Where we stand with this month’s Windows and Office security patches

Where we stand with this month’s Windows and Office security patches

One week after Patch Tuesday, and would-be Windows Updaters are facing a handful of bugs. Some will find them minor annoyances. Others … not so much.

Okta acquires Stormpath to boost its identity services for developers
14% off APC 11-Outlet Surge Protector with USB Charging Ports and SurgeArrest – Deal Alert
Coffee Meets Bagel Dating App Warns Users of Breach

One week after Patch Tuesday, and would-be Windows Updaters are facing a handful of bugs. Some will find them minor annoyances. Others … not so much. Here are the known bugs, and where we stand in the struggle to resolve the problems.

Worthy of note: Microsoft is now acknowledging many bugs that in the past would’ve gone without comment. There’s hope.

Here are the known, significant buggy security patches:

  • Windows 10 Anniversary Update, version 1607 – Cumulative update KB 4034658 wipes out Update History, unhides hidden updates, and effectively disconnects some updated computers from WSUS. Microsoft has acknowledged all three of those bugs in the KB 4034658 article with the usual “Microsoft is investigating this issue and will provide an update as soon as possible.”
  • The first undocumented buggy driver this month for the Surface Pro 4, “Surface – System – 7/21/2017 12:00:00 AM – 1.0.65.1,” was released on August 1. It was replaced by a second driver “Surface – System – 7/31/2007 12:00:00 AM – 1.0.75.1” on August 4. The second one was documented. But then we saw four more undocumented Surface Pro 4 drivers — “Intel driver update for Intel(r) Dynamic Platform and Thermal Framework Generic Participant,” “Power Participant,” Processor Participant” and “Manager” — all released on Saturday, August 12. Sometime late on August 14, Microsoft posted information about two of the drivers.
  • Both the Windows 7 August Monthly rollup KB 4034664 and the manually installed security-only patch KB 4034679 are causing problems with two-screen systems: The second screen starts showing gibberish with many applications, including Office. The problem has been widely reported — even replicated with a Proof of Concept program — but Microsoft hasn’t yet acknowledged it.
  • The only bug reported by Microsoft in its August Windows 7 security patches is an old bug, continuing from July, in which a buggy LDAP plugs up TCP dynamic ports. That bug hasn’t been fixed.
  • The Windows 8.1 Monthly rollup listing mentions a known bug: NPS authentication may break, and wireless clients may fail to connect. The solution is to manually set a registry entry on the server.

Dozens of patches were made to Office earlier this month but, so far, I’m not aware of any bugs.

Depending on which version of Windows you’re using, and how you’re using it, those bugs may be important or they may be annoyances.

I continue to recommend that you hold off on applying this month’s patches. I haven’t seen any malware outbreaks that are blocked by the August patches, and we may get some surprises — good, bad or indifferent — later today.

Have a question or a bug report? Drop by the AskWoody Lounge.

Go to Source

COMMENTS