MICROSOFT’S March 2017 PATCH RELEASES

MICROSOFT’S March 2017 PATCH RELEASES

MICROSOFT’S March 2017 PATCH RELEASES

Well after an absence last month of the usual Microsoft Patch Tuesday releases, Microsoft have bundled more in to this months release, with 18 Windows Updates for the month of March 2017.

March 2017 Patch Tuesday

See how you can remove the risk of patch deployment by adding SnaPatch to your SCCM patching infrastructure?

MS17-006 – Critical

Cumulative Security Update for Internet Explorer (4013073)
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MS17-007 – Critical

Cumulative Security Update for Microsoft Edge (4013071)
This security update resolves vulnerabilities in Microsoft Edge. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MS17-008 – Critical

Security Update for Windows Hyper-V (4013082)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.

MS17-009 – Critical

Security Update for Microsoft Windows PDF Library (4010319)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.

MS17-010 – Critical

Security Update for Microsoft Windows SMB Server (4013389)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.

MS17-011 – Critical

Security Update for Microsoft Uniscribe (4013076)
This security update resolves vulnerabilities in Windows Uniscribe. The most severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS17-012 – Critical

Security Update for Microsoft Windows (4013078)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker runs a specially crafted application that connects to an iSNS Server and then issues malicious requests to the server.

MS17-013 – Critical

Security Update for Microsoft Graphics Component (4013075)
This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS17-014 – Important

Security Update for Microsoft Office (4013241)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

MS17-015 – Important

Security Update for Microsoft Exchange Server (4013242)
This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow remote code execution in Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server.

MS17-016 – Important

Security Update for Windows IIS (4013074)
This security update resolves a vulnerability in Microsoft Internet Information Services (IIS). The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL which is hosted by an affected Microsoft IIS server. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user’s browser to obtain information from web sessions.

MS17-017 – Important

Security Update for Windows Kernel (4013081)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application.

MS17-018 – Important

Security Update for Windows Kernel-Mode Drivers (4013083)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

MS17-019 – Important

Security Update for Active Directory Federation Services (4010320)
This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system.

MS17-020 – Important

Security Update for Windows DVD Maker (3208223)
This security update resolves an information disclosure vulnerability in Windows DVD Maker. The vulnerability could allow an attacker to obtain information to further compromise a target system.

MS17-021 – Important

Security Update for Windows DirectShow (4010318)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content that is hosted on a malicious website. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.

MS17-022 – Important

Security Update for Microsoft XML Core Services (4010321)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user visits a malicious website. However, in all cases an attacker would have no way to force a user to click a specially crafted link. An attacker would have to convince a user to click the link, typically by way of an enticement in an email or Instant Messenger message.

MS17-023 – Important

Security Update for Adobe Flash Player (4014329)
This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.


Now that you have made it this far, a quick shameless plug for our software portfolio. 🙂

SnaPatch – Patch Management Addon for Microsoft’s SCCM.

SnapShot Master – Take control of your virtual machine snapshots, works with both Hyper-V and Vmware.

Azure Virtual Machine Cloner – Quickly and easily clone your Azure VMs, you can even migrate your VMs between ARM and ASM.

Azure Virtual Machine Scheduler – Save money and schedule the shutdown and power on of your virtual machines within Microsoft’s Azure Cloud.

Azure Virtual Machine Deployer – Deploy VMs to Microsoft’s Azure cloud easily, without the need for powershell.

KB3176934 breaks Windows 10 Powershell

KB3176934 breaks Windows 10 Powershell

Windows 10 has been a reliable operating system for many users, but recently, some patches released by Microsoft have caused various issues. One of the latest problems is caused by KB3176934, which appears to break Windows 10 PowerShell. In particular, it affects the Desired State Configuration (DSC) functionality in PowerShell, rendering it useless.

What is KB3176934?

KB3176934 is a security update released by Microsoft in August. The patch was meant to fix some security issues with the operating system, but instead, it caused a problem with PowerShell. The issue is related to a missing .MOF file in the build package, causing the update to break DSC.

The Consequences of the Issue

The missing .MOF file leads to all DSC operations resulting in an “Invalid Property” error. This means that if you are using DSC on any Windows client, or from any Windows client, you should uninstall the update. The PowerShell function will be completely unusable until the KB3176934 update is removed.

what is happening

Other Issues Caused by Recent Patches

This isn’t the only issue caused by the August releases of patches by Microsoft. Two other known issues were caused by security patches, namely Microsoft patches KB3177725 and KB3176493 causing printing issues, and Microsoft Patch KB3179575 causing authentication issues with Windows 2012 servers. Fortunately, a fix for the printing issue problem (KB3187022) has been released. Still, there has been no correspondence regarding the authentication issues, making it unclear whether a fix is coming soon.

How to Fix the PowerShell Issue

If you have experienced this issue on your Windows 10 machine, don’t worry. There is a solution, and it’s relatively easy to implement. The only way to fix this problem is to uninstall KB3176934 from the affected machine. Once you have removed the update, DSC functionality should be restored to PowerShell

Conclusion

If you use PowerShell for DSC, KB3176934 is a patch you need to avoid. While it’s essential to keep your operating system up to date, this update is not worth the trouble. The missing .MOF file breaks DSC functionality, leading to an “Invalid Property” error, rendering it useless. It’s crucial to stay aware of the latest updates from Microsoft and to remove any problematic ones as soon as possible.

 
MICROSOFT’S August 2016 PATCH RELEASES

MICROSOFT’S August 2016 PATCH RELEASES

MICROSOFT’S August 2016 PATCH RELEASES

The following nine Patch Tuesday updates / patches have been released by Microsoft for the August 2016 Update deployment.

Are you ready to start deploying and remove the patching risk using SnaPatch Patch Management Software?

MS16-095 – Critical

Cumulative Security Update for Internet Explorer (3177356)
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MS16-096 – Critical

Cumulative Security Update for Microsoft Edge (3177358)
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.

MS16-097 – Critical

Security Update for Microsoft Graphics Component (3177393)
This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, and Microsoft Lync. The vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS16-098– Critical

Security Update for Windows Kernel-Mode Drivers (3178466)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

MS16-099 – Critical

Security Update for Microsoft Office (3177451)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

MS16-100 – Important

Security Update for Secure Boot (3179577)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker installs an affected boot manager and bypasses Windows security features.

MS16-101 – Important

Security Update for Windows Authentication Methods (3178465)
This security update resolves multiple vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application on a domain-joined system.

MS16-102 – Critical

Security Update for Microsoft Windows PDF Library (3182248)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MS16-103– Important

Security Update for ActiveSyncProvider (3182332)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Universal Outlook fails to establish a secure connection.

Important update for WSUS 4.0 – KB 3095113

WSUS 4.0 Update

Ensuring Seamless Deployment of Windows 10 Feature Upgrade (Version 1511) with KB 3095113

If you are looking for a comprehensive Windows management tool that provides a centralized location to manage and deploy software updates, then the Windows Server Update Services (WSUS) is a valuable tool to have in your IT arsenal. With the latest feature upgrade for Windows 10 (version 1511) released, it is essential to keep your WSUS up-to-date to ensure seamless deployment of the latest Windows 10 feature upgrade to your clients.

To this end, Microsoft has released a crucial patch for WSUS for WS12 and WS12R2 (KB 3095113), which enables WSUS to deploy the Windows 10 feature upgrade (version 1511) to your clients. In this article, we will take a closer look at the features and benefits of this latest WSUS update and how it can help you manage your Windows updates more efficiently.

Upgrading to Windows 10 Feature Upgrade (Version 1511)

The release of the Windows 10 feature upgrade (version 1511) marked a significant milestone for Windows 10 users, as it was the first-ever in-place upgrade for the operating system. This update offered various new features, including improvements to Cortana, Microsoft Edge, and the Start Menu, to name a few. However, to deploy this update to your Windows 10 clients, you need to ensure that your WSUS is updated with the latest patch, KB 3095113.

KB 3095113 – Enabling WSUS to Deploy the Windows 10 Feature Upgrade

The KB 3095113 patch for WSUS is critical for enabling WSUS to deploy the Windows 10 feature upgrade to your clients. This update is available for download from the Microsoft website and is easy to install, making it an essential tool for IT professionals looking to manage and deploy Windows updates seamlessly.

WSUS Upgrade Classification for Windows 10 Feature Upgrade

Once you have installed KB 3095113, you will notice that the Windows 10 1511 feature upgrade is available via WSUS. It will show up with a new Upgrades classification, making it easy to identify and deploy the feature upgrade to your Windows 10 clients. Moreover, this update applies not only to Windows 10 RTM but also to Windows 7 and Windows 8.1 machines.

The hot fix for WSUS is available to download from this link.

 https://support.microsoft.com/en-us/kb/3095113.

 

Benefits of Upgrading WSUS to KB 3095113

Updating your WSUS to KB 3095113 offers various benefits, including:

  1. Easy deployment of the latest Windows 10 feature upgrade to your clients
  2. Centralized management of Windows updates
  3. Faster and more efficient management of Windows updates
  4. Enhanced security and stability of your Windows environment

KB 3095113 Conclusion

Updating your WSUS to KB 3095113 is essential if you want to ensure seamless deployment of the latest Windows 10 feature upgrade to your clients. This update offers various benefits, including centralized management of Windows updates, enhanced security, and stability of your Windows environment. Moreover, it is easy to install and use, making it an essential tool for IT professionals looking to manage and deploy Windows updates more efficiently. So, what are you waiting for? Download KB 3095113 today and experience the benefits of seamless Windows update deployment.