Jump to content


Photo

Forecast for Jan 2018 Patch Tuesday


  • Please log in to reply
4 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 05 January 2018 - 09:22 AM

FYI...

Forecast for January 2018 Patch Tuesday
- https://www.helpnets...y-expectations/
Jan 5, 2018 - "... A few things are noteworthy about the two CPU vulnerabilities: 'Meltdown' and 'Spectre'. Just applying the OS updates is not enough as that will only resolve the Meltdown vulnerability. Spectre is apparently going to be a more difficult issue to resolve. There should be firmware updates forthcoming that will be required to resolve the 'Spectre' vulnerability. Similarly, there have been releases from Apple and some Linux distributions to resolve the 'Meltdown' vulnerability... There are currently no actively detected exploits of these vulnerabilities in the wild, but there is plenty of Proof of Concept code that has been used to demonstrate how to exploit them...
• Microsoft will release additional updates on patch Tuesday for applications like Office and .Net.
• We can likely expect an update from Adobe for Flash Player (11 of 12 Patch Tuesdays in 2017 had one).
• We have not seen an Adobe Reader update since November, so there is a possibility for one either this month or next.
• Oracle will have their quarterly CPU this month, but that will fall on the 16th per their release cadence. Expect updates to JDK, JRE and many other Oracle products.
• Mozilla released an update in early December, but given that they have discovered methods for web-based exploitation of Meltdown\Spectre you should be on the lookout for the next Mozilla release.
• Chrome is likely due for an update. It has been a few weeks since we have seen one from them and also with the possibility of Meltdown\Spectre exploit through the browser they may need to release some resolutions for those vulnerabilities.
• This Mozilla finding could mean an additional IE\Edge release will be needed in the future as well."
(More detail at the helpnetsecurity URL above.)
___

- https://windowssecre...ulnerabilities/
Jan 4, 2018

- https://www.us-cert....Vulnerabilities
Last revised: Jan 05, 2018
___

ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities
- https://portal.msrc....isory/ADV180002
"... Revisions
Version     Date     Description
1.0     01/03/2018     Information published.
2.0     01/03/2018     Revised ADV180002 to announce release of SQL 2016 and 2017 updates.
3.0     01/05/2018     The following updates have been made: Revised the Affected Products table to include Windows 10 Version 1709 for x64-based Systems because the update provides mitigations for ADV180002. Corrected the security update numbers for the 2016 and 2017 SQL Server Cumulative Updates. Removed Windows Server 2012 and Windows Server 2012 (Server Core installation) from the Affected Products table because there are no mitigations available for ADV180002 for these products. Revised the Affected Products table to include Monthly Rollup updates for Windows 7 and Windows Server 2008 R2. Customers who install monthly rollups should install these updates to receive the mitigations against the vulnerabilities discussed in this advisory. In the Recommended Actions section, added information for Surface customers. Added an FAQ to explain why Windows Server 2008 and Windows Server 2012 will not receive mitigations for these vulnerabilities. Added an FAQ to explain the protection against these vulnerabilties for customers using x86 architecture."
___

Blue Screen after KB4056894
> https://social.techn...after-kb4056894

STOP: 0x000000C4 after installing KB4056894 - 2018-01 Security Monthly Quality Rollup for WIndows 7 for x64
> https://answers.micr...cdd4cd56?auth=1

January 4, 2018 — KB4056894 (Monthly Rollup)
Applies to: Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1
> https://support.micr...pdate-kb4056894
Last Updated: Jan 4, 2018
"Known issues in this update..."

January 3, 2018—KB4056892 (OS Build 16299.192)
Applies to: Windows 10 version 1709
- https://support.micr...pdate-kb4056892
Last Updated: Jan 4, 2018
"Known issues in this update..."

- https://slashdot.org...ng-some-amd-pcs
Jan 08, 2018 - "As if the Meltdown and Spectre bug affecting millions of processors was not bad enough, the patches designed to mitigate the problems are introducing issues of their own. Perhaps the most well-known effect is a much-publicized performance hit, but some users are reporting that Microsoft's emergency patch is bricking their computers. We've already seen compatibility issues with some antivirus tools, and now some AMD users are reporting that the KB4056892 patch is rendering their computer unusable. A further issue — error 0x800f0845 — means that it is not possible to perform a rollback."

Widespread reports of blue screens (0X000000C4 and 0x800f0845) with Meltdown/Spectre patches for Win7 (KB 4056894) and Win10 1709 (KB 4056892)
> https://www.askwoody...709-kb-4056894/
Jan 8, 2018

> https://www.askwoody...eaded-your-way/
"... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it..."
 

:ninja: :ninja:


Edited by AplusWebMaster, 08 January 2018 - 01:06 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 09 January 2018 - 07:26 AM

FYI...

Microsoft yanks buggy Windows Meltdown/Spectre patches for AMD computers
... After five days of debilitating blue screens on AMD machines, Microsoft pulled the buggy patches very early Tuesday morning. More problems remain
- https://www.computer...-computers.html
Jan 9, 2018 - "What’s been yanked..."

- https://docs.google....haring&sle=true
CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 (Meltdown and Spectre) Windows antivirus patch compatibility
Last update: 8th January 2018 @20.30 GMT

>> https://doublepulsar...ou-a852ba0292ec
Jan 8, 2018 - "... the Microsoft knowledge base articles have had extensive edits since publishing. There’s some really important things you should know before trying to apply the patches..."
>> https://support.micr...ivirus-software
Last Updated: Jan 6, 2018
___

> https://www.askwoody...eaded-your-way/
"... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it..."
 

:ninja: :ninja:


Edited by AplusWebMaster, 09 January 2018 - 12:06 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#3 WhatKnot

WhatKnot

    Member

  • Full Member
  • Pip
  • 35 posts

Posted 10 February 2018 - 07:43 PM

"There should be firmware updates forthcoming"

 

How will these firmware updates be delivered?

 

Thank you



#4 WhatKnot

WhatKnot

    Member

  • Full Member
  • Pip
  • 35 posts

Posted 01 March 2018 - 08:01 PM

"There should be firmware updates forthcoming"

 

How will these firmware updates be delivered?

 

Thank you

 

For the sake of us less technical users, do we have to seek out these updates or will they be be part of the usual MicroSoft updates. If you cannot / will not answer this inquiry then the usefulness of this website to the average user is in doubt.



#5 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,442 posts

Posted 02 March 2018 - 06:05 AM

AplusWebMaster helpfully posts the information with links to the relevant data...  He is considered to be a valuable member of this community and is under no obligation to provide answers for every announcement he posts...  If you follow the links in his posts, you will likely receive the answer you are looking for...  In most cases, firmware updates come from the manufacturers of the equipment, but since this is an unusual situation, I am not sure how it is going to be done...  It seems unlikely that they will be offered through usual MS Updates, but I can not say for sure that that is not the case...


Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"




Member of ASAP and UNITE
Support SpywareInfo Forum - click the button