Home / Technology / Patch Tuesday, issue August 2019 – Krebs on Security

Patch Tuesday, issue August 2019 – Krebs on Security

Most Microsoft Windows (ab) users are likely to welcome the monthly ritual of applying security updates as much as they look forward to going to the dentist: it always seems like you were just yesterday there and you I never know exactly how it will turn out. Fortunately, this month's patch batch from Redmond is graciously light, at least compared to last month.

Okay, maybe a visit to the dental office is still preferable. In any case, today is the second Tuesday of the month. This means that it's again a patch Tuesday (or, depending on your setup and the time you read this post, restarting Wednesday). Microsoft today released patches to address 93 security vulnerabilities in Windows and related software, including 35 different server versions of Windows, and another 70 that apply to the Windows 1

0 operating system , [19659003] Although there are apparently no zero-day vulnerabilities exploited by cybercriminals before an official patch is available this month, there are some issues that deserve attention.

Fixed four moderately fearsome bugs in Microsoft's Remote Desktop Service feature that allows users to remotely access and manage a Windows computer as if they were actually in front of the remote computer. The security vendor Qualys states that two of these vulnerabilities can be exploited remotely without authentication or user interaction.

"According to Microsoft, at least two of these vulnerabilities (CVE-2019-1181 and CVE-2019-1182) can be considered & nbsp; wormbar & # 39; and [can be equated] for BlueKeep. This refers to a dangerous bug that was patched earlier this year and warned Microsoft that it could be used to spread another WannaCry-like ransomware outbreak. "It is very likely that at least one of these vulnerabilities can be quickly fixed and patching is a priority for all Windows systems." [LuckilyRemoteDesktopisdisabledbydefaultinWindows10whichiswhythesevulnerabilitiesoccurmorelikelytobeathreattobusinessesthathaveactivatedtheapplicationfordifferentpurposesForthosewhoearnpointsthisisthefourthtimein2019thatMicrosofthashadtoaddresscriticalsecurityissueswithitsRemoteDesktopservice

For all users of Microsoft Edge and Internet Exploiter Explorer, Microsoft has issued the usual abundance of updates for bugs that could be exploited to install malware after a user just hacked or bombed a user visited website. Other equally serious bugs fixed in Windows this month can be used to compromise the operating system by tricking the user into opening a malicious file (no matter which browser the user is running).

As crazy as possible, this is the second month in a row in which Adobe has not released a security update for the browser plug-in Flash Player which is included in IE / Edge and Chrome (though now defaulted in Chrome by default). However, Adobe released important updates for its Acrobat and free PDF reader products.

If the sound of this post sounds a bit kanterartig, it may be because at least one of the updates I've installed last month has completely messed up my Windows 10 system. I regard myself as an equal operating system abuser and manage multiple computers with a variety of operating systems, including Windows, Linux and MacOS.

Even so, it is frustrating to have so many unfixable issues with applying patches that you have problems yourself. The operating system and all programs installed on it must be reinstalled. On the plus side, my newly updated Windows computer responded a bit faster than before the crash.

So three pieces of advice. First, let Microsoft decide when to apply patches and restart the computer. On the one hand, it's great that Microsoft gives us a predictable schedule for publishing patches. On the other hand, Windows 10 downloads patches by default and installs them whenever desired, and restarts the computer.

Unless you change this setting. Here's a tutorial on how to do that. For all other Windows operating system users, there is a setting in Windows Update .

Second, if you prefer to be notified of new updates as they become available, so you can choose when to install them. It does not hurt to wait a few days to install updates. Very often, fixes released on Patch Tuesday have glitches that cause problems on an indefinite number of Windows systems. In this case, Microsoft updates the patches to minimize the same issues for users who have not yet installed the updates. However, it sometimes takes a few days for Redmond to fix the issues.

System to back up your files before updates are applied. You can use third-party software or only the built-in Windows 10 options. At a certain level, this does not matter. Just make sure you back up your files, preferably according to the 3-2-1 backup rule. Luckily, I'm very alert when it comes to backing up my files.

And if you're having trouble installing one of these patches this month, you can leave a comment below. There is a good chance that other readers have experienced the same thing and may even have some helpful tips.

Tags: Issue August 2019, Microsoft Patch Tuesday

You can jump to the end and leave a comment. Ping is currently not allowed.

Source link