Sunday , May 16 2021

Patch Tuesday, August 2019 Edition – Krebs on Security

Most Microsoft Windows (ab) users probably welcome the monthly ritual of applying security updates about how much they look forward to the dentist: It always seems like you were there yesterday, and you never know how things will turn out. Fortunately, this season's patch from Redmond is graciously light, at least compared to last month.

Okay, maybe a trip to the dentist's office is even more desirable. Anyway, today is the second Tuesday of the month, which means it's Patch Tuesday again (or – depending on your setup and when you read this post – Reboot Wednesday). Microsoft released patches today to fix about 93 vulnerabilities in Windows and related software, 35 of which affect various Server versions of Windows and 70 more related to Windows 10 operating system.

Although it seems that no vulnerability has been identified, ie. One that would benefit from cybercrime before an official patch is available – there are several issues that deserve attention.

Chief among these are patches to address Microsoft's four moderately frightening flaws Remote Desktop Service, a feature that allows users to remotely access and operate a Windows computer as if they were sitting in front of a remote computer. Security vendor Qualys says these two weaknesses can be exploited remotely without authentication or interaction with users.

"According to Microsoft, at least two of these vulnerabilities (CVE-2019-1181 and CVE-2019-1182) can be considered" tolerable "and [can be equated] on BlueKeep, "citing a dangerous bug that was patched earlier this year and warned by Microsoft that it could be used to spread another epidemic of software similar to WannaCry. "At least one of these vulnerabilities is likely to be rapidly armed, and patches should be a priority for all Windows systems."

Fortunately, Remote Desktop is disabled by Windows 10 by default, so as such probabilities these deficiencies pose a threat to enterprises that have enabled the application for various purposes. For those who record the results, Microsoft had to fix critical security issues with its Remote Desktop service for the fourth time in 2019.

For all of you Microsoft Edge and the Internet Exploiter Researcher users, Microsoft has released the usual preview of bug fixes that could be used to install malware after a user only visits a hacked or hacked site. Other equally serious flaws patched with Windows this month could be used to compromise the operating system only by convincing the user to open a malicious file (no matter what browser the user uses).

As crazy as it may seem, this is the second consecutive month Adobe did not issue a security update for this Flash Player browser add-on, which is bundled with IE / Edge and Chrome (though it is now the default in Chrome). However, Adobe has released important updates to its Acrobat products and a free PDF reader.

If the sound of this post sounds a little creepy, maybe it's because at least one of the upgrades I installed last month completely removed my Windows 10 device. I consider myself an equal misuse of the OS and maintain multiple computers running various operating systems, including Windows, Linux and MacOS.

Nonetheless, it is frustrating when you work so hard to apply the patch so many unexplained problems that you are forced to completely reinstall the OS and any programs that run above it. My newly refreshed Windows computer, on the other hand, is a little more responsive than it was before hell.

Three tips. First, don't let Microsoft decide when to apply patches and restart your computer. On the one hand, it's nice that Microsoft gives us a predictable schedule for when to release patches. On the other hand, Windows 10 will by default download and install patches whenever it wants and then restart your computer.

Unless you change that setting. Here's a guide to that. For all other Windows OS users, if you would rather be alerted to new updates when available so you can choose when to install them, there is a setting for this in Windows Update.

Second, it doesn't hurt to wait a few days to apply the updates. The fixes released in Patch Tuesday have glitches that cause problems for an unspecified number of Windows systems. When this happens, Microsoft then patches its patches to minimize the same issues for users who have not yet applied updates, but sometimes it takes days for Redmond to smooth the edges.

Finally, you have some kind of system for backing up your files before applying any updates. You can use third party software to do this, or just the options built into Windows 10. At some level, it doesn't matter. Just make sure to back up your files, preferably by following the 2-2-1 rule. Fortunately, I am very careful about backing up files.

And as always, if you have trouble installing any of these patches this month, feel free to leave a comment about it below; there is a good chance that other readers have experienced this and you may even come across some helpful tips here.

Tags: August 2019 Edition, Microsoft Patch Tuesday

This entry was posted on Tuesday, August 13th, 2019 at 5:57 pm and is filed under Latest Alerts, Repair Time.
You can follow all comments on this entry via the RSS 2.0 feed.

You can skip to the end and leave a comment. Pinging is not allowed at this time.

Source link

About canada