We help you save time, money and improve your IT security

Integrate Third-Party Patch Management in Microsoft ConfigMgr and Intune

Patch Tuesday Support Group October Webinar

Webinar Summary

Jordan Benzing goes over the latest update releases including CVE-2024-43468 focusing on CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’). Bryan Dam then reviews hot topic articles over the last month including Win+R Weaponized for Captcha, U.S. Wiretap Systems targeted in China-Linked Hack, the Internet Archive is under attack, and Important changes to the Windows enrollment experience coming soon.

Watch the Webinar Recording

Webinar Hosts

Bryan Dam

Bryan Dam

Patch My PC
Software Engineer

Jordan Benzing Patch My PC Team Photo

Jordan Benzing

Patch My PC
Security Engineer Lead

Patch Tuesday Support Group Webinar Recap

Patch Tuesday October News

Security Updates

Win+R Weaponized For Captcha: Captcha saves vulnerable URL to clipboard and tells user to run the cmd — x.com

How North Korea Infiltrated the Crypto Industry — coindesk.com

U.S. Wiretap Systems Targeted in China-Linked Hack — wsj.com, eff.org

D-Link fixes critical RCEs, hardcoded password flaws in WiFi 6 routers — dlink.com

Attacking UNIX Systems via Common Unix Printing System (CUPS): Remotely executable without user interaction: CVSS base score of 9 affects many/most Linux Distros, Chromium/ChromeOS, Solaris — evilsocket.net, github.com, bleepingcomputer.com

Ivanti Continues to have a good time — bleepingcomputer.com – ivanti fixes rce bug, bleepingcomputer.com – ivanti warns of critical csa flaw, bleepingcomputer.com – critical ivanti vtm auth bypass bug, bleepingcomputer.com – ivanti warns three more csa zero days exploits

Mind the (air) gap: GoldenJackal gooses government guardrails — welivesecurity.com

Kaspersky Exits U.S., Automatically Replaces Software With UltraAV, Raising Concerns — thehackernews.com

WP Engine sues WordPress co-creator Mullenweg and Automattic, alleging abuse of power — techcrunch.com

The Internet Archive is under attack, with a breach revealing info for 31 million accounts — theverge.com

What’s new at Microsoft

Windows 11 Insider Preview Build 27718 includes ‘Administrator Protection’ — blogs.windows.com, patchmypc.com

Important changes to the Windows enrollment experience coming soon — techcommunity.microsoft.com

Update on Recall security and privacy architecture — blogs.windows.com

Windows 11, version 24H2: What’s new for IT pros — techcommunity.microsoft.com

KB29166583 – Management point security update for Configuration Manager 2403 — learn.microsoft.com, msrc.microsoft.com

What’s new in Microsoft Intune? — learn.microsoft.com

Get Off My Lawn

Intune missing capabilities for the ConfigMgr administrator — potentengineer.com

Windows Server Update Services (WSUS) deprecation — techcommunity.microsoft.com, patchmypc.com, patchmypc.com

Microsoft Patches of Note

View the full list of Patch Tuesday release notes at Patch Tuesday Blog Home Page – Patch Tuesday Blog

Total Patches Release: 102
Patch Severity Number of
Critical 42
Important 60
Moderate 0
N/A 0

Third Party Updates from Patch My PC

Total updates: 3305
Update Severity Number of
Critical 69
Important 479
Moderate 2422
Low 9
N/A 326

Browser Wars

Browser Specific updates
Browser Number of
Google Chrome 15
Firefox 10
Edge 15
Opera 9

Insight into CVEs

This month there were a total of 121 vulnerabilities addressed.

CVE Impact
Classification Number of
Critical 3
Important 114
Moderate 1
N/A 3
CVE Breakdown
CVE Type Number of
Denial of service 26
Elevation of Privilege 28
Information Disclosure 6
Remote Code Execution 43
Security Feature Bypass 7
Spoofing 7
Tampering 1

Our Customers Love Us

G2 Summer Leader
G2 Best Results
G2 Best Relationship
G2 Best Usability
G2 Best Support
G2 High Performer

Trusted by Over 7,600 Enterprises on Over 23.4 Million Endpoints

American Express - Patch My PC Customer
Adidas - Patch My PC Customer
NHL - Patch My PC Customer
Toyota - Patch My PC Customer
Mastercard - Patch My PC Customer
General Mills - Patch My PC Customer
Dominos Pizza - Patch My PC Customer
Gartner - Patch My PC Customer
Nasdaq - Patch My PC Customer
NOAA - Patch My PC Customer
Airbus - Patch My PC Customer
FireEye - Patch My PC Customer
Samsung Securities - Patch My PC Customer
Campbell Soup Company - Patch My PC Customer
iHeartMedia - Patch My PC Customer
Phillips 66 - Patch My PC Customer
Pacific Life - Patch My PC Customer
Hyatt Hotels - Patch My PC Customer
National Weather Service - Patch My PC Customer
Sunbelt Rentals - Patch My PC Customer
Subway - Patch My PC Customer
Lufthansa - Patch My PC Customer
Penn State - Patch My PC Customer
{

Since the day we implemented 3rd party app patching through Patch My PC, we have achieved a more controlled but mainly fast way to update our clients. Our previous packaging process always took at least 1-2 weeks before an updated version of an app was available for deployment.

Gerasimos Bartsas - Adidas
Gerasimos Bartsas
Manager Endpoint Security and Compliance
{

This is one of the most excellent support/product teams I worked with so far! I would say, you guys know very well your product when it comes to troubleshooting.

Patch My PC is an excellent tool to manage third party updates through SCCM. I’m completely satisfied.

Dinesh Tashildar - American Express
Dinesh Tashildar
Lead Technical Architect
{

I was trialing Patch Connect Plus and having issues. PCP’s support was poor, outsourced, and they did not help me solve my issue. I switched to a Patch My PC trial and was experiencing the same issue. Justin reached out to Microsoft in less than an hour on my behalf and had a resolution.

Alexander Guarino - Harvard Business Publishing
Alexander Guarino
Systems Engineer
{

This was the easiest product to implement that I have ever used. And working with your company is always a pleasure.

Kurt Levitan - Harvard University
Kurt Levitan
Technical Architect
{

It’s been awesome and has met our needs perfectly. For ideas, etc. support has been super responsive and made the product worth its weight in gold over other competitors!

Sean Huggins - Patch My PC Review
Sean Huggans
Systems Engineer
{

I have been using the catalog for a while now, and I must say that I’m impressed by the high quality of the updates and the richness of the catalog.

Kent Agerlund - CTGlobal
Kent Agerlund
Founder
{

The “Base Installations” feature alone was well worth the switch from Ivanti to PMPC. It saves us countless hours every month!

Martin Jäger - Kremsmüller Industrieanlagenbau KG
Martin Jäger
System Administrator
{

Our experience has been great! We used to use SCCM for Adobe and Java updates only, but now we are able to use it for all of our 3rd party software while still using SCCM. It has made our endpoints much more secure in an automatic way.

{

Wish all vendors were like you guys.

Hudson Advisors Review
Joe Cormane