Register now!

Can’t attend or want to watch at a later time? Register anyway! We send the recording to all registrants after the webinar.

Watch the Webinar Recording

Webinar Hosts

Patch Tuesday Support Group Webinar Recap

Patch Tuesday November News

Microsoft Ignite 2023. Copilot in Intune, AI and Private Preview — Microsoft Intune news at Microsoft Ignite 2023 | Microsoft Intune Blog

Everything Windows Autopatch. Available for frontline workers, detailed reliability, and driver/firmware granular controls — What’s New in Windows Autopatch: Microsoft Ignite 2023 Edition | Windows IT Pro Blog

PSAppDeployToolkit stewardship webinar. Patch My PC plays an active role in continued open-source development — Patch My PC’s Stewardship of PSAppDeployToolkit Webinar – Patch My PC

VB Deprecation. Becoming a feature on demand, and PSADT is working to remove VB script — Resources for deprecated features in the Windows client – What’s new in Windows | Microsoft Learn

Defender A/V Updates are getting channel flags. — (6) Scott Williams on X: “wtf is this and why has it started appearing in my packages? https://t.co/djckWLBJBa” / X (twitter.com) and (6) Steven M. Salter on X: “#ConfigMgr If you’re deploying software updates for Microsoft Defender Antivirus, some of these updates now have additional channel notations. This may help with your ADRs/Deployment filters. – Internal Only – Beta Channel – Prerelease” / X (twitter.com)

Windows 11 22H2 will cease optional preview updates in February 2024. — November 14, 2023—KB5032190 (OS Builds 22621.2715 and 22631.2715) – Microsoft Support

Remote Desktop Connection is now uninstallable. — Uninstall and reinstall Remote Desktop Connection | Microsoft Learn

Update on October’s Standalone SSU Release: Does detect as installed when Oct’s CU is installed. — KB5031539: Servicing stack update for Windows 10, version 21H2 and 22H2: October 10, 2023 – Microsoft Support

October’s CU update failures due to ‘Invalid Data’ were resolved in Novembers’ release. — October 10, 2023—KB5031356 (OS Builds 19044.3570 and 19045.3570) – Microsoft Support

Reflecting on 20 years of Patch Tuesday. — Reflecting on 20 years of Windows Patch Tuesday | Windows Experience Blog

Insight into CVEs

Microsoft released SIX Zero Day fixes, including Curl Together — CVE-2023-38545 IMPORTANT: Under no circumstances should you remove or replace curl.exe, the curl tool executable, as doing so may damage the Windows Update component store and prevent the installation of further security updates. Instead, we recommend deploying a code integrity policy that restricts the execution of vulnerable versions of curl.exe.

Windows DWM Core Library Elevation of Privilege Vulnerability — CVE-2023-36033 Score 7.8 Exploitation has been detected for this in the wild. Does require “local” access to the device, but the outcome of this is that users end up with ‘SYSTEM’ on the box. Impact Server 2022, Windows 11 etc.

Windows SmartScreen Security Feature Bypass Vulnerability — CVE-2023-36025 Score 8.8 Exploitation is functional, and active in the wild. Network based attack, can be serviced over the network to gain remote control. Effectively, allows the use of phishing via e-mail to local admin privilege escalation. Would recommend that this one is likely the one most needed to be prioritized due to the low complexity, and scope of impact. Basically, Smart screen would not engage if the remote location/target was the contents of a zip file.

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability — CVE-2023-36036 Score 7.8 Requires LOCAL access – and again leads to ‘System’ token. Exploitation has been detected.

Microsoft Office Security Feature Bypass Vulnerability — CVE-2023-36413 Score 6.5 Network detected. Exploitation currently is “more likely” – not active yet. The current scoring means opening a file may cause the end user to bypass protected view and go straight to “edit” mode.

ASP.NET Core Denial of Service Vulnerability — CVE-2023-36038 Score 7.1 Network based attack, less likely. This vulnerability could be exploited if http requests to .NET 8 RC 1 running on IIS InProcess hosting model are cancelled. Threads counts would increase and an OutOfMemoryException is possible.

Third Party Updates

Total Number of CVE: 296
Total Number of Updates From PMPC: 2105

Browser Patch Specifics
Chrome: 18 Patches – 31 Vulnerabilities
FireFox: 180 Patches – 13 Vulnerabilities
Microsoft Edge: 24 Patches – 34 Vulnerabilities
Opera: 14 Patches – 0 Vulnerabilities

Other Updates

SEC is now suing SolarWindows. October 30, 2023 – the SEC issued a charge for Fraud, false reporting and more — Setting the Record Straight on the SEC and SUNBURST – Orange Matter (solarwinds.com) and SolarWinds Corporation and Timothy G. Brown (sec.gov)

Patch My PC ROI Tool

Quickly identify products supported within the Patch My PC catalog which are in use in your environment and calculate the savings. Visit the Patch My PC Feature, Benefits and ROI page to learn more and try it yourself.