Over the previous yr, we have seen Microsoft make radical enhancements in its browser stability and vital constructive modifications to its Home windows replace communication and telemetry methods.  And this month’s Patch Tuesday launch brings with it an extremely gentle set of updates — possibly the fewest variety of updates I’ve ever seen.

There aren’t any zero-days, which is a good end to 2023, although Home windows will get three crucial updates and Visible Studio would require quick consideration attributable to a number of re-releases of previous crucial software patches.

The workforce at Readiness has created a helpful infographic to stipulate the dangers related to every replace on this final launch of 2023. One be aware of warning: we now have seen a number of potential updates to older patches (October/November) probably coming down the discharge pipeline from Microsoft. It could be price checking in throughout the upcoming vacation break to see whether or not there are any out-of-band patches for the Home windows ecosystem.

Recognized points

Every month, Microsoft particulars the identified points associated to the working system and platforms included in its replace cycle.

• Microsoft has raised a reporting-related challenge with Microsoft Intune and BitLocker. Utilizing the FixedDrivesEncryptionType or SystemDrivesEncryptionType coverage settings within the BitLocker configuration service supplier (CSP) node in cell system administration (MDM) apps may incorrectly present a 65000 error within the “Require Gadget Encryption” setting for some gadgets in your setting. Microsoft remains to be engaged on resolving this challenge.
• Home windows gadgets utilizing a couple of monitor may expertise points with desktop icons transferring unexpectedly between screens or see different icon alignment points when trying to make use of Copilot in Home windows. This was raised last month and it seems Microsoft remains to be engaged on the problem.

Although we aren’t experiencing printer issues with Patch Tuesday as we now have up to now, HP Printers are now being displayed on Windows computers, even when HP printers are neither linked nor put in. Signs of this may embrace:

1. Some Home windows 10 and Home windows 11 gadgets are putting in the HP Good app.
2. Printers are renamed as HP printers no matter their producer. Most are being named because the HP LaserJet M101-M106 mannequin. Printer icons may additionally be modified.
3. Double clicking on a printer shows the on-screen error “No duties can be found for this web page.”

Microsoft has confirmed that this isn’t the results of an HP Printer replace and is engaged on a decision.

Main revisions

That is an uncommon month for Microsoft, as there are usually a number of “info solely” revisions to earlier updates. This month, Microsoft has re-published updates for each Microsoft Edge and Microsoft Visible Studio that may require (within the case of Visible Studio, pressing) consideration. I’ve up to date these Browser and Growth sections accordingly.

Mitigations and workarounds

Following the sample set this month, Microsoft broke with custom and has not launched any documentation on present vulnerability mitigations or workarounds.

Testing steerage

Every month, the workforce at Readiness analyses the most recent Patch Tuesday updates and supplies detailed, actionable testing steerage primarily based on a big software portfolio and an in depth evaluation of the Microsoft patches and their potential influence on the Home windows platforms and software installations.

For this end-of-year replace, we now have not seen any high-risk or vital performance modifications for Home windows. Nevertheless, there have been a number of modifications to core performance that may require some consideration, together with:

• Home windows Networking: Web Connection Sharing (ICS), the Home windows DHCP IP companies supplier has been up to date. We suggest that you just progress the next exams:
  1. Ping native/distant gadgets (embrace Google.com and Bing.com).
  2. Browse the web, with each giant and small file downloads.
  3. Stream music and video.
  4. Run messaging apps (embrace Microsoft Groups).
• Home windows kernel updates. The Home windows kernel lies on the very core of the Home windows working system and any modifications must be examined with care. That stated, the modifications carried out this month have a really low floor space and will current themselves with a easy reboot.
• SQL Shoppers and OLE: The Microsoft SQL shoppers for each SQL server and OLE have been up to date. We suggest working fundamental SQL instructions to fetch/replace information from each a neighborhood and distant server.

You may not keep in mind Faxing (exhibiting my age right here) however Microsoft has made a minor replace to a single discrete perform name within the MakeCall API perform. In case you are utilizing automated faxes in your workflows or depend on a FAX server comparable to FAXPress, then you’ll need to carry out an entire check that features sending, receiving, and the administration of present faxes.

Automated testing will assist with these situations (particularly a testing platform that gives a “delta” or comparability between builds). Nevertheless, for line of enterprise purposes, getting the appliance proprietor (doing UAT) to check and approve the testing outcomes remains to be completely important.

Home windows lifecycle replace

This part contains essential modifications to servicing (and most safety updates) to Home windows desktop and server platforms. There aren’t any main modifications or finish of assist notices for the Home windows or Workplace platforms this month. Nevertheless, Microsoft has printed the end of community support for PHP 8.0. For these affected, Microsoft gives a couple of steps to help with updating purposes.

Every month, we break down the replace cycle into product households (as outlined by Microsoft) with the next fundamental groupings:

• Browsers (Microsoft IE and Edge).
• Microsoft Home windows (each desktop and server).
• Microsoft Workplace.
• Microsoft Trade Server.
• Microsoft Growth platforms (NET Core, .NET Core and Chakra Core).
• Adobe (retired???, possibly subsequent yr).

Browsers

The foremost modifications included with this December browser replace lie inside the Chrome browser parts together with:

These revisions are comparatively minor and mustn’t pose a compatibility downside; add these updates to your commonplace browser patch launch schedule.

Home windows

This month, Microsoft launched three crucial updates and 22 patches rated essential to the Home windows platform that cowl the next key parts:

• Home windows Networking, ICS, DHCP and DNS;
• Home windows Kernel and Win32K drivers;
• Home windows Telephony Server (a single API replace);
• Microsoft Bluetooth drivers.

Your testing and deployment focus must be on making certain that  goal programs are working as anticipated with this month’s networking updates. Each time Microsoft updates the Kernel (far too usually), care have to be taken with exterior gadgets that depend on system degree drivers. A great couple of reboots this month ought to do the trick.

Add this Home windows replace to your commonplace launch schedule.

Microsoft Workplace

Microsoft launched three comparatively minor updates to Microsoft Phrase. These patches handle lowe- threat vulnerabilities, have a low testing profile, and are rated as essential. Add these Workplace updates to your commonplace launch schedule.

Microsoft Trade Server

Fortunate for us — and for these working over the Christmas break — there aren’t any Microsoft Trade Server updates.

Microsoft improvement platforms

There have been no new improvement platforms (.NET or Microsoft Visible Studio) updates from Microsoft this month. However there are a number of crucial updates which have been revised outdoors of the Patch Tuesday calendar together with: CVE-2023-36792, CVE-2023-36793, CVE-2023-36794 and CVE-2023-36796.

All of those reported CVE entries relate to a cluster of Visible Studio distant code execution vulnerabilities. Microsoft is rereleasing KB5029365 to deal with the next identified challenge: Clients who’re utilizing Microsoft Visible Studio 2013 Replace 5 may obtain a “C2471” error after trying to compile a construct that has precompiled headers (PCH) that use the /Gm and /ZI (Edit and Proceed) switches.

These re-releases of those 4 Visible Studio updates (from September) are rated crucial by Microsoft and can have to be added to your “Patch Now” launch schedule.

Adobe Reader (nonetheless right here, however simply not this month)

There have been no updates from Adobe for Reader or Acrobat this month. And no updates to third-party purposes such WinRAR nor deprecations to major system components. Now that we now have a little bit of time left within the yr, we will begin speaking concerning the potential compatibility issues in Windows 23H2.

For Patch Tuesday Debugged, that is a wrap for 2023. It has been a pleasure and a privilege to assist with Patch Tuesday testing and deployment challenges over the previous yr. I can not wait to see what 2024 will carry us.