1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft moves to patch this potentially serious security flaw

    From TechnologyDaily@1337:1/100 to All on Wed Oct 19 00:15:04 2022
    Microsoft moves to patch this potentially serious security flaw

    Date:
    Tue, 18 Oct 2022 23:00:53 +0000

    Description:
    A fix was released for a flaw plaguing numerous versions of Windows and Windows Server.

    FULL STORY ======================================================================

    Microsoft has fixed a bug plaguing multiple versions of Windows and Windows Server that's triggering SSL/TLS handshake failures.

    Those experiencing the flaw see a SEC_E_ILLEGAL_MESSAGE notification pop up
    in applications that try to connect to servers.

    "We address an issue that might affect some types of Secure Sockets Layer (SSL) and Transport Layer Security ( TLS ) connections. These connections might have handshake failures," Microsoft said in an announcement . Multiple versions affected

    The affected versions include Windows 11 22H2; Windows 11 21H2; Windows 10 21H2; Windows 10 21H1; Windows 10 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows
    8.1; and Windows 7 SP1.

    For servers , affected versions include Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; and Windows Server 2008 R2 SP1.

    This is an out-of-band update, meaning it wont be automatically deployed via Windows Update, Windows Update for Business, or Windows Server Update
    Services (WSUS).

    Instead, users interested in picking the update up need to head over to the Microsoft Update Catalog and manually add them either into the Microsoft Endpoint Configuration Manager, or Windows Server Update Services (WSUS).
    Read more

    These are the best dedicated server hosting providers out there

    Windows 10 failing to launch into apps? This hotfix should sort it


    Microsoft pushes out emergency fix for Windows Server mess

    Microsoft is no stranger to out-of-band updates. Last time we had such an update was in May 2022, when the company fixed a problem that prevented applications downloaded from the Windows Store from properly running on endpoints .

    However, BleepingComputer discovered that after installing the patch, the Cluster Service might fail to start. In this case, this happens because an update to the PnP class drivers used by the service removed a Cluster Network Driver.

    The fix is still in the works for Windows 10 2016 LTSB, Windows Server 2016, and Windows 10 2015 LTSB. These are the best patch management tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsoft-moves-to-patch-this-potentially-serio us-security-flaw/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)