You are currently viewing For July, Microsoft’s Patch Tuesday update fixes four zero-day flaws – Computerworld

For July, Microsoft’s Patch Tuesday update fixes four zero-day flaws – Computerworld



  • PowerShell updates will require a diagnostics test. Try the command, “import-module Microsoft.powershell.diagnostics – verbose” and validate that you are getting the correct results from your home directory.
  • Due to the change in the Windows core installation technology (MSI), please validate that User Account Control (UAC) still functions as expected.

Microsoft SQL Server

This month is a big update for both Microsoft SQL Server and the local, or workstation supporting elements of OLE. The primary focus for this kind of complex effort should be your line-of-business or core applications. These are the applications that have multiple data connections and rely on complex, multiple object/session requirements. Due to the changes this month, we can’t recommend specific Windows feature testing regimes, as we are most concerned that the business logic (and resulting data) of the application in question might be affected. Only you will know what looks good; we advise a comparative testing regime across unpatched and newly patched systems looking for data disparities.

Windows

Microsoft made another update to the Win32 and GDI subsystems with a recommendation to test out a significant portion of your application portfolio. We also recommend that you test the following functional areas in the Windows platform:

  • File compression has been updated, so file and archive extraction scenarios will need to be exercised.
  • Due to the Microsoft codec updates, perform a system reboot and test that your audio and camera still work together.
  • Security updates will require the testing of the creation of new Windows certificates.
  • Networking changes will require a test of DNS and DHCP, specifically the DHCP R_DhcpAddSubnetElement API. As part of these changes, testing VPN authentication will be required. Try to include your Network Policy Server (NPS) as part of the connection creation and deletion effort.
  • This month’s update to Remote Desktop Services (RDS) will require the creation and revocation of license requests.
  • A significant update to the Network Driver Interface Specification (NDIS) will require testing of network traffic involving repeated bursts of large files. Try using Teams while this networking burst testing is in progress.
  • Backup and printing have been updated, so test your volumes and ensure that when you print out a test page, your OS does not crash (yes, really). Try printing out TIFF files. (Hey, you might like it.)

As part of the ongoing effort to support the new ARM architecture, Microsoft released the first patch for this new platform, CVE-2024-37985. This is an Intel assigned processor-level vulnerability that has been mitigated by a Microsoft OS level patch. The Readiness team has provided guidance on potential ARM-related compatibility and testing issues. 

RK THE HACKER BOY

Hello Guys I am RK The Hacker Boy. I am the Owner Of RK Hacking Zone. I am Carder, Cracker and Hacker. If you want learn about this Just Join our Telegram Channel. My AIM is I do Something For Poor people and give his some helps. Jai Hind Dosto

Leave a Reply