Patch tuesday in December

Patch tuesday in December

December’s Patch Tuesday

December’s Patch Tuesday included patches for 84 vulnerabilities. The obvious center of attention among vulnerability and patch experts has been the huge global news on Apache Log4j2.

Products, components, and roles with vulnerabilities

  • Apache Log4j2
  • Apps
  • NET Core & Visual Studio
  • Azure Bot Framework SDK
  • BizTalk ESB Toolkit
  • Internet Storage Name Service
  • Microsoft Defender for IoT
  • Microsoft Devices
  • Microsoft Edge (Chromium-based)
  • Microsoft Local Security Authority Server (lsasrv)
  • Microsoft Message Queuing
  • Microsoft Office
  • Microsoft Office Access
  • Microsoft Office Excel
  • Microsoft Office SharePoint
  • Microsoft PowerShell
  • Microsoft Windows Codecs Library
  • Office Developer Platform
  • Remote Desktop Client
  • Role: Windows Fax Service
  • Role: Windows Hyper-V
  • Visual Studio Code
  • Visual Studio Code – WSL Extension
  • Windows Common Log File System Driver
  • Windows Digital TV Tuner
  • Windows DirectX
  • Windows Encrypting File System (EFS)
  • Windows Event Tracing
  • Windows Installer
  • Windows Kernel
  • Windows Media
  • Windows Mobile Device Management
  • Windows NTFS
  • Windows Print Spooler Components
  • Windows Remote Access Connection Manager
  • Windows Storage
  • Windows Storage Spaces Controller
  • Windows SymCrypt
  • Windows TCP/IP
  • Windows Update Stack

Microsoft released the patch for one zero-day vulnerability. In addition, six vulnerabilities were publicly disclosed.

Key points

CVE-2021-44228, also known as Apache Log4j vulnerability, has been the hot topic of last couple of days. At the moment the consensus seems to be the that the only Microsoft product affected is Minecraft: Java Edition. This does not mean your organization is protected, even though the vulnerability couldn’t be directly exploited on your devices. Now is an excellent moment to comb through all the services, devices, servers, IoT devices, and anything else that comes to mind. You can find a long list of affected products on GitHub:

You should also follow National Cyber Security Centre’s guidance on the subject.

Vulnerabilities in Microsoft products

Let’s start with the publicly disclosed vulnerabilities: , , , ,  and . From the listed vulnerabilities,  is also a zero-day vulnerability.

Prioritize these patches if possible:

Active and known issues in Windows operating systems

Operating System Active known issues (previous month)
Windows 11, version 21H2 0 (1)
Windows 10, version 21H1 and Windows Server, version 21H1 2 (4)
Windows 10, version 20H2 and Windows Server, version 20H2 2 (4)
Windows 10, version 2004 and Windows Server, version 2004 2 (4)
Windows 10, versions 1909** and 1903** and Windows Server, version 1903** 0 (1) Support has partially ended for Windows 10 versions 1903 and 1909.
Windows 10, version 1809** and Windows Server 2019 3 (3) Support has ended for Windows 10 version 1803.
Windows 10, version 1803** Support has ended.
Windows 10, version 1709*** and Windows Server, version 1709 Support has ended.
Windows 10, version 1703*** Support has ended.
Windows 10, version 1607 LTSC*** and Windows Server 20162 1 (1)
Windows 8.1**** and Windows Server 2012 R2 1 (2)
Windows Server 2012 1
Windows 7**** and Windows Server 2008 R2 SP1 2
  • * 1909 has the same operating system core and identical system files as its predecessor, 1903.
  • ** The support for Windows 10’s build in question has ended for versions Home, Pro, and Enterprise.
  • *** The support for Windows 10’s build in question has ended for all versions.
  • **** The Mainstream support period for the Windows version has ended. Extended support periods end: For Windows 8.1, on Jan 10th 2023, and for Windows 7, on Jan 14th 2020.

Recommended actions

The critical, zero-day, and publicly disclosed vulnerabilities mentioned in the beginning should be patched as soon as possible. However, Centero recommends testing the updates carefully before migrating them into production. In addition, you should go through any known issues before deploying the updates.

Organizations should make sure their devices have one of the three most recent Windows 10 property versions (21H1, 20H2, or 2004), making sure the devices are still getting their monthly security patches. In the future, it’s important to also make sure the Windows 11 feature updates are among the supported updates.

Microsoft’s documentation on the subject

Microsoft maintains a list of Windows updates and their known issues on the following pages. You can find additional information on Windows-versions’ lifecycle behind the last link.

The post Patch tuesday in December appeared first on Centero Software Manager.

This content was originally published here.

Laat een reactie achter

Het e-mailadres wordt niet gepubliceerd.