The simplest Fix for the Latest Security Vulnerabilities in Windows

Microsoft has recently acknowledged two zero-day vulnerabilities in Windows, confirming that it’s aware of attacks happening in the wild already.

Specifically, the font parsing remote code execution bugs in Windows come from the Adobe Type Manager Library, which Microsoft uses to render fonts in the operating system.

“Two remote code execution vulnerabilities exist in Microsoft Windows once the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format,” Microsoft says.

Despite attacks already happening in the wild, there’s no rush to patch the flaws, it seems, and Microsoft says a fix will probably land next month. What this means is we might need to hold back until April 14 when the next Patch Tuesday updates go live officially for all Windows users.

“Microsoft understands this vulnerability and working on the fix. Updates that address security vulnerabilities in Microsoft software are usually released on Update Tuesday, the second Tuesday of each month. This predictable schedule allows for partner quality assurance also it planning, which helps maintain the Windows ecosystem as a reliable, secure choice for our customers,” Microsoft says.

There are several methods to exploit the vulnerability, and something of these is opening a crafted document specifically created to make use of the bug within the Windows Explorer preview pane.

So technically, the workaround is dependant on this: disabling the preview pane and also the details pane in File Explorer.

This workaround pertains to all Windows versions, as File Explorer is offered as the pre-loaded file manager within the operating system. The steps, however, really are a quite different with respect to the version of Windows that you simply run on the unit.

Windows 10, Windows Server 2016, Windows Server 2019

Open File Explorer on the tool and then follow these steps:

View tab > Clear Details pane + Preview Pane > Options > Change folder and search options > View > Advanced settings > Always show icons, never thumbnails

At this point, the preview ought to be disabled, so you need to relaunch File Explorer in order to save your settings.

Windows 8.1, Windows 7, older Windows Server versions

Nearly exactly the same steps work because well, having a small difference:

File Explorer > Organize > Layout > Clear Details pane + Preview pane > Organize > Folder and check options > View > Advanced settings > Always show icons, never thumbnails

What you ought to do know is when you make these changes, File Explorer won’t display OTF fonts automatically, to want to reset these steps when a patch is published. To do this, just follow the aforementioned steps and uncheck the last option.

“Disabling the Preview and Details panes in Windows Explorer prevents the automated display of OTF fonts in Windows Explorer. Although this prevents malicious files from being viewed in Windows Explorer, it does not prevent a local, authenticated user from managing a specially crafted program to exploit this vulnerability,” Microsoft explains.

The next Patch Tuesday, due on April 14, will likely resolve the vulnerabilities within the supported Windows versions. This is actually the most essential thing, as despite Windows 7 also being vulnerable, it’s no longer getting updates, therefore it’ll remain open to attacks.

Windows 7 reached no more support in January this season, so users still running it are recommended to switch to Windows 10 for security reasons. All Windows 10 versions can get cumulative updates around the next Patch Tuesday, albeit only the newest are supported for home users.

Windows 10 Build 18362.207 Offline Installers Available, Download Now

Microsoft just released Windows 10 Build 18362.207 using the update KB4501375 update. The update earns lots of fixes and improvements. You’ll find the KB4501375 update direct download links below.

Among other improvements, the KB4501375 update mainly fixes issues with Windows Night Light feature. In the event you don’t the most recent May 2019 update broke the night time Light feature and caused it to not focus on most systems.

Download KB4501375 Offline Installer

For those regular Windows update, Microsoft provides offline installers through the Microsoft update catalog website.

Below are the official direct download links for KB4501375 update. Simply click around the download link based on your system architecture and the download will begin immediately. Once downloaded, you are able to do the installation like every other Windows software. i.e, double-click on the installer and stick to the on-screen instructions.

For simplicity of use, I’ve included as well the Windows 10 update size for both 32-bit and 64-bit installers.

KB4501375 x86 (32-bit) offline installer (download size: 98.5 MB)
KB4501375 x64 (64-bit) offline installer (download size: 218.8 MB)

If you want KB4501375 download links for Windows Server or ARM64 based systems, go to the Microsoft update catalog website to find the appropriate links. All you have to do is click the Download button near the appropriate version.

After install the KB4501375 update, the Windows 10 version number will jump to 18362.207.

KB4501375 Change Log

Addresses an issue that fails to display the cursor whenever you hover over the keyboard magnifier.
Addresses an issue with looping redirects between Microsoft Edge and Ie 11.
Addresses an issue with Scalable Vector Graphics (SVG) marker display.
Addresses an issue with programmatic scrolling in Internet Explorer 11.
Addresses an issue with displaying portions of a website which has many elements and multiple nesting levels under certain conditions in Internet Explorer.
Addresses an issue that could cause “Error 1309” while installing or uninstalling certain kinds of .msi or .msp files on the virtual drive.
Addresses an issue that may cause Night light, Color Management profiles, or gamma correction to prevent working after closing a tool.
Addresses an element that only shows grey scale in the camera during Windows Hello enrollment.
Addresses an element that could cause playback of some video content generated by iOS devices to fail.
Addresses a desktop and taskbar flickering issue on Windows Server 2019 Terminal Server that occurs when using User Profile Disks.
Addresses an issue that allows users to disable the sign-in background image when the “Computer\Administrative Templates\Control Panel\Personalization\Prevent changing lock screen and logon image” policy is enabled.
Addresses a disconnection issue when using fitness software with an Android phone that has the Your Phone application installed.
Addresses an issue that prevents the Windows Event Log service from processing notifications the log is full. This will make event log behaviors, for example archiving the log if this reaches a maximum file size, impossible. Additionally, the Local Security Authority (LSA) cannot handle CrashOnAuditFail scenarios once the Security log is full, and events cannot be written.
Addresses an element that causes Office 365 applications to stop working after opening when they’re deployed as App-V packages.
Addresses an element that prevents Container Hosts from receiving an address from the Dynamic Host Configuration Protocol (DHCP) server.
Addresses an element that prevents some upgrades from Windows 7 from completing successfully when third-party antivirus software is installed.
Reinforces the Certificate Revocation List (CRL) on Internet Key Exchange version 2 (IKEv2) machines for certificate-based virtual private network (VPN) connections, for example Device Tunnel, within an Always On VPN deployment.
Addresses an element that triggers a Group Policy update even when there aren’t any changes to our policy. This problem occurs when using the client-side extension (CSE) for folder redirection.
Addresses an element that prevents the Preboot Execution Environment (PXE) from starting a tool from the Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection towards the WDS server to terminate prematurely while downloading the look. This issue does not affect clients or devices that aren’t using Variable Window Extension.
Addresses an issue that may display the mistake, “MMC has detected an error inside a snap-in and will unload it.” whenever you try to expand, view, or create Custom Views in Event Viewer. Additionally, the applying may stop responding or close. You may even get the same error when using Filter Current Log in the Action menu with built-in views or logs.
Addresses a problem with WinHTTP registrations that boost the registry size and delay the operating system’s startup. This happens on devices that use proxy auto-config (PAC) files to define how web browsers and agents select a suitable proxy server. To prevent the incremental growth of the registry, update the following:
Path: HKEY_CURRENTUSER\”Software\Classes\Localettings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings”
Setting: CleanupLeakedContainerRegistrations
Type: DWORD
Value: 1
A value of 1 removes preexisting registrations; something of 0 (default) retains existing registrations.

That’s it.

Quadro Graphics Driver 430.86 Made Available by NVIDIA – Download Now

NVIDIA has made available a new version of its Quadro Graphics driver, namely 442.50 (Release 440 U6), which implements Solidworks RX to application profiles, in addition to additional security updates for driver components.

In addition to that, the present update removes bugs that caused Sony Catalyst to hold when using OpenCL/ OpenGL interoperability, fixes the Colorfront illegal address error seen when accessing pinned memory, and resolves vertical sync option in 3dexperience 2020x.

When it comes to compatibility, the producer provides 2 downloadable packages directed at the 64-bit variants of Microsoft’s Windows 10 os’s, either desktop or notebook configurations (one of the files is perfect for DCH configurations).

Moreover, NVIDIA has also made available 2 executables produced for desktops only, which users can install on Windows Server 2012 R2 (64-bit), Windows Server 2016, and Windows Server 2019 platforms.

With this thought, if you plan to use this package, just save the proper one for your device, run it, wait because the wizard extracts all files necessary for cellular phone, and follow all instructions displayed for a complete upgrade.

Last but not least, once completed, it would be a good idea to perform a system reboot to allow all changes to consider effect properly. If the task is not requested automatically by the wizard, be sure to carry it out manually to avoid any unwanted problems.

In other words, download NVIDIA Quadro Graphics Driver 442.50, put it on the body and relish the changes this latest version leads to. Also, check our website frequently to stay up to speed using the latest releases.

Microsoft Confirms New Bug in Windows 10 Cumulative Updates KB4503293, KB4503327

Microsoft just confirmed a new issue created by the June 11 cumulative updates for a series of Windows 10 versions.

The software giant says that installing these cumulative updates could cause devices using PXE from a WDS or SCCM server to neglect to start.

However, please note that this issue has no effect on consumer editions of Windows 10, but only server SKUs, as you can find in the table below. Microsoft explains the following:

“Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to begin with the mistake “Status: 0xc0000001, Info: A required device isn’t connected or can not be accessed” after installing [June 11 cumulative updates] on the WDS server.”

Workaround already available

The affected Windows 10 versions are the ones listed below:
Windows Server 2008 SP2
Windows Server 2008 R2 SP1
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server, version 1803
Windows Server 2019
Windows Server, version 1809
Windows Server, version 1903

Microsoft says a workaround already exists, and users can mitigate the issue on a SCCM server by checking when the Variable Window Extension is enable and setting the values of TFTP block size to 4096 and TFTP window size to 1.

“Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may want to adjust them for the setup. You can also try the Enable a PXE responder without Windows Deployment Service setting,” Microsoft adds.

The organization also explains that it’s already working on a treatment for this issue, which is projected to be included “in a future release.” No further specifics have been provided on when the fix should really land.

Microsoft Says the Latest Windows 10 Cumulative Updates Break Down Its Browser

Microsoft has just acknowledged a new trouble in the latest cumulative updates for Windows 10, explaining that setting them up could break down Ie.

Specifically, Redmond says that these updates allow it to be impossible to launch the browser when the default search provider is not set or perhaps is malformed.

The bug exists in the May cumulative updates, meaning all users whose devices are up-to-date are susceptible to the error preventing Internet Explorer from running.

Obviously, the easiest workaround with this concern is to set the default search provider, or for users who’re ready for the most hardcore solution, to get rid of the cumulative updates altogether.

Microsoft says it’s already focusing on a resolution, and it expects this fix to go live for Windows 10 devices in mid-June. In other words, there’s an opportunity Microsoft delays for the June Patch Tuesday rollout to resolve the bug. This month, Patch Tuesday updates are projected to be released on June 11.

“Affected Windows 10 versions”

The affected platforms and cumulative updates would be the following:
Windows 10, version 1809 – KB4497934
Windows 10 Enterprise LTSC 2019
Windows 10, version 1803 – KB4499183
Windows 10, version 1709 – KB4499147
Windows 10, version 1703 – KB4499162
Windows 10 Enterprise LTSC 2016
Windows 10, version 1607 – KB4499177

Additionally, Windows Server 2016 and Windows Server 2019 users will probably encounter the same bug too.

Microsoft recommends against using Internet Explorer as the primary browser, and the company says Windows 10 users should change to Edge for navigating the net. Internet Explorer remains offered in Windows 10 for compatibility purposes, as it’s the browser that many enterprises use for his or her internal apps and services.

Meanwhile, Microsoft is working on a revamped version of Microsoft Edge that makes the switch from EdgeHTML to Chromium because the powering engine. This browser will even have an Internet Explorer way of compatibility reasons.

Manage Azure Virtual Machines Using Windows Admin Center

Since Windows Server 2019 is usually available, it seems like a good time to begin using Windows Admin Center (WAC) because the default management tool. WAC is really a web-based tool for managing local or remote servers using a gateway that utilizes PowerShell Remoting and Windows Management Instrumentation (WMI) over WinRM. And while Windows Server 2019 still includes Server Manager, Windows Admin Center is where Microsoft is now investing its efforts.

In this article, I’m going to demonstrate how to manage Windows Server 2019 running in an Azure VM. I’ll make use of a WAC gateway installed on my Windows 10 PC. This requires the VM you want to have the ability to possess a public Ip and you need to make the necessary management ports available over the Internet. Naturally, this isn’t the most secure option, but it is a quick way to start managing Windows Server. In case your VM doesn’t have a public Ip or you desire a safer method to manage your cloud servers, you’ll have to install a WAC gateway on an Azure VM and/or connect the local network towards the Azure VNet using ExpressRoute, Site-to-Site VPN, or Point-to-Site. But that’s past the scope of this article.

Configure Windows Firewall for Inbound WinRM

Let’s begin by configuring Windows Firewall to permit an inbound connection for WinRM.

Start the Windows Server 2019 Azure VM that you would like to handle while using Azure management portal.
Log in to the Windows Server 2019 virtual machine that you want to manage using Remote Desktop by clicking Connect on the Overview screen for the VM in the management portal.
In Windows Server, open a Windows PowerShell window with admin privileges.

Note that the Windows Server 2019 Azure marketplace image has WinRM enabled automatically. If you wish to manage another supported version of Windows Server, you may want to manually run winrm quickconfig within an elevated command prompt to allow WinRM.

Run the Set-NetFirewallRule cmdlet as shown below to allow inbound WinRM access with the Windows Firewall.

PowerShell
1 Set-NetFirewallRule -Name WINRM-HTTP-In-TCP-PUBLIC -RemoteAddress Any

Configure Azure Networking to Allow Inbound WinRM

Before we are able to connect WAC to Windows Server, we also have to configure Azure networking to permit inbound WinRM connections.

Select your VM in the Virtual Machines portion of the Azure management portal.
On the VM’s page within the portal, click Networking under Settings.
Make sure that Inbound port rules is chosen and then click Add inbound port rule.
On the Add inbound security rule pane, type 5985 in the Destination port ranges
In the Name field, type Port_5985.
Click Add.

The brand new rule will now come in their email list of inbound rules.
Connect to Windows Server using WAC

Now all that’s left to complete is test whether I can connect to the server using WAC. I’ve already installed a WAC gateway on my Windows 10 PC. For additional info on installing a WAC gateway, check out Getting Started with the Windows Admin Center on Petri.

Connect for your WAC gateway from the supported browser.
On the All Connections screen, click + Add. Should you don’t see the All Connections screen, click Windows Admin Center within the top left corner.
In the Add Connections pane, click Add Server Connection.
In the Server name box, type the public Ip or DNS name of the server you want to manage.
If you use an IP address, select Don’t attempt to resolve the server name. You will get the Ip or DNS name from the VM around the Overview pane in the Azure management portal. If you haven’t assigned the VM a static Ip, don’t forget that the Ip will probably change every time the VM begins.

You may get an error message stating that the bond cannot be verified. This really is normal if you’re connecting to the VM the very first time and you can safely neglected.

Click Submit.
The server will now come in their email list of connections. Click the box to the left of the listing to pick it after which click Manage As.
On the Specify your credentials pane, click Use another account for this connection, enter webmaster user name and password for the Windows Server VM, and click Continue.
Select the server again within the list of connections after which click Connect.
You’ll be taken to the Server Manager screen for the remote server.

Microsoft is updating WAC on a regular basis, so it’s worth coming back to it often to check out what is new.

Microsoft Resumes Rerelease of Windows 10 Version 1809

Microsoft on Wednesday once more resumed its general rollout of the Windows 10 version 1809 upgrade, also referred to as the “October 2018 Update.”

In addition to this Windows 10 rerelease, upgrades to Windows Server 2019 and Windows Server version 1809 (the “semiannual channel” form of the merchandise) were resumed on Wednesday, too, based on information added to the “Windows 10 and Windows Server 2019 Update History” page. This history page now includes more descriptive details about Microsoft’s OS releases, including when Microsoft may be blocking a release due to software flaws, bad drivers or application incompatibility issues.

Wednesday’s rollout constitutes the 2nd rerelease of Windows 10 version 1809. Microsoft first released it on Oct. 2. Later, Microsoft pulled that release due to loss of data issues, after which rereleased it on Nov. 13.

Microsoft is now resuming Windows 10 version 1809 releases in “phased rollouts,” and the new OS also will arrive to “seekers.” A so-called seeker is somebody that simply uses the “Check for Updates” capability that’s included in Windows interface, that will trigger a computerized download of the new OS, even if it’s unwanted.

Even though Jan. 16 is easily the most current release date of Windows 10 version 1809, organizations utilizing it will still have their update cycle clocks tuned by Microsoft towards the previous Nov. 13 release date, Microsoft previously explained. It’s an important planning detail for organizations, since Windows 10 must be upgraded after either 18 months or 30 months, with respect to the Windows edition used and if the release was a fall channel release or otherwise.

Based on the history page, there are still blocks in place for Windows 10 version 1809 for some systems, namely systems that have the next dependencies:

Intel display drivers versions 24.20.100.6344 and 24.20.100.6345.
F5 VPN clients which use a split-tunnel configuration.
Trend Micro’s OfficeScan and Worry-Free Business Security software.
AMD Radeon HD2000 and HD4000 series graphics processing units.

Those blocks remained as in effect from in December. Microsoft uses its “telemetry” data gathered from systems to evaluate whether or not they will be ready to get a new Windows OS upgrade or otherwise. Blocks get set when potential upgrade troubles are detected.

Woody Leonhard, a longtime Windows patch observer and Computerworld writer, advised caution in a article about permitting Windows 10 version 1809 upgrades to happen, even though Microsoft has spent about three months addressing its problems. Consumer users of the Home edition, though, do not possess easy options to block its arrival.

After problems with the discharge of Windows 10 version 1809 became apparent in November, Microsoft had announced intends to be more transparent about Windows 10 servicing and quality issues. A brief history page now seems to serve that function.

Microsoft has added a hyperlink within the history page to obtain feeds, which may be utilized in RSS readers to determine when this page gets updated. Clicking that link leads to this page, which provides the user an option to obtain the feed in either Atom or RSS formats. At press time, though, the Feed option for Windows 10 didn’t have any effect, so it’s apparently a piece happening.

US-CERT Alerts of Protection Defects within Windows

The United States Computer Crisis Readiness Group (US-CERT) offers released a good advisory on weaknesses impacting Microsoft Windows and Windows Server.

The organization states “a remote assailant might take advantage of these weaknesses to consider control of an impacted system.”

The said vulnerabilities happen to be fixed through Microsoft as part of the Dec 2018 Area Tuesday cycle, and the organization provides more details within CVE-2018-8611 as well as CVE-2018-8626 advisories.

First and foremost, CVE-2018-8611 is a Windows kernel height associated with opportunity which impacts just about all supported Windows customer as well as server variations, such as Windows 10 as well as Windows Server 2019.

“An height of opportunity weakness exists when the Windows kernel does not properly manage objects within storage. An attacker who successfully used this particular weakness might run arbitrary signal within kernel setting. An attacker could then set up applications; view, change, or remove data; or produce new company accounts along with full user rights,” Microsoft explains.

A successful attack requires a malicious acting professional to log on somewhere and then run a crafted software that would supply complete control over the affected machine. Microsoft states the actual flaw was already exploited, but given it wasn‘t openly revealed, the outcome has been significantly reduced.
“Patches accessible now”

In the case of CVE-2018-8626, Microsoft is actually resolving a Windows DNS server pile flood vulnerability that only exists in Windows 10, Windows Server Next year R2, Windows Server 2016, as well as Windows Server 2019.

“A distant code delivery weakness exists in Windows Domain Name Program (DNS) servers once they fail to correctly manage demands. An assailant who successfully used the weakness might run arbitrary signal in the context of the Local Program Account. Windows servers that are set up because DNS machines are in risk from this vulnerability,” Microsoft states.

The actual attack relies on malicious demands that are delivered to a Windows DNS server actually without authentication.

Patches for the two weaknesses can be downloaded at this time through Windows Revise on just about all backed Windows versions.

Microsoft issues another emergency Windows patch to adjust critical security bug

Software makers face a scary challenge with each product they have. It’s a bet on cat and mouse as hackers continuously poke holes in popular software, and developers patch them when they come.

The worst of these kinds of bugs are named “zero-day” bugs. They are usually previously unknown flaws that hackers are actively exploiting.

Read more and I’ll cover the latest made to be currently affecting Windows machines precisely what Microsoft is doing tends to make. It’s one emergency patch you are unable to afford to miss.
Zero-day Web browser flaw

Microsoft just released another emergency out-of-band patch which time, and it’s also for a critical zero-day security flaw that affects its Web browser (IE) web browser.

The serious flaw (CVE-2018-8653) could allow an allow an attacker to remotely take control of a Windows machine with your luring a victim to visit a poisoned site.

Once an attacker gains control, they will then run malicious code, install programs, steal data and in some cases create new users with administrator rights.

As well worst part? It’s already being exploited by hackers.

Microsoft asserted that it been aware of the zero-day flaw after acquiring report from Google about it. The flaw affects create versions of Internet Explorer 11 across all Windows systems – Windows 7 through 10 and in some cases Windows Server 2012, Windows Server 2016 and Windows Server 2019.

Are you still using Ie to look into the web? You’ll want to grab this patch once you first can.
Simple methods to update Windows

Most Windows machines will download and install updates automatically automatically. If you haven’t changed your automatic update settings, then you need to be fine.

Should you want to check, here’s how:

On Windows 10, click Start (Windows logo)
Choose “Settings”
Select “Update & Security”
On the “Windows Update” section, select “Check for Updates.”

Note: The “Windows Update” section is in addition handy for showing you updates that happen to be currently being downloaded or applied.

Windows Server 2019 to guide OpenSSH natively

In a short article today Microsoft announced that Windows Server 2019 will officially offer OpenSSH as a general supported feature.

OpenSSH can be described as powerful tool that originated as part of the OpenBSD project and has been meant for many years all through the BSD, Linux, macOS, and Unix ecosystems. Adding OpenSSH to Windows Server 2019 allows organizations that work across a range of computer operating systems to use a consistent tools for remote server administration.

The Win32 port of OpenSSH was initially included in the Windows 10 Fall Creators Update and Windows Server 1709 just like a pre-release feature. In your Windows 10 1803 release, OpenSSH was released as a supported feature on-demand component, but there are not a supported release on Windows Server so far. Now the OpenSSH client and server turn out to be available currently being a supported Feature-on-Demand in Windows Server 2019 and Windows 10 1809.

To help get the latest information about OpenSSH in Windows, drive to the Win32-OpenSSH wiki or Microsoft docs. There is undoubtedly a most current documentation or perhaps information about our broader efforts for bringing OpenSSH to Windows.