Apparently we now have third Tuesday patching day

On November 18, 2014, in news, by susan

Out today is

1. a rerelease of MS14-066 to Server 2012 and Server 2008 R2 to fix a cipher problem that was causing performance issues with Access/SQL, problems with Amazon load balancers.

2. and out of band patch for Kerberos – critical to domain controllers and especially 2008R2 and lower.  Attacker would have to have credentials on the domain first in order to exploit and gain admin rights.

3.  A large Windows 8.1/server 2012 r2 update that (my understanding) is backporting some of the Windows 10 security enhancements back to Windows 8.1.  http://support.microsoft.com/kb/3000850

I would install number 1, wait on 2 and 3.

 

 

3 Responses to Apparently we now have third Tuesday patching day

  1. The Kerberos patch should probably be installed on domain controllers reasonably promptly, since there are known to be limited active attacks. And the MS14-066 fix should be installed on machines that are experiencing the known issues.

    Otherwise, they can all wait until next month’s patch Tuesday, IMO.

  2. JamesH says:

    I installed 3000850 on Win2012R2 in a test lab on ESXi. Installed fine, but then the server became unresponsive – instantly threw me out of RDP on login (I had disconnected to let it do its thing) and would not respond even via ESXi console. I then did a hard power off in ESXi and restarted it – subsequent boot and updating took a long time. In particular it sat at the Windows 2012 logo and spinning dots on boot up for quite a while. I thought it was going to be dead in the water, but it has come back fine now. Just my experience. I won’t be installing this in production for a little while.

  3. Johann Roitner says:

    Dear Susan,
    Thank you for Moving to Windows 8.1 — ready or not (Okt.30)
    I found a solution for KB3000061
    http://www.infoworld.com/article/2841918/microsoft-windows/microsoft-endorses-a-workaround-for-botched-windows-8-server-2012-patch-kb-3000061.html
    says that you should delete
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{e7ef96be-969f-414f-97d7-3ddb7b558ccc}]
    I can confirm – it works absolutely perfect.