this post was submitted on 11 Jul 2023
57 points (98.3% liked)
Sysadmin
7679 readers
23 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Starting my updates today (I typically wait a week to let other people be the test bed), I will update at the end tomorrow or the following day, especially if I run into any trouble.
More importantly though, there's two substantial changes in Windows Updates this month that you should be aware of if you are not already.
KB5020805 enters the next phase for patching CVE-2022-37967.
This month's patches do the following:
Between now and October is your last chance to look for anything broken by this change, after October 10th patches the ability to undo this change is removed completely.
For more details see: https://support.microsoft.com/en-us/topic/kb5020805-how-to-manage-kerberos-protocol-changes-related-to-cve-2022-37967-997e9acc-67c5-48e1-8d0d-190269bf4efb
KB5021130 enters final phase of patching for CVE-2022-38023
This month's patches are the final phase of mitigation for this issue. Last month it forced the on everyone, so hopefully you've seen and found anything broken, as this month removes the ability to turn this change off due to the following:
For more details see: https://support.microsoft.com/en-us/topic/kb5021130-how-to-manage-the-netlogon-protocol-changes-related-to-cve-2022-38023-46ea3067-3989-4d40-963c-680fd9e8ee25
Check your system logs for both of those KBs (event IDs to look for are outlined later in both articles) before patching.
Edit 1:
Just noticed that "CVE-2023-36884 - Office and Windows HTML Remote Code Execution Vulnerability" has additional remediation steps if you are not using Microsoft Defender for Office. More details and regkey included in this article: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884
Edit 2:
Finished updates last night with no issues. Basic environment overview: Mix of physical and VMs (split between Hyper-V and VMWare), mostly worked on Windows servers last night, 2012 R2 - 2019. Updated VMs and hosts (on both platforms). Everything seems to be humming along nicely.