Patch Tuesday Support Group October Webinar

Webinar Summary

Jordan Benzing goes over the latest update releases including CVE-2024-43468 focusing on CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’). Bryan Dam then reviews hot topic articles over the last month including Win+R Weaponized for Captcha, U.S. Wiretap Systems targeted in China-Linked Hack, the Internet Archive is under attack, and Important changes to the Windows enrollment experience coming soon.

Watch the Webinar Recording

Webinar Hosts

Bryan Dam

Patch My PC
Software Engineer

Jordan Benzing

Patch My PC
Security Engineer Lead

Patch Tuesday Support Group Webinar Recap

Patch Tuesday October News

Security Updates

Win+R Weaponized For Captcha: Captcha saves vulnerable URL to clipboard and tells user to run the cmd — x.com

How North Korea Infiltrated the Crypto Industry — coindesk.com

U.S. Wiretap Systems Targeted in China-Linked Hack — wsj.com, eff.org

D-Link fixes critical RCEs, hardcoded password flaws in WiFi 6 routers — dlink.com

Attacking UNIX Systems via Common Unix Printing System (CUPS): Remotely executable without user interaction: CVSS base score of 9 affects many/most Linux Distros, Chromium/ChromeOS, Solaris — evilsocket.net, github.com, bleepingcomputer.com

Ivanti Continues to have a good time — bleepingcomputer.com – ivanti fixes rce bug, bleepingcomputer.com – ivanti warns of critical csa flaw, bleepingcomputer.com – critical ivanti vtm auth bypass bug, bleepingcomputer.com – ivanti warns three more csa zero days exploits

Mind the (air) gap: GoldenJackal gooses government guardrails — welivesecurity.com

Kaspersky Exits U.S., Automatically Replaces Software With UltraAV, Raising Concerns — thehackernews.com

WP Engine sues WordPress co-creator Mullenweg and Automattic, alleging abuse of power — techcrunch.com

The Internet Archive is under attack, with a breach revealing info for 31 million accounts — theverge.com

What’s new at Microsoft

Windows 11 Insider Preview Build 27718 includes ‘Administrator Protection’ — blogs.windows.com, patchmypc.com

Important changes to the Windows enrollment experience coming soon — techcommunity.microsoft.com

Update on Recall security and privacy architecture — blogs.windows.com

Windows 11, version 24H2: What’s new for IT pros — techcommunity.microsoft.com

KB29166583 – Management point security update for Configuration Manager 2403 — learn.microsoft.com, msrc.microsoft.com

What’s new in Microsoft Intune? — learn.microsoft.com

Get Off My Lawn

Intune missing capabilities for the ConfigMgr administrator — potentengineer.com

Windows Server Update Services (WSUS) deprecation — techcommunity.microsoft.com, patchmypc.com, patchmypc.com

Microsoft Patches of Note

View the full list of Patch Tuesday release notes at Patch Tuesday Blog Home Page – Patch Tuesday Blog

Total Patches Release: 102
Patch Severity	Number of
Critical	42
Important	60
Moderate	0
N/A	0

Third Party Updates from Patch My PC

Total updates: 3305
Update Severity	Number of
Critical	69
Important	479
Moderate	2422
Low	9
N/A	326

Browser Wars

Browser Specific updates
Browser	Number of
Google Chrome	15
Firefox	10
Edge	15
Opera	9

Insight into CVEs

This month there were a total of 121 vulnerabilities addressed.

CVE Impact
Classification	Number of
Critical	3
Important	114
Moderate	1
N/A	3

CVE Breakdown
CVE Type	Number of
Denial of service	26
Elevation of Privilege	28
Information Disclosure	6
Remote Code Execution	43
Security Feature Bypass	7
Spoofing	7
Tampering	1

Webinar Archive

View upcoming webinars and recordings by categories below

Patch My PC

Patch Tuesday

Ask Us Anything

Unveiling the All-New Patch My PC Home Updater Feature Image

Deep Dive Log Troubleshooting with Patch My PC Webinar

Navigating the Microsoft Graph API Webinar Feature Image

Patch Insights and Advanced Insights v2 Feature Image

PSAppDeployToolkit 101 Webinar Feature Image

Custom Apps Webinar Feature Image - 640x360

Intune Management Deep Dive Webinar Feature Image

Managing App and Update Deployments Webinar

Advanced Certificates Webinar Feature Image

Customizing App Deployments with Right-Click Options - Webinar Feature Image

Patch Tuesday Support Group October feature Image

Patch Tuesday Support Group September feature Image

Patch Tuesday Support Group Webinar August 2024 Feature Image

Patch Tuesday Support Group Webinar July 2024 Feature Image

Patch Tuesday Support Group Webinar June 2024 Feature Image

Patch Tuesday Support Group Webinar May 2024 Feature Image

Patch Tuesday Support Group Webinar April 2024 Feature Image

Patch Tuesday Support Group Webinar March 2024 Feature Image

Patch Tuesday Support Group Webinar February 2024 Feature Image

Patch Tuesday Support Group Webinar January 2024

Patch Tuesday Support Group Webinar December 2023

Patch Tuesday Support Group - November 2023

Patch Tuesday Support Group - October 2023

Patch Tuesday Support Group - September 2023

Patch My PC Ask Us Anything Feature Image

Ask Us Anything June Patch My PC Webinar Feature Image

Ask Us Anything October Patch My PC Webinar Feature Image

Ask Us Anything March Patch My PC Webinar Feature Image

Ask Us Anything February Patch My PC Webinar Feature Image

Our Customers Love Us

Trusted by Over 7,425 Enterprises on Over 23.2 Million Endpoints

{

Since the day we implemented 3rd party app patching through Patch My PC, we have achieved a more controlled but mainly fast way to update our clients. Our previous packaging process always took at least 1-2 weeks before an updated version of an app was available for deployment.

Gerasimos Bartsas

Manager Endpoint Security and Compliance

Adidas

{

This is one of the most excellent support/product teams I worked with so far! I would say, you guys know very well your product when it comes to troubleshooting.

Patch My PC is an excellent tool to manage third party updates through SCCM. I’m completely satisfied.

Dinesh Tashildar

Lead Technical Architect

American Express

{

I was trialing Patch Connect Plus and having issues. PCP’s support was poor, outsourced, and they did not help me solve my issue. I switched to a Patch My PC trial and was experiencing the same issue. Justin reached out to Microsoft in less than an hour on my behalf and had a resolution.

Alexander Guarino

Systems Engineer

Harvard Business Publishing

{

This was the easiest product to implement that I have ever used. And working with your company is always a pleasure.

Kurt Levitan

Technical Architect

Harvard University

{

It’s been awesome and has met our needs perfectly. For ideas, etc. support has been super responsive and made the product worth its weight in gold over other competitors!

Sean Huggans

Systems Engineer

Sanford Health

{

I have been using the catalog for a while now, and I must say that I’m impressed by the high quality of the updates and the richness of the catalog.

Kent Agerlund

Founder

CTGlobal

{

The “Base Installations” feature alone was well worth the switch from Ivanti to PMPC. It saves us countless hours every month!

Martin Jäger

System Administrator

Kremsmüller Industrieanlagenbau KG

{

Our experience has been great! We used to use SCCM for Adobe and Java updates only, but now we are able to use it for all of our 3rd party software while still using SCCM. It has made our endpoints much more secure in an automatic way.

Max Day

IT Manager

Truckee Meadows Water Authority

{

Wish all vendors were like you guys.

Joe Cormane

Hudson Advisors

View All Testimonials by Industry

We help you save time, money and improve your IT security

Integrate Third-Party Patch Management in Microsoft ConfigMgr and Intune