Patch Tuesday in December rarely brings anything valuable – everyone is on vacation or wants to be on vacation – and this month is no exception. We have received patches for 36 separately identified vulnerabilities and two new hints that are full of sound and anger but cover very little.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that takes advantage of the vulnerability and takes control of an affected system.
Microsoft then gives the hole an “important” rating of severity, a big step below the “critical” rating de rigeur. Short version: Although you have to patch sooner or later, you don’t have to worry about security vulnerabilities at the moment.
The return of autopilot
Do you remember October when Microsoft mysteriously released an autopilot patch, a little-known app that companies can use to set up new planes? I wrote about it in “Microsoft is pushing, then tearing, rogue security patch KB 4523786, supposedly for autopilot. ”
Looks like the cows are out of the barn again. Microsoft yesterday released KB 4532441, the latest “Cumulative Update for Autopilot in Windows 10, Versions 1903 and 1909: December 10, 2019”. Once again, many people saw that the patch was being offered to them (although this time it apparently only went to pro customers from 1903 and 1909). The patch was offered again even after it was properly installed. Then Microsoft tore the patch again updated the KB article say:
This update was available through Windows Update. However, we removed it because it was offered incorrectly. When an organization registers or configures a device for Windows Autopilot deployment, the device setup automatically updates Windows Autopilot to the latest version.
Note There is no impact that Windows Autopilot will be offered to Windows 10 devices. If you were offered this update and you are not using Autopilot, installing this update will not affect you. The Windows Autopilot update should not be offered to Windows 10 Home.
Those who cannot remember the past are doomed to repeat it.
Weird and different stains
In addition to the usual laundry list with patches, we also saw:
A new B? like software removal tool. People who downloaded the patches ahead of time may have missed them because MS didn’t push them until a few hours after the first patch payload.
Updates for .Net framework 3.5.x, 4.6.x, 4.7.x, 4.8 and more. Dozens of them. Martin Brinkmann has the full list on ghacks.net.
There are new Servicing Stack updates for Server 2008 and Server 2012 with manual download links as usual in ADV990001. If you know nothing about waiting for stack updates, don’t sweat.
Nag the easy-to-dismiss Win7 End of Life
The monthly rollup for Windows 7 / Server 2008 R2 in December offers a full-screen error when upgrading to Windows 10, which will appear from January 15th Microsoft says::
IMPORTANT Starting January 15, 2020, a full-screen notification will appear that describes the risk of continuing to use Windows 7 Service Pack 1 after the support expires on January 14, 2020. The notification stays on the screen until you interact with it. This notification appears only in the following editions of Windows 7 Service Pack 1:
Note The notification does not appear on domain-connected computers or kiosk mode computers.
The security-only patch KB 4530692 contains the Nag, which is contained in the program EOSNotify.exe. Apparently the nag appears only once, takes up the entire screen and never returns after being released. You will be awarded if you remember similar promises made during the Get Windows 10 GWX campaign.
For those of you who can’t bother to close the Nag screen (or fear it won’t go away as easily as Microsoft says), you can set this registry key:
HKEY_LOCAL_MACHINE Software Microsoft Windows CurrentVersion EOSNotify
To have the value “DiscontinueEOS” = dword: 00000001
We will deal with this grumbler and its aftermath in detail when details unfold. Remember that more than a quarter of all Windows users work on Win7.