Silicon Shecky

Ahh yes, the second Tuesday of the month and Microsoft releases patches. This month is a big month for it again with 10 patches, 6 of them marked as critical. So what do we have patched this time?

1) Active Directory. It seems that there are holes in Active Directory’s security that can allow remote code execution. Definitely do some testing on this patch, but try to roll it out as quickly as possible. This does affect 2000, 2003, and XP

2) Print Spooler. A patch that closes up 3 vulnerabilities that could allow remote code execution. Another one that should be rolled out as quickly as possible. I have not heard of code in the wild on this, but you know how quickly people will jump on such a critical system hole.

3) Internet Explorer. Big surprise here as IE seems to get a patch at least every other month. Considering that Microsoft was able to compromise Firefox’s security with a .Net add on for it, the holes in IE need to get patched up as quickly as possible.

4) Word, Excell, Works. I hope you aren’t using Works, but with Word and Excel, test these and then deploy, even though they are marked as critical.

Those are the Critical’s as decided by Microsoft. Interestingly the Direct X vulnerability, which does have code exploiting it in the wild, has no patch whatsoever, and no sign that Microsoft is going to patch that hole anytime soon. Again a concern where Microsoft is concerned, but not surprising considering the amount of resources working on Windows 7, and the amount of reported vulnerabilities Microsoft must receive every month. More information on the Microsoft patches can be found here.

Also, Adobe released a patch to address a number of vulnerabilities that have been found in its Acrobat Reader. Information on that can be found here.

Yep, a busy Patch Tuesday, so go get them, test em, and deploy em. And if you find a problem with any of the patches, or caused by them, let me know.

So, in the midst of not writing too much this week, I’ve had a lot of headaches. Headaches that you can avoid.

Headache number one. Always do a daily check of backups. Make sure that everything including SQL databases are being backed up properly. If they aren’t, find a way to remedy that.

Headache number two, SQL 2005. Yes SQL works nicely, but when you have people who insist on using the Eval version past its 120 period, upgrading them to the full version is a pain. One that Microsoft can fix by not forcing an uninstall of the eval and install of the full version. Oh and double check all backups before you do the uninstall.

Headache number three, Windows updates and Symantec Endpoint. I have hit this one a few times this week, where Windows Update goes into a weird connection and install loop for a patch and can’t install it so keeps retrying to the point that Symantec Endpoint 11 things the server is under a DoS attack. Course this eventually led to other issues that required a reboot of the servers in question, so they worked properly again. Well two of them did, the third one led to…

Headache number 4, ease of finding information from Microsoft. Yes, Technet, and Google are nice items, but when one puts in a search about corrupted exchange log E00, you would think that you would get all the info or at least KB articles that offer solutions for it. This is not the case. It took about 100 different search strings along the exact same parameter, with a small change here, small change there to words or order, to finally find the missing step to bring back up a clients exchange information stores.

Yeah, its been a busy week, but at least there are lessons to be learned. The biggest one is that Microsoft is painful.

Days after the Windows 7 Release Candidate becomes available, Microsoft has to send out a critical patch. Now it only affects the 32 bit version, and honestly, I think that Microsoft is stupid to make a 32 bit version. All the processors on new machines can support 64 bit, so why not use it.

Anyway, the issue comes in with how ACL lists are handled. You can read more about it here.

Also, on Windows 7 RC patches, in the next week there will be a bunch of fake patches sent out by Microsoft that do nothing. Well, nothing but test the updating system, which is somewhat important. Make sure to use these for testing the system.