Patching in Review – Week 46 of 2019
Brian Secrist
Against all odds, Microsoft gifted us with another relatively simple Patch Tuesday (aside from the surprise IE Zero Day CVE-2019-1429). Who knows what December will bring at this rate. Of course, Patch Tuesday wasn’t completely without issue with a few notable issues in the field, and not just from Microsoft!
As always, here are the quick links to stay up to date on any developing known issues:
- Windows 10 / Server 2019 / Server 2016
- Windows 8.1 / Server 2012 R2
- Server 2012
- Windows 7 / Server 2008 R2
- Server 2008
Patch Tuesday Follow-Up
While this isn’t directly related to an update, Google Chrome graced headlines this week with an experimental feature that’s frustrating administrators across the globe.
According to BleepingComputer, Google remotely enabled “WebContent Occlusion” across all v77 and v78 major versions on Patch Tuesday. This caused terminal server environments to be plagued by the aptly named “White Screen of Death”. After a flood of complaints to Google’s support forums, the change was reversed on Thursday. In the aftermath of this issue, enterprise administrators have raised extreme concerns around Google’s ability to modify Chrome configurations without any opt-in or blocking method available, so we will have to see what position Google takes from here.
Administrators have been reporting issues with Microsoft’s Malicious Software Removal Tool since Patch Tuesday, with installation failures across whole environments. This has been covered in depth by Woody on Windows and Born City where it appears the issue was around an improperly signed binary. It appears this has since been fixed, so refreshing the binary on your patching solution should resolve the issue.
Third-Party Updates
While the Microsoft updates have defined the week, other vendors have been releasing updates for their respective products. See the list below as these updates can still contain valuable security fixes.
|
Bulletin title |
Bulletin ID |
KB |
|
Adobe Acrobat DC and Acrobat Reader DC 19.021.20056 |
ARDC19-014 |
QADC1902120056 |
|
Adobe Flash Player 32.0.0.293 |
AFP32-00293 |
QAF3200293 |
|
DropBox 85.4.155 |
DROPBOX-125 |
QDROPBOX854155 |
|
GoodSync 10.10.12.2 |
GOODSYNC-134 |
QGS1010122 |
|
Google Backup and Sync 3.47.7654.0300 |
GSYNC-025 |
QGBS34776540300 |
|
Microsoft Power BI Desktop 2.75.5649.582 |
PBID-072 |
QBI2755649582 |
|
Nitro Pro 13.6.0.108 |
NITRO-029 |
QNITRO1360108 |
|
Nitro Pro Enterprise 13.6.0.108 |
NITROE-010 |
QNITROE1360108 |
|
NVivo 12.6.0.959 |
NVIVO-005 |
QNVIVO1260959 |
|
Opera 65.0.3467.38 |
OPERA-237 |
QOP650346738 |
|
Opera 65.0.3467.42 |
OPERA-238 |
QOP650346742 |
|
Paint.net 4.2.5 |
PDN-012 |
QPDN425 |
|
Plex Media Player 2.45.0 |
PLXP-048 |
QPLXP2450 |
|
Plex Media Server 1.18.1.2019 |
PLXS-050 |
QPLXS11812019 |
|
Plex Media Server 1.18.2.2029 |
PLXS-051 |
QPLXS11822029 |
|
RealVNC Viewer 6.19.1115 |
VNCV-003 |
QVNCV6191115 |
|
Skype 8.54.0.91 |
SKYPE-170 |
QSKY854091 |
|
Snagit 2020.0.1 |
SNAG-031 |
QSNAG2001 |
|
Thunderbird 68.2.2 |
TB19-6822 |
QTB6822 |
|
Visual Studio Code 1.40.0 |
MSNS19-1108-CODE |
QVSCODE1400 |
|
Visual Studio Code 1.40.1 |
MSNS19-1114-CODE |
QVSCODE1401 |
|
VMWare Horizon Client 5.2.0 |
VMWH-011 |
QVMWH5200 |
|
VMware Workstation 14.1.8 Pro |
VMWW-026 |
QVMWW1418 |
|
Zoom Outlook Plugin 4.8.5743.1107 |
ZOOMOUT-013 |
QZOOMO485743 |
