Microsoft Rolls Out 90 Updates in August Patch Tuesday Release for Windows and Office
In its latest Patch Tuesday release, Microsoft has pushed out a total of 90 updates for both the Windows and Office platforms. Among the updates are fixes for Microsoft Exchange, with a warning about failed updates to Exchange Server 2016 and 2019. Additionally, a “Patch Now” recommendation is being made for Office. To help users understand the risks associated with each update, the team at Application Readiness has created an informative infographic.
Microsoft has also listed some known issues that may affect users after installing the August updates. One issue involves guest virtual machines running Windows Server 2022 on certain versions of VMware ESXi, which may prevent Windows Server 2022 from starting up. Microsoft and VMware are currently investigating this issue. Another issue pertains to provisioning packages on Windows 11 version 22H2, where Windows may only be partially configured or may restart unexpectedly. To avoid this issue, it is recommended to provision the Windows device before upgrading to Windows 11 version 22H2. Users still using Windows Server 2008 ESU may encounter a failure in this month’s update, with a message stating “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer.” Microsoft provides advice on ESU updates, but there may be a delay in successfully updating legacy Exchange servers.
Microsoft has also made major revisions covering various aspects of its updates. These revisions include guidance on enabling LDAP channel binding and LDAP signing, information on malicious use of Microsoft signed drivers, and corrections and updates for several vulnerabilities. Mitigations and workarounds have been published for specific vulnerabilities, such as Microsoft Message Queuing remote code execution vulnerability and Microsoft WDAC OLE DB provider for SQL Server remote code execution vulnerability.
To ensure users are aware of the impact of these updates, the Readiness team has provided detailed testing guidance. The testing scenarios have been divided into high-risk and standard-risk categories. High-risk testing focuses on changes affecting the Microsoft Windows core kernel and internal messaging subsystem. It is recommended to pay special attention to updates related to Microsoft Message Queue. Standard-risk testing includes checking Windows error reporting, testing group policy refresh, smart card installations, ODBC applications, and WinSAT API.
Updates have been released for different product families, including browsers (Microsoft IE and Edge), Microsoft Windows (desktop and server), Microsoft Office, Microsoft Exchange Server, Microsoft Development platforms (ASP.NET Core, .NET Core, and Chakra Core), and Adobe Reader. For browsers, Microsoft released updates for Chromium browser projects, while no patches were released for legacy browsers. Windows updates include three critical updates, 32 important updates, and one moderate update. Critical updates relate to the Windows Message Queuing, although they have not been publicly disclosed or reported as exploited. Office updates include three critical updates for Microsoft Outlook, along with 11 important updates, and one moderate update. Microsoft Exchange Server updates are recommended, but it is advised to avoid updating non-English servers. Microsoft has also released updates for .NET and ASP.NET platforms, and Adobe has released a critical patch for Adobe Reader.
In conclusion, Microsoft’s August Patch Tuesday release includes a wide range of updates for Windows and Office platforms, addressing various vulnerabilities and issues. Users are advised to follow the recommended testing and deployment schedules to ensure their systems are secure and functioning properly.
I have over 10 years of experience in the cryptocurrency industry and I have been on the list of the top authors on LinkedIn for the past 5 years. I have a wealth of knowledge to share with my readers, and my goal is to help them navigate the ever-changing world of cryptocurrencies.
