Admins can expect to see some familiar security updates in the latest Patch Tuesday, but they can also expect to see a rare update.
In its advance security notification, Microsoft said there will be six bulletins in this batch of security updates. Two are critical, three are important and one is moderate.
Both of the critical security updates will address remote code execution vulnerabilities and will affect multiple versions of Windows Server and Internet Explorer. All three important updates will address elevation of privilege vulnerabilities and will affect multiple versions of Windows.
The rare moderate update addresses a denial of service vulnerability and affects Microsoft Service Bus for Windows Server.
Microsoft will also include an updated version of its Malicious Software Removal Tool, it said.
Last month’s Patch Tuesday security updates addressed a large number of vulnerabilities. One of the critical updates addressed 59 reported vulnerabilities in Internet Explorer.
What do you think of the upcoming security updates for July’s Patch Tuesday? Let us know in the comments or on Twitter @SearchWinServer.
That suspension didn’t last long. Microsoft is going to continue sending security updates via email after reviewing its processes.
Late last week, the company said it would stop sending emails to comply with Canadian antispam laws. That decision has been reversed, and end users should continue receiving company emails. This will include the advance notification for the July 8 Patch Tuesday, which will arrive in inboxes on July 3, said Microsoft in a statement provided to SearchWindowsServer.com.
Microsoft Canada has also rolled out an opt-in page so customers can continue receiving emails from the company.
Email isn’t the only way to get the latest updates about Microsoft security updates. The company offers an RSS feed, and SearchWindowsServer.com covers each Patch Tuesday.
Are you happy that Microsoft is continuing to send security updates? Let us know in the comments below or on Twitter @SearchWinServer.
There’s one place you won’t be finding out about advance security notifications from Microsoft anymore.
The company is suspending the delivery of certain security emails to comply with governmental policies. Microsoft revealed the change in — wait for it — an email.
The company will no longer send emails about security bulletin advance notifications, security bulletin summaries, new security advisories and bulletins or revisions to security advisories and bulletins.
Canada will begin enforcing an antispam law on July 1st, which Microsoft is complying with, the company confirmed.
It’s still unclear why this would lead to the suspension of this service. Perhaps, because patch notifications change from time to time, Microsoft could be found in violation of this clause in the law: “use of false or misleading representations online in the promotion of products or services.”
Microsoft suggests subscribing to RSS feeds as an alternative to the newsletter. One other option: Follow our Patch Tuesday coverage here on our blog and on SearchWindowsServer.com. Read about June’s Patch Tuesday here.
What do you think about Microsoft’s decision to suspend its newsletters about security bulletins? Let us know in the comments or on Twitter @SearchWinServer.
The latest round of Patch Tuesday updates will include some familiar fixes, but it also includes some fixes admins don’t often see.
In its latest advance security notification, Microsoft said the newest security updates will include seven bulletins. Two of the bulletins are critical and five are important.
Both critical bulletins address remote code execution vulnerabilities. Multiple versions of Internet Explorer, Lync, Office and Windows are affected.
The important bulletins in this Patch Tuesday cycle address remote code execution, information disclosure and denial of service vulnerabilities as well as a rare tampering vulnerability. Multiple versions of Lync, Office and Windows are affected.
The company said it will also release an updated version of its Malicious Software Removal Tool, which can be accessed through the Download Center, Microsoft Update, Windows Server Update Services or Windows Update.
What do you think of the latest Patch Tuesday security updates? Let us know in the comments or on Twitter @SearchWinServer.
Our feature recaps the most popular content on the site in the previous month and shares it with you.
For May, admins were interested in learning more about the latest happenings in the Windows Server world, including the newest security patches as well as developments with Microsoft Azure and TechEd coverage.
Windows XP hits zombie status with patch after end-of-life
It’s coming to get you, Barbara! Microsoft included Windows XP on its list to receive an out-of-band security fix for a critical remote code execution vulnerability that hit Internet Explorer.
IT pros slow to chow down Azure feast
Although Microsoft highlighted new products and technologies at TechEd pushing its vision of cloud-based enterprises, many corporate end users said they weren’t ready to even consider a move to the cloud.
Spotlight dims on data centers with push for Azure
There appears to be a growing disconnect between Microsoft’s push for the cloud and the enterprises that want the focus to stay on the on-premises tools they need for a functional business.
IT pros get some help from new migration tools
Windows Server admins can expect some relief from frustrating migrations with new management add-ons and server app migration tools.
Patch Tuesday updates bring fixes for SharePoint, Office, IE
The latest batch of Patch Tuesday security updates includes two critical and six important updates. Both critical updates address remote code execution vulnerabilities.
What content was most helpful to you last month? Was it something we didn’t include in our list? Let us know in the comments or on Twitter @SearchWinServer.
If admins were planning on a light month of security updates from Microsoft, they’ll have to plan on spending more time to implement them.
In its advance security notification, Microsoft said it would release eight security updates in the latest Patch Tuesday cycle. Two of the bulletins are marked as critical and six are marked as important.
Both critical bulletins will address remote code vulnerabilities. Multiple versions of Internet Explorer and Windows will be affected, as will multiple versions of SharePoint and Office Web Apps servers and other productivity software.
The important bulletins will address remote code execution, elevation of privilege, denial of service and security feature bypass vulnerabilities. Multiple versions of Office and Windows will be affected.
Microsoft has already released an out-of-band security update this month for a critical remote code execution vulnerability affecting Internet Explorer. Many were surprised by the company’s decision to include Windows XP in the update because the company said it would stop supporting it in April this year.
Microsoft has also gone against last year’s trend of releasing a large number of security updates each Patch Tuesday. At this point in 2013, Microsoft had already released 46 security bulletins. This month’s bulletins bring the 2014 total up to 28.
What do you think of this month’s Patch Tuesday security updates? Let us know in the comments below or on Twitter @SearchWinServer.
In our monthly feature, we round up the most popular content on our site and share it with you.
For April, our readers were most interested in the latest Patch Tuesday updates, changes to Azure cloud pricing and the Work Folders feature.
Limbo game continues with Microsoft Azure, AWS and Google
Will the latest price cuts in Microsoft Azure attract new customers? That’s the question many analysts are asking after the company slashed its Azure compute and cloud storage prices to continue competing with AWS and Google.
Patch Tuesday security updates mark end-of-life for multiple products
March was a light month for Patch Tuesday updates with only two critical and two important updates. It was also the last month Microsoft officially supported Windows XP, Exchange Server 2003 and Office 2003.
Simplify your Work Folders setup in Windows Server 2012 R2
It’s possible to have an easy setup for Work Folders if your organization decides to use them. The setup process will generally include installing the Work Folders feature, setting up the sync share and using PowerShell for Work Folders.
Don’t forget these important Work Folders considerations
As you continue setting up Work Folders in your organization, you’ll also need to configure SSL connections and DNS records before enrolling clients. The setup seems simple enough, but you’ll have a few caveats to setting up and using Work Folders.
Four capabilities and features in WSUS admins should know
There are a number of additions to Windows Server Update Services in Windows Server 2012 R2, but there are four noteworthy features admins should take notice of. New PowerShell cmdlets and separate WSUS versions are a sample.
What content was most helpful for you last month? Was it something we didn’t include on the list? Let us know in the comments below or on Twitter @SearchWinServer.
IT pros can now install the Windows 8.1 Update but are not forced to do so before next month’s Patch Tuesday.
In a blog post issued by Microsoft, the company said it extended the time frame for IT administrators to deploy the update from 30 to 120 days.
The extension comes a week after Microsoft said there was a bug in Windows 8.1 Update and recommended businesses wait to deploy the update until the company issued a fix.
While Microsoft has resolved the connectivity bug with Windows Server Update Services 3.2, IT pros would have had to deploy the Windows 8.1 Update relatively quickly throughout their organization. If the Windows 8.1 endpoints did not have the latest Update release, those devices would not be able to install future security and non-security updates starting with the May 2013 Patch Tuesday release. This new update support strategy also applies to Windows Server 2012 R2 and Windows 8.1 Industry customers.
“In order to receive future updates, all customers managing updates using WSUS, Windows Intune, or System Center Configuration Manager have until August 12th to apply the new updates. For those that decide to defer installation, separate security updates will be published during the 120-day window,” according to the post.
Microsoft’s push to have organizations quickly deploy Windows 8.1 Update falls in line with its strategy to offer a faster cadence for upgrading products. However, IT pros need time to test the updates before deploying it throughout their organization. The small time frame Microsoft offered was not realistic for many IT pros, especially in light of the end of support for Windows XP and the recent security issues surrounding the Heartbleed bug, which called for IT pros to quickly ensure the integrity of their data.
Enterprises excited to get their hands on the latest Windows 8.1 improvements — including features focused on easing keyboard-and-mouse usage — might have to wait a bit longer. Microsoft pulled the Windows 8.1 update released yesterday because of an issue with Windows Server Update Services.
According to a blog post from Microsoft detailing the issue, it needed a complex set of parameters for the update to cause problems. The scenario involves installing the latest update on the client machine and it checks against WSUS 3.2 running on Windows Server 2003 SP2, Windows Server 2003 R2 SP2, Windows Server 2008 SP2 or Windows Server 2008 R2 SP1. It will fail if those machines have HTTPS and Secure Sockets Layer are enabled, and if TLS 1.2 is not enabled.
Scans will fail if this happens, which prompted Microsoft to pull the update from WSUS. The easy workaround is to enable TLS or disable HTTPS.
The update is still available through other Windows Update channels, including MSDN and Windows Update Catalog, but Microsoft recommends delaying deployment until it releases a fix.
Are your client machines affected by this bug? Let us know in the comments or on Twitter @SearchWinServer.
This is a busy week for Microsoft releases. In addition to delivering the latest Patch Tuesday updates, the company delivered Microsoft Virtual Machine Converter (MVMC) 2.0, a stand-alone tool that converts VMware-based virtual disks and VMs to Hyper-V-based virtual hard disks and VMs.
In a post on the Server and Cloud blog, Microsoft said the freely available download includes a number of new and updated features. One new feature, on-premises VM to Azure VM conversion, can migrate VMware VMs to Azure. The company also included a PowerShell interface to help admins automate migrations with workflow tools such as System Center Orchestrator.
Features added to MVMC 2.0 include support for VMware virtual hardware, additional support for ESX(i) 5.5 and vCenter as well as Linux Guest OS migration. The Linux Guest OS migration includes support for Ubuntu, Oracle, Red Hat Enterprise, SuSE enterprise, Debian and CentOS.
The release of MVMC 2.0 offers enterprises a simple and low-cost conversion option, something that’s become more important in recent years, Microsoft said. The tool can be downloaded here.
Microsoft also said customers can expect to see MVMC 3.0 this fall. That version will include P2V machine conversion for supported Windows versions.
What do you think of the MVMC 2.0 release? Let us know in the comments below or on Twitter @SearchWinServer.