With a lightweight July Patch Tuesday, it's time to put money into your IT processes

With a lightweight July Patch Tuesday, it's time to put money into your IT processes



With a lightweight July Patch Tuesday, it is time to put money into your IT processes
Though this month’s Patch Tuesday replace from Microsoft offers with greater than 86 reported vulnerabilities, the testing and deployment profile for July ought to be simple to deal with. Use your time properly.

Traitov / Getty Images

Though we get a reprieve from Exchange updates on this month’s Patch Tuesday replace, extra printer updates are on the best way. Even with no updates for Microsoft Exchange or Visual Studio, Adobe is again with 15 essential updates for Adobe Reader. And Microsoft’s new patch deployment software Auto-Patch is now reside. (I all the time thought utility testing was the principle downside right here, however truly getting patches deployed continues to be powerful.)

Though the numbers are nonetheless fairly excessive (with 86+ reported vulnerabilities), the testing and deployment profile for July ought to be pretty average. We counsel taking the time to harden your Exchange Server defenses and mitigation processes, and put money into your testing processes.

You can discover extra info on the chance of deploying these Patch Tuesday updates in our useful infographic .

Key Testing Scenarios

Given the big variety of modifications on this July patch cycle, I’ve damaged down the testing eventualities into high-risk and standard-risk teams:

High Risk: These modifications are prone to embrace performance modifications, might deprecate current performance, and can probably require creating new testing plans.

Core printing performance has been up to date:

The core modifications relate to how Microsoft helps timestamp checking for kernel drivers, so testing purposes that require digitally signed binaries is vital for this cycle. The large change right here is that unsigned drivers shouldn’t load. This might trigger some utility points or compatibility issues. We suggest a scan of the appliance portfolio, figuring out all purposes that rely upon drivers (each signed and unsigned), and producing a take a look at plan that features set up, utility exercising, and uninstall. Having a comparability between pre- and post- patched machines can be useful, too.

The following modifications will not be documented as together with useful modifications, however will nonetheless require not less than “smoke testing” earlier than basic deployment:

And Curl. Specifically, CURL.EXE: — a command line software for sending recordsdata by way of HTTP protocols (therefore “consumer URL”) — has been up to date this month. Curl for Windows (the one that’s being up to date this month) is totally different from the Open Source venture curl. If you’re confused why the Curl venture workforce gives this, this is the reply:

“The curl software shipped with Windows is constructed by and dealt with by Microsoft. It is a separate construct that may have totally different options and capabilities enabled and disabled in comparison with the Windows builds provided by the curl venture. They do nonetheless construct curl from the identical supply code. If you’ve got issues with their curl model, report that to them. You can most likely assume that the curl packages from Microsoft will all the time lag behind the variations supplied by the curl venture itself.”

With that stated, we suggest groups that use the curl command (sourced from the Windows supported department) give their scripts a fast take a look at run. Microsoft has revealed a testing situation matrix that this month consists of:

Note: for every of those testing eventualities, a handbook shut-down, reboot and restart is usually recommended.

Known Issues

Each month, Microsoft features a record of recognized points that relate to the working system and platforms included on this replace cycle. For July, there are some advanced modifications to think about:

Major Revisions

This month, Microsoft has not formally revealed any main revisions or updates to earlier patches. There was a form of “sneaky” replace from the .NET group that actually ought to have been included within the formal Microsoft documentation replace course of. However, that replace was merely documented help for later variations of Visual Studio.

Mitigations and Workarounds

Microsoft revealed one key mitigation for a Windows community vulnerability:

Each month, we break down the replace cycle into product households (as outlined by Microsoft) with the next fundamental groupings:

Browsers

It simply retains getting higher. The downward development for Microsoft’s browser reported vulnerability continues to trace ever decrease with simply two (CVE-2022-2294 and CVE-2022-2295) Chromium updates for this July. Both updates solely have an effect on Edge (Chromium) and had been launched final week. Chrome ought to routinely replace, with our preliminary evaluation exhibiting that each updates may have marginal impression on browser compatibility. You can examine this replace on the Google Blog, with the technical particulars discovered on Git. Add these low-profile, low-risk updates to your commonplace browser launch schedule.

Windows

With simply 4 essential updates and 16 rated necessary this month, Microsoft is basically giving IT admins a little bit of a break. The 4 essential Windows replace for this launch cycle embrace:

All of those essential updates have been formally confirmed as mounted, with no reviews of public exploits on Windows desktop programs. The remaining 14 updates are rated necessary by Microsoft and have an effect on the next Windows programs and parts:

Unfortunately, Windows Server 2012 didn’t fare so effectively, with reviews of CVE-2022-22047 exploited within the wild. This Windows server vulnerability impacts the Client Server Run-Time subsystem (CRSS) which is the place all of the badly behaving consumer mode drivers hang around. If you’ve got any Windows Server 2012 below your care, this can be a “Patch Now” replace. Otherwise, add this very low-profile Windows replace to your commonplace launch schedule. And remember, Microsoft has delivered one other Windows 11 replace video; it is discovered right here .

Microsoft Office

Microsoft launched solely two (CVE-2022-33632 and CVE-2022-33633) updates to Microsoft Office this month. Both updates are rated necessary by Microsoft, and each require native, authenticated privileges to the goal system. Add these updates to your commonplace Office replace schedule.

Microsoft Exchange Server

It’s good that we get a break from Microsoft Exchange Server updates. Rather than merely resting, it might be value investing in your Exchange safety infrastructure. Microsoft has supplied some main enhancements on Exchange through the previous yr; listed here are just a few concepts on securing your Exchange Server:

All of those options and choices are predicated on utilizing not less than Office 2019 — one more reason Microsoft has strongly beneficial everybody transfer to Exchange Server 2019 not less than. The EM Service was final utilized in March 2021 to take care of a number of Microsoft Exchange vulnerabilities (CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858). These had been particular assaults on on-premise servers. It’s useful to know this service is there, however I’m glad it has not been required just lately.

Microsoft Development Platforms

As with Microsoft Exchange, Microsoft has not revealed any “new” safety updates to the Microsoft .NET platform or instruments this month. However, there was an issue with June’s .NET replace, which was addressed this month. This month’s .NET launch resolves the difficulty that some variations of .NET weren’t addressed by the earlier patch — that is simply an informational replace. If you’re utilizing Microsoft Windows replace infrastructure, no additional motion is required.

Adobe (actually simply Reader)

This is a giant replace from Adobe, with 15 updates rated as essential and 7 rated necessary, all only for Adobe Reader. The essential updates primarily relate to reminiscence points and will result in the train of arbitrary code on the unpatched system. You can learn extra concerning the Adobe bulletin (APSB22-32) and Adobe safety bulletins right here. Add this utility particular replace to your “Patch Now” launch.

Exit mobile version