and intuitive interface. You can be up and running in less than 30 minutes. Try SnaPatch today, and you will have a reliable, fast roll-back solution that helps you avoid the inherent risk of patching and updating servers.

Conclusion

Patch management is a critical aspect of cybersecurity. Failing to implement patch management can leave computer systems and networks vulnerable to security breaches, resulting in devastating consequences. The implementation of patch management involves acquiring, testing, and installing software updates or patches to address vulnerabilities or issues in software applications. Best practices for patch management include developing a patch management policy, prioritizing patches based on criticality, testing patches before deployment, automating patch management where possible, establishing a patch management team, and maintaining an inventory of hardware and software.

FAQs

  1. What is patch management? Patch management is the process of acquiring, testing, and installing software updates or patches to address vulnerabilities or issues in software applications.
  2. Why is patch management important? Patch management is important because it helps to ensure that software applications are up to date and secure. Failing to implement patch management leaves systems vulnerable to security breaches, which could have disastrous consequences.
  3. What are the risks of not implementing patch management? Some of the risks of not implementing patch management include cyber attacks, data breaches, legal consequences, and reputation damage.
  4. What are the best practices for patch management? Best practices for patch management include developing a patch management policy, prioritizing patches based on criticality, testing patches before deployment, automating patch management where possible, establishing a patch management team, and maintaining an inventory of hardware and software.
  5. What is the role of cybersecurity professionals in patch management? Cybersecurity professionals are responsible for identifying vulnerabilities, testing patches, and ensuring that patches are deployed promptly. They should also monitor systems and applications for any signs of unauthorized access or security breaches.
How to update SCCM 1902 Hotfix Rollup KB4500571

How to update SCCM 1902 Hotfix Rollup KB4500571

How to update SCCM 1902 Hotfix Rollup KB4500571

 

SCCM Hotfix rollup KB4500571

SCCM Hotfix rollup KB4500571 bug fix overview

Microsoft has released yet another update for SCCM, hotfix rollup KB4500571.

First off, we will cover the update fixes issues with SCCM including; (how to update your SCCM environment to Hotfix rollup KB4500571 is further down the page)

  • The Download Package Content task sequence action fails and the OsdDownload.exe process terminates unexpectedly. When this occurs, the following exit code is recorded in the Smsts.log on the client:
    Process completed with exit code 3221225477
  • Screenshots that are submitted through the Send a Smile or Send a Frown product feedback options cannot be deleted until the Configuration Manager console is closed.
  • Hardware inventory data that relies on the MSFT_PhysicalDisk class reports incomplete information on computers that have multiple drives. This is because the ObjectId property is not correctly defined as a key field.
  • Client installation fails on workgroup computers in an HTTPS-only environment. Communication with the management point fails, indicating that a client certificate is required even after one has been provisioned and imported.
  • A “success” return code of 0 is incorrectly reported as an error condition when you monitor deployment status in the Configuration Manager console.
  • When the option to show a dialog window is selected for app deployments that require a computer restart, that window is not displayed again if it is closed before the restart deadline. Instead, a temporary (toast) notification is displayed. This can cause unexpected computer restarts.
  • If it is previously selected, the “When software changes are required, show a dialog window to the user instead of a toast notification” check box is cleared after you make property changes to a required application deployment.
  • Expired Enhanced HTTPS certificates that are used for distribution points are not updated automatically as expected. When this occurs, clients cannot retrieve content from the distribution points. This can cause increased network traffic or failure to download content. Errors that resemble the following are recorded in the Smsdpprov.log:
    Begin to select client certificateUsing certificate selection criteria ‘CertHashCode:’.
    There are no certificate(s) that meet the criteria.
    Failed in GetCertificate(…): 0x87d00281
    Failed to find certificate ” from store ‘MY’. Error 0x87d00281
    UpdateIISBinding failed with error – 0x87d00281

    The distribution points certificates are valid when you view them in the SecurityCertificates node of the Configuration Manager console, but the SMS Issuing certificate will appear to be expired.
    Renewing the certificate from the console has no effect. After you apply this update, the SMS Issuing certificate and any distribution point certificates will automatically renew as required.

  • A management point may return an HTTP Error 500 in response to client user policy requests. This can occur if Active Directory User Discovery is not enabled. The instance of Dllhost.exe that hosts the Notification Server role on the management point may also continue to consume memory as more user policy requests arrive.
  • Content downloads from a cloud-based distribution point fail if the filename contains the percent sign (%) or other special characters. An error entry that resembles the following is recorded in the DataTransferService.log file on the client:AddUntransferredFilesToBITS : PathFileExists returned unexpected error 0x8007007b
    The DataTransferService.log may also record error code 0x80190194 when it tries to download the source file. One or both errors may be present depending on the characters in the filename.
  • After you update to Configuration Manager current branch, version 1902, the Data Warehouse Synchronization Service (Data_Warehouse_Service_Point) records error status message ID 11202. An error entry that resembles the following is recorded in the Microsoft.ConfigMgrDataWarehouse.log file:
    View or function ‘v_UpdateCIs’ has more column names specified than columns defined.
    Could not use view or function ‘vSMS_Update_ComplianceStatus’ because of binding errors.
  • User collections may appear to be empty after you update to Configuration Manager current branch, version 1902. This can occur if the collection membership rules query user discovery data that contains Unicode characters, such as ä.
  • The Delete Aged Log Data maintenance task fails if it is run on a Central Administration Site (CAS). Errors that resemble the following are recorded in the Smsdbmon.log file on the server.
    TOP is not allowed in an UPDATE or DELETE statement against a partitioned view. : spDeleteAgedLogData
    An error occurred while aging out DRS log data.
  • When you select the option to save PowerShell script output to a task sequence variable, the output is incorrectly appended instead of replaced.
  • The SMS Executive service on a site server may terminate unexpectedly after a change in operating system machine keys or after a site recovery to a different server. The Crash.log file on the server contains entries that resemblie the following.
    Note Multiple components may be listed, such as SMS_DISTRIBUTION_MANAGER, SMS_CERTIFICATE_MANAGER, or SMS_FAILOVERMANAGER. The following Crash.log entries are truncated for readability.
    EXCEPTION INFORMATION
    Service name = SMS_EXECUTIVE
    Thread name = SMS_FAILOVER_MANAGER
    Exception = c00000fd (EXCEPTION_STACK_OVERFLOW)Description = “The thread used up its stack.”
  • Old status messages may be overwritten by new messages after promoting a passive site server to active.
  • User targeted software installations do not start from Software Center after you update to Configuration Manager current branch, version 1902. The client displays an “Unable to make changes to your software” error message. Errors entries that resemble the following are recorded in the ServicePortalWebSitev3.log::GetDeviceIdentity – Could not convert 1.0,GUID:{guid} to device identity because the deviceId string is either null or larger than the allowed max size of input
    :System.ArgumentException: DeviceId
    at Microsoft.ConfigurationManager.SoftwareCatalog.Website.PortalClasses.PortalContextUtilities.GetDeviceIdentity(String deviceId)
    at Microsoft.ConfigurationManager.SoftwareCatalog.Website.PortalClasses.Connection.ServiceProxy.InstallApplication(UserContext user, String deviceId, String applicationId)
    at Microsoft.ConfigurationManager.SoftwareCatalog.Website.ApplicationViewService.InstallApplication(String applicationID, String deviceID, String reserved)

    This issue occurs if the PKI certificates that are used have a key length that is greater than 2,048 bits.

  • Audit status messages are not transmitted to the site server in an environment with a remote SMS provider.
  • The Management Insights rule “Enable the software updates product category for Windows 10, version 1809 and later” does not work as expected for Windows 10, version 1903.

SCCM Hotfix rollup KB4500571 additional changes

Further improvements and additional functional changes to SCCM included in the KB4500571 hotfix are;

  • Manager and the Microsoft Desktop Analytics service.
  • Multiple improvements are made to support devices that are managed by using both Configuration Manager and a thirty-party MDM service.
  • Client computers that use IPv6 over UDP (Teredo tunneling) may generate excessive traffic to management points. This, in turn, can also increase load on the site database.
    This traffic occurs because of the frequent network changes that are associated with the Teredo refresh interval. After you apply this update, this data is filtered by default and is no longer passed to the notification server on the management point. This filtering can be customized by creating the following registry string under HKEY_LOCAL_MACHINESoftwareMicrosoftCCM:
    Type: String
    Name: IPv6IFTypeFilterList
    Value: If the string is created without any data (blank), the pre-update behavior applies and no filtering occurs.
    The default behavior of filtering Teredo tunnel data (interface type IF_TYPE_TUNNEL, 131) is overwritten if new values are entered. Multiple values should be separated by semicolons.
  • The Configuration Manager client now handles a return code of 0x800f081f (CBS_E_SOURCE_MISSING) from the Windows Update Agent as a retriable condition. The result will be the same as the retry for return code 0x8024200D (WU_E_UH_NEEDANOTHERDOWNLOAD).
  • The SMSTSRebootDelayNext task sequence variable is now available. For more information, see the “Improvements to OS deployment” section of Features in Configuration Manager technical preview version 1904.
  • SQL database performance is improved for operations that involve a configuration item (CI) that has associated file content by the addition of a new index on the CI_Files table.

How to update your SCCM to Hotfix rollup KB4500571

Now we get to the nitty gritty of the update process for KB4500571.

  1. Open your SCCM Console, and navigate to Administration, then highlight Updates and Servicing.
    KB4500571 Administration
  2. Now with Updates and Servicing highlighted in main window you should hopefully see the KB4500571 update has downloaded and is ready to install.
    (If you cant see it downloaded, right click on Updates and Servicing and choose Check for Updates.)
    KB4500571 Downloaded
  3. Firstly we need to run the prerequisite check for SCCM KB4500571 to ensure your environment is ready for the update.
    Right Click the downloaded update and choose Run Prerequisite Check.
    KB4500571 PrerequisiteCheck
  4. The prerequisite check will take around 10 minutes or so to complete the check.
    You can use the ConfigMgrPrereq.log located in the root of the SCCM server’s C Drive to see the status and it’s completion.
    SCCM KB4500571 Prerequisite Check
  5. Now on to the fun bit, let’s start the installation of SCCM KB4500571. Again right click the update in the main window and choose Install Update Pack.
    SCCM KB4500571 Install Update Pack
  6. The first window of the Configuration Manager Updates Wizard pops up. Choose Next to continue the installation
    SCCM KB4500571 Updates Wizard
  7. The Client Updates Settings window lets you choose whether you want to validate the update against a pre-production collection. We wont bother with that here as this is our test environment. Choose Next to continue when ready to do so.SCCM KB4500571 Client Update Settings
  8. Accept the License Terms – only if you are happy with them 🙂 – and click Next.
    SCCM KB4500571 License Terms
  9. Now the Summary tab of the Configuration Manager Updates Wizard details the installation settings you have chosen. If you are happy to proceed with the installation click Next.
    This did take some time in the SmiKar SCCM lab environment, so best go make yourself a cup of coffee and come back. 🙂
    SCCM KB4500571 Install Confirmation
  10. Hopefully all went well with your upgrade to SCCM KB4500571 and you are presented with a screen similar to this.
    SCCM KB4500571 Completed
  11. If you had any issues or want to view the status (rather than look in the logs) go to Monitoring, then high Updates and Servicing Status. Highlight and Right Click the update and choose Show Status.
    SCCM KB4500571 Updates and Servicing Status
Adobe Flash compromised

Adobe Flash compromised

Adobe Flash compromised

Help Sign

Adobe Flash Vulnerability Compromises Cybersecurity

Adobe officials have confirmed that a critical vulnerability has been discovered in Flash version 19.0.0.207, which was just released on Tuesday. Security researchers warn that this vulnerability, identified as CVE-2015-7645, is being exploited by attackers to surreptitiously install malware on end-users’ computers, even in fully-patched versions of the software.

Zero-Day Exploits

The critical security flaw is reportedly being used exclusively by Pawn Storm, a group that is targeting only government agencies as part of a broader, long-running espionage campaign. However, it’s common for these kinds of zero-day exploits to be distributed more widely once the element of surprise has waned. The vulnerability has been found in Flash versions 19.0.0.185 and 19.0.0.207, as well as potentially earlier versions. At present, no further technical details are available.

Recent Attacks

In the most recent attacks, links were sent via email that purported to contain information on current events. These URLs hosted the exploit, leading users to download the malware without realizing it. The following topics were used as bait in these attacks:

• “Suicide car bomb targets NATO troop convoy Kabul”

• “Syrian troops make gains as Putin defends air strikes”

• “Israel launches airstrikes on targets in Gaza”

• “Russia warns of response to reported US nuke buildup in Turkey, Europe”

• “US military reports 75 US-trained rebels return Syria”

How to Stay Safe

In light of this vulnerability, it’s essential to take steps to stay safe while using Flash. First, ensure that you have updated to the latest version of Flash Player to reduce the risk of an attack. It’s also important to avoid clicking on links or downloading attachments from suspicious emails or websites. If you receive an email with an unsolicited link or attachment, delete the message immediately. Finally, consider disabling Flash altogether, particularly if you don’t use it often.

Conclusion

The recent discovery of a critical security flaw in Adobe Flash is a cause for concern, particularly as attackers have already been exploiting it in targeted attacks. As such, it’s essential to stay vigilant and take steps to protect yourself against this and other vulnerabilities. By staying up-to-date with the latest software updates, being wary of suspicious emails and attachments, and disabling Flash if necessary, you can help ensure that your computer remains secure.

Who loves managing patching?

Who loves managing patching?

Roll the Patch Management Dice: Automate with SnaPatch

Managing patching for your IT infrastructure can be a tedious and time-consuming task that poses potential risks if not executed correctly. Each month, a new Patch Tuesday release from Microsoft could leave your virtual machines (VMs) vulnerable to security holes, making manual patch management a daunting task. Furthermore, testing patches on bespoke server configurations before deploying them to production servers can add to the challenge.

But what if there was a way to automate patching and reduce potential issues? Enter SnaPatch, a Patch Management Addon for Microsoft’s SCCM, that can alleviate the headache of managing patching.

Roll the Patch Management Dice

Automate with SnaPatch

SnaPatch offers a range of features to streamline the patch deployment process. The tool takes a snapshot of your virtual servers before deploying patches, enabling you to quickly roll back in case of any issues. Additionally, SnaPatch notifies you via email throughout the patch deployment process, and automatically deletes the snapshot after a certain amount of time (with notification) to free up disk space.

Using SnaPatch can save you valuable time and resources that would otherwise be spent manually managing patch deployment and performing User Acceptance Testing after patch deployment. With SnaPatch, you can rest assured that your virtual servers are up-to-date and secure.

The Risks of Manual Patch Management

Managing patching without a tool like SnaPatch can be challenging, particularly if your server configuration deviates from the off-the-shelf installation provided by Microsoft. This approach increases the risk of future updates going wrong, and deploying patches to production servers without User Acceptance Testing becomes a risky strategy.

Professional teams typically install patches in dedicated testing environments to ensure that everything works correctly before pushing updates out to production servers. However, if you lack the resources or time for testing after patch deployment, manual patch management becomes even more challenging.

The Bottom Line

Patching your environment may never be fun, but with SnaPatch, you can automate the process and get back some of your precious time. Furthermore, you’ll have the peace of mind knowing that your virtual servers are up-to-date and secure. Don’t roll the Patch Management dice; instead, automate with SnaPatch.

In summary, automating patch management with SnaPatch can save you time, reduce potential issues, and provide greater security for your virtual servers. Don’t risk the manual patch management approach, instead, roll the Patch Management dice with SnaPatch, and get back some of your valuable time.

MICROSOFT’S March 2017 PATCH RELEASES

MICROSOFT’S March 2017 PATCH RELEASES

MICROSOFT’S March 2017 PATCH RELEASES

Well after an absence last month of the usual Microsoft Patch Tuesday releases, Microsoft have bundled more in to this months release, with 18 Windows Updates for the month of March 2017.

March 2017 Patch Tuesday

See how you can remove the risk of patch deployment by adding SnaPatch to your SCCM patching infrastructure?

MS17-006 – Critical

Cumulative Security Update for Internet Explorer (4013073)
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MS17-007 – Critical

Cumulative Security Update for Microsoft Edge (4013071)
This security update resolves vulnerabilities in Microsoft Edge. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MS17-008 – Critical

Security Update for Windows Hyper-V (4013082)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.

MS17-009 – Critical

Security Update for Microsoft Windows PDF Library (4010319)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.

MS17-010 – Critical

Security Update for Microsoft Windows SMB Server (4013389)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.

MS17-011 – Critical

Security Update for Microsoft Uniscribe (4013076)
This security update resolves vulnerabilities in Windows Uniscribe. The most severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS17-012 – Critical

Security Update for Microsoft Windows (4013078)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker runs a specially crafted application that connects to an iSNS Server and then issues malicious requests to the server.

MS17-013 – Critical

Security Update for Microsoft Graphics Component (4013075)
This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS17-014 – Important

Security Update for Microsoft Office (4013241)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

MS17-015 – Important

Security Update for Microsoft Exchange Server (4013242)
This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow remote code execution in Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server.

MS17-016 – Important

Security Update for Windows IIS (4013074)
This security update resolves a vulnerability in Microsoft Internet Information Services (IIS). The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL which is hosted by an affected Microsoft IIS server. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user’s browser to obtain information from web sessions.

MS17-017 – Important

Security Update for Windows Kernel (4013081)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application.

MS17-018 – Important

Security Update for Windows Kernel-Mode Drivers (4013083)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

MS17-019 – Important

Security Update for Active Directory Federation Services (4010320)
This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system.

MS17-020 – Important

Security Update for Windows DVD Maker (3208223)
This security update resolves an information disclosure vulnerability in Windows DVD Maker. The vulnerability could allow an attacker to obtain information to further compromise a target system.

MS17-021 – Important

Security Update for Windows DirectShow (4010318)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content that is hosted on a malicious website. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.

MS17-022 – Important

Security Update for Microsoft XML Core Services (4010321)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user visits a malicious website. However, in all cases an attacker would have no way to force a user to click a specially crafted link. An attacker would have to convince a user to click the link, typically by way of an enticement in an email or Instant Messenger message.

MS17-023 – Important

Security Update for Adobe Flash Player (4014329)
This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.


Now that you have made it this far, a quick shameless plug for our software portfolio. 🙂

SnaPatch – Patch Management Addon for Microsoft’s SCCM.

SnapShot Master – Take control of your virtual machine snapshots, works with both Hyper-V and Vmware.

Azure Virtual Machine Cloner – Quickly and easily clone your Azure VMs, you can even migrate your VMs between ARM and ASM.

Azure Virtual Machine Scheduler – Save money and schedule the shutdown and power on of your virtual machines within Microsoft’s Azure Cloud.

Azure Virtual Machine Deployer – Deploy VMs to Microsoft’s Azure cloud easily, without the need for powershell.

MICROSOFT’S February 2017 PATCH RELEASES

MICROSOFT’S February 2017 PATCH RELEASES

February 2017 Patch Tuesday

Well this is completely out of the usual. This month, being February 2017 Microsoft has decided to delay the normal patch release cycle as, and I quote

“Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today.

After considering all options, we made the decision to delay this month’s updates. We apologize for any inconvenience caused by this change to the existing plan.

MSRC”

Make sure to sign up and revisit our blog, as once we have confirmation from Microsoft if or when they will release their February Patch Tuesday releases, we will update our blog.

As always, dont forget to check out our software.

SnaPatch – Extends the capability of your SCCM patching infrastructure

SnapShot Master – Schedule snapshot creations and deletions plus lots more.

AVMC -Quickly and easily clone or migrate your Azure VMs.

AVMS – Schedule power downs and ons of your Azure VMs with ease. Now include orchestration.

AVMD – Deploy VMs to Azure without powershell