MS update Tuesday: to fix an extraordinarily serious security risk

PeaKr · Jan 14, 2020

bman212121 said:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

I would say this is a fairly important fix to patch asap.

WTF no W7? Guess I better upgrade to 10 asap! Well played m$.

Domingo · Jan 14, 2020

Guess this has to be important. Tomorrow's the rollout of the Chromium-based Edge. If this wasn't urgent, they would have just waited a day.

DejaWiz · Jan 14, 2020

PeaKr said:
WTF no W7? Guess I better upgrade to 10 asap! Well played m$.

Win7 support officially ended today.

Axman · Jan 14, 2020

Zarathustra[H] said:
what about HR? Or benefits coordinators? Or managers machines?

Those outlier machines you handle on a case-by-case basis, but any of the sensitive info lives on the server inside a secure room. If your accountant is keeping financials on a local machine, that accountant is embezzling money.

The servers you update as soon as possible, after hours or as close to after hours as you can manage, with backups at your fingertips.

IP you protect with lawyers.

clockdogg · Jan 14, 2020

PeaKr said:
WTF no W7? Guess I better upgrade to 10 asap! Well played m$.

DejaWiz said:
Win7 support officially ended today.

What a coincidence... couldn't have planned this... unless...

Ebernanut · Jan 14, 2020

So am I missing something or is this just an exploit that makes an executable not give an extra warning about not having a properly signed certificate?

It seems like this would have to be paired with a remote execution exploit to be very dangerous since if you can convince an idiot to d/l and run something an extra warning usually isn't going to stop them.

Dead Parrot · Jan 14, 2020

Interesting that there is no Win 8.1 update listed. Support for that runs through 2023. Wonder if there will be more additions later.

Mega6 · Jan 14, 2020

People - "The vulnerability affects Windows 10 and Windows Server 2016/2019 systems."

win7/8 not affected.

clockdogg · Jan 15, 2020

Mega6 said:
People - "The vulnerability affects Windows 10 and Windows Server 2016/2019 systems."

win7/8 not affected.

Oh... man... spoiling our great conspiracy theories.

blandead · Jan 15, 2020

Axman said:
The organization I was the sys admin for had about 80 machines for staff and students, plus about 15 machines for administration, plus another half-dozen for servers and hosting, plus firewalls and networking hardware. ETA: and two people to maintain it all.

That's very common and achievable with a level 2 & level 1 tech

I would simply find the dism command needed to uninstall the patch, send it to all computers simultaneously and reboot. Or automate with a script if physical access needed to fix. Run script and move on.

But agreed never blindly install patches without reading known issues on MS's site

d3athf1sh · Jan 15, 2020

erek said:
nothing pulled down for me

sigh, where is it?

View attachment 215750

i'm assuming 1909 doesn't need it?? i'm pretty sure it didn't come up on either of the two 1909 enterprise installations i have here at the house. and if you go to the actual download page for the update it's only showing for the older versions of win10 and 8 & 7. unless i'm missing something.

GoodBoy · Jan 15, 2020

1909 needs it. I installed it last night.

Windows 10 Version 1909 for x64-based Systems Article: 4528760 Patch: Security Update

PeaKr · Jan 15, 2020

clockdogg said:
Oh... man... spoiling our great conspiracy theories.

Blame the Forbes article which mentions W7 and 8. Guess I shoulda known better, fake news.

"Before you take a deep breath and relax because you're still using Windows 8, Windows 7 or Windows XP, that same crypto component is present in all versions of Windows. "

Jacobhobz · Jan 15, 2020

To the OP, if y

GoodBoy · Jan 16, 2020

NSA statement/advisory

https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF

KD5ZXG · Jan 16, 2020

Finally got the update to start. It was stuck pretty good there.
Seems I had installed Spybot Anti-Beacon and forgot about it.
It left comments explaining in my HOSTS file was how I found.
Disabled Anti-Beacon's immunization and rebooted.

Update hasn't finished, but at least its futher than before.
So, when it finishes I turn Anti-Beacon immunization back on?
Or I need an updated anti-beacon? Prolly wouldn't hurt...

MS best not be reinstalling stupid games and whatever other
garbage I've deliberately removed...

Zarathustra[H] · Jan 17, 2020

So, is this CVE-2020-0601?

How does someone write an article about a vulnerability without referencing the tracking number?

GoodBoy · Jan 17, 2020

Zarathustra[H] said:
So, is this CVE-2020-0601??

Yes that is the correct CVE.

MS update Tuesday: to fix an extraordinarily serious security risk

PeaKr

Gawd

Domingo

Fully [H]

DejaWiz

Fully [H]

Axman

VP of Extreme Liberty

clockdogg

[H]ard|Gawd

Ebernanut

[H]ard|Gawd

Dead Parrot

2[H]4U

Mega6

2[H]4U

clockdogg

[H]ard|Gawd

blandead

Limp Gawd

d3athf1sh

[H]ard|Gawd

GoodBoy

2[H]4U

PeaKr

Gawd

Jacobhobz

n00b

GoodBoy

2[H]4U

KD5ZXG

Gawd

Zarathustra[H]

Extremely [H]

GoodBoy

2[H]4U