Another month, another 11 security bulletins. According to SANS Internet Storm Center, none of the vulnerabilities addressed in the bulletin have known exploits, so it looks like another ho-hum Patch Tuesday -- unless one of the patches starts misbehaving.
There are the usual IE and Edge cumulative updates (MS16-084 and MS16-085), as well as a big one for Office (MS16-088). Three of patches are kernel related (MS16-089, MS16-090 and MS16-092). There's an ever-popular .Net fix (MS16-091) and one for Adobe Flash (MS16-093). I can see your eyes glazing over.
The patch that caught my eye is the one for the Microsoft Print Spooler, MS16-087/KB 317005. That piqued my interest because of a doomsday piece on ZDNet: "An attacker can install malware on all affected systems," Zack Whittaker writes. That claim is backed up by a post from Nick Beauchesne at Vectra, which was involved in reporting the flaw: "Own a printer, own a network with point and print drive-by," Beauchesne writes.
The pieces in this scenario have all the right buzzwords: watering hole, drive-by, man in the middle, turn a printer into an exploit kit, malicious code injection -- on every supported version of Windows, no less. I'm all for a bit of scaremongering if it's done with taste and humor, but this is too much.
What they're saying, in plain English, is that if you can put a jiggered print driver on a server somewhere, and you can convince someone securely attached to the server to install the bad driver from that server, you can take over their system.
Or you can try sending someone a link to a jiggered driver, but they'd have to be incredibly gullible to click on the link. Perhaps all that experience with "Get Windows 10" has inured them.
On a scale from one to 10, to me that rates a "meh."
For those of you running Windows 7, if you didn't take my advice about installing KB 3161608 (and thus installing KB 3161647), you may now face Windows Update times measured in fortnights. Fortunately, there's a solution -- two, actually.
- You can follow my advice and install six unrelated patches in order to get the speed-up patch that Microsoft should be distributing without encumbrances.
- There's a new trick on the wu.krelay.de site that involves installing KB3168965 and KB3164033.
Either way, scans for Windows 7 updates should take minutes, not hours.
See any problems with the patches? Let me know here or over on AskWoody.com.
t/h Susan Bradley, PatchManagement.org