Patch Exchange now, and test your Windows updates

If it weren’t for the serious security issues surrounding on-premises Microsoft Exchange servers (CVE-2021-2685, CVE-2021-27065, CVE-2021-26857 and CVE-2021-26858), I would say things look pretty good for this month’s Patch Tuesday. There are still things to test on the desktop, including printing, remote desktop connections via VPNs, and graphically intensive operations. And while the other lower-rated Microsoft Office and Development platform updates require attention, they don’t require a rapid response and can be added to the regular testing regime and deployment cadence.

I’ve included a helpful infographic that this month looks a little lopsided (again) as all of the attention should be on the Windows and Office components.

Key testing scenarios

There are two updates to the Microsoft Windows platforms this month that look high-risk, including:

  • A change to local printer driver handling (affected files include: localspl.dll and PrintFilterPipelineSvc.exe).
  • A core update to the Windows system kernel (win32kbase.sys).

Both of these significant changes affect all supported Microsoft Windows desktop and server platforms. Working with Microsoft, we’ve developed a system that combs through Microsoft updates and matches any file changes (deltas) released each month against our testing library. The result is a “hot-spot” testing matrix that helps drive our portfolio testing process.

This month, our analysis of this Patch Tuesday release generated the following testing scenarios:

  • Test your local (usually its remote) printers. Test your existing installed printer updates on an updated machine, but most importantly try to install a new printer driver (sorry, Kyocera). The thinking here is that 32-bit systems are not correctly passing information to 64-bit drivers and causing a BSOD. Testing can be done with simple apps like Notepad. Which is, of course, quite concerning when you think about it.
  • Test your encrypted file system and RDS connections. There was a change to the FIPS cryptographic components that may require attention. You can read more about the FIPS compliant encryption technology here.

Lower on the priority list, we suggest testing VPN connections, JPEG image file rendering, and streaming audio (to make sure it still functions as expected).

Copyright © 2021 IDG Communications, Inc.

Source link

We will be happy to hear your thoughts

Leave a reply

Reset Password
Compare items
  • Total (0)