Saturday , 23 September 2017
Home >> S >> Security >> Tiptoe by a bugs and get Windows and Office updated

Tiptoe by a bugs and get Windows and Office updated

The fourth Tuesday of a month has come and gone, and it now looks pretty protected to patch Windows and Office. we was awaiting dual large releases yesterday—one to repair countless bugs in Win10 Creators Update, chronicle 1703; a other to retard a bugs introduced by June’s Office confidence patches—but conjunction trove appeared. Given Microsoft’s past patterns, it’s doubtful that we’ll see any some-more critical rags until subsequent month’s Patch Tuesday, on Aug. 8.

There’s also a bit of additional procedure right now. On Jul 17, confidence researcher Haifei published a explanation of concept for regulating malware scripts directly in Office apps. we haven’t seen any exploits in a furious as yet, though it would be a good thought to implement KB 3213640 (Office 2007), KB 3213624 (Office 2010), KB 3213555 (Office 2013) and/or KB 3213545 (Office 2016) in a brief term. (Thx to @LeaningTowardsLinux.) Note that nothing of these patches, as best as we can tell, scold a Office bugs introduced in June.

July was a quite cryptic month for Windows and Office patches. At this moment, we see a following superb problems — nothing of that are overwhelming, though all of that competence infer to be a pain to you, depending on your settlement and expectations:

  • The Jun bugs introduced by inadequate Office confidence rags still aren’t fixed. Those of we regulating Outlook to open attachments or run tradition macros competence confront problems. The easiest solution, of course, is to equivocate Outlook. I’ve seen no acknowledgment that regulating Jul rags will impact a Jun patches, that have seemed and left in an indeterminate pattern.
  • The Jul rags reset Internet Explorer so it can imitation inside iFrames, though in so doing they reintroduce a CVE-2017-8529 confidence vulnerability. That’s a large understanding if your association relies on IE to imitation customized pages, though a easiest resolution is to usually equivocate IE. If we use Chrome or Firefox and couldn’t caring reduction about IE’s problems, we competence wish to wade by a considerable disaster documented here and equivocate installing rags that repair IE though leave we exposed.
  • KB 4025331 for Server 2012 and KB 4025336 for Server 2012 R2 break customer connections in WSUS and SCCM. Both need a primer registry pivotal change to capacitate a repair for CVE-2017-8563.

On a brighter side, a Surface Pro 4/Surface Book firmware/driver refurbish difficulties we talked about dual days ago didn’t spin into vital problems. Microsoft has supposing a documentation, during last, and it looks like a motorist refurbish is good to go.

==[ Click Here 1X ] [ Close ]==