A troubled update to critical browser patches for October Patch Tuesday




It was all going so well. We had a few months of updates that both rapidly and readily addressed security issues without many problems. This October Patch Tuesday is an important but troubled patch release from Microsoft. We have a critical, out-of-band browser update (CVE-2019-1367) that has been widely reported as causing a number of deployment issues. Our advice this month is to wait, test and stage your patch deployments. The only good news here, is that we are not all rushing around trying to extinguish another “screaming-hair-on-fire” Adobe issue. We have outlined this month’s key issues in an infographic for this October Patch Tuesday, found here.

Known issues

This section addresses the known issues from the previous month’s patch cycle, as well as outstanding issues that may persist with older builds of Windows desktop and server platforms.

Last month’s update appeared to be generally problem free, but it appears that a few reported problems were sufficient for Microsoft to respond with an update to previous patches to resolve the following issues:

  • The Keyboard Lockdown Subsystem that may not filter key input correctly.
  • An issue that prevents netdom.exe from displaying the new ticket-granting ticket (TGT) delegation bit for the display or query mode.
  • The security bulletin CVE-2019-1318 that may cause client or server computers that don’t support Extended Master Secret (EMS) RFC 7627 to have increased connection latency and CPU utilization. This issue occurs while performing full Transport Layer Security (TLS) handshake from devices that don’t support EMS, especially on servers.
  • Applications and printer drivers that utilize the Windows JavaScript engine (jscript.dll) for processing print jobs may fail to behave as expected.

And, if you are on Windows 10 builds older than release 1803, then you may also have the following issue with this months’ October update:

  • Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform an operation on a CSV owner node from a process that doesn’t have administrator privilege.

Microsoft has published a handy guide to all known issues for this patch release here: Security update deployment information. In another shining endorsement of the success of Windows 10, Release 1903, there are currently no known (reported) issues with any of the current updates. All previous versions of Windows have issues with updates to both Internet Explorer (IE) and Microsoft Edge.

Major revisions

The following updates were made to existing patches over the past month (patch cycle):

Copyright © 2019 IDG Communications, Inc.






Software

Leave a Reply

Your email address will not be published.