Microsoft has eased us into the new new year with just 48 updates for the Windows, Office and .NET platforms. There were no zero-days for January, and no reports of publicly exposed vulnerabilities or exploited security issues.
Developers of complex, line-of-business applications might need to pay particular attention to how Microsoft has updated the Message Queue system. Printing has been patched and minor updates to bluetooth and Windows shell sub-systems (shortcuts and wallpaper) require some testing before deployment.
The team at Readiness has crafted a useful infographic that outlines the risks associated with each of the updates for this January release.
Known issues
Each month, Microsoft includes a list of known issues that relate to the operating system and platforms included in the latest update cycle.
Microsoft reported the following error message for all Windows 10/11 desktop platforms: Using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the ”Require Device Encryption” setting for some devices in your environment.
Given the importance of emojis in today’s computing environment, Microsoft also has an issue with the color scale of certain 3D-like emoticons on all Windows builds. (As I am “color dumb,” not sure if I should be 🙂 or 😞.)
Major revisions
So were there major revisions among the January updates? There are two answers. The short answer is there do not appear to be any patches with significant revisions that require administrator attention this month.
The long answer: there may be an issue with the Microsoft update database and how data is presented and deployed. With each update cycle, the Readiness team employs an automated system to parse/process Microsoft updates and their associated manifests and payloads. Our system reported many changes, which after some time proved to be false alarms. (By “large number of changes,” we mean several thousand.) We double-checked — it is not us — it is the data. We’ll see if the problem persists and update our systems/bulletins accordingly.
Mitigations and workarounds
Microsoft published the following vulnerability related mitigations for this month’s release:
CVE-2024-21320: Windows Themes Spoofing Vulnerability. Microsoft advised that those who have disabled NTLM are not affected by this minor issue. If this vulnerability is a concern for your organization, apply the Restrict NTLM group policy.
Each month, the Readiness team detailed analyses the Patch Tuesday updates and provides detailed, actionable testing guidance. This guidance is based on assessing a large application portfolio and the patches’ potential impact on the Windows platforms and application installations.
The following changes were included in this month’s update and have not been raised as either elevated risk (of…
2024-01-14 06:00:03
Original from www.computerworld.com rnrn