August 2024 Patch Tuesday forecast: Looking for a calm August release
July ended up being more ‘exciting’ than many of us wanted; we’re supposed to be in the height of summer vacation season. First, we had a large set of updates on Patch Tuesday, then we had to work through the CrowdStrike event, and finally many of us had Azure outages due to Microsoft responding to a DDoS attack. The forecast for August Patch Tuesday is a little lighter, but let’s revisit this month’s events first.
The July 2024 Patch Tuesday release kept everyone busy with updates for Microsoft Windows, Office, SharePoint, SQL Server and .NET framework, plus Mozilla released their Firefox and Firefox ESR updates in the afternoon. The Windows 11 and Windows 10 updates addressed 74 and 85 vulnerabilities respectively. These updates were rated Critical with two zero-day vulnerabilities addressed as well as one that was publicly disclosed. The SharePoint update was also rated Critical with the remaining patches all being Important.
Just 10 days later, CrowdStrike dropped an update to their Falcon product which resulted in millions of Windows systems crashing. As later reported in their root cause analysis report, there was an error in their Content Validator component which allowed the faulty update to pass testing and be publicly released. And then just 11 days later, Microsoft experienced an Azure interruption in several regions which impacted Microsoft O365 and many other services for several hours. As per the report, this occurred in response to a DDoS attack.
We’re all prepared to deal with a large set of Patch Tuesday updates when they happen, but the added load of unexpected security and operational events really adds to chaos and workload. As the phrase ‘add insult to injury’ implies, there were also threat actors taking advantage of the situation by sending out phishing attacks with ‘free advice and tools’ to help you recover from these incidents. During chaotic times like these you need to remain diligent, systematically work through your recovery processes and return your systems to a secure, functional state.
Microsoft announced mid-month the updates for Windows 11 24H2 are changing to what they are calling ‘checkpoint cumulative updates.’ This redesign introduces the concept of a periodic cumulative checkpoint file that incorporates a series of several months’ cumulative updates. Once the checkpoint file has been issued the subsequent updates will be cumulative but much smaller because they start new using the last checkpoint as a baseline.
Per Microsoft, with the introduction of this technology “you get even smaller downloads to Windows devices, sustainable redistribution of updates within your infrastructure, and a better update experience for annual feature updates.” The article provides a detailed explanation of how they are using these checkpoint files and also states that if you are using the standard Windows update mechanisms then no changes are required to your current processes.
The preview updates which just came out for Windows 10 and 11 address several issues which have been tracked for a while. On Windows 10, the January update from this year broke Microsoft Connected Cache (MCC) node discovery and on Windows 11, the preview fixes an issue that caused Windows backups to fail on devices with an Extensible Firmware Interface (EFI) system partition (ESP). Be on the lookout for these two problems to be fixed in the releases next week.
August 2024 Patch Tuesday forecast
- After an extensive set of CVEs addressed in the OS updates last month, the updates next week should be more in line with the standard 20-30 we normally see. We probably won’t see more SQL server or .NET framework updates.
- Adobe released their last security updates for Acrobat and Reader back in May, so be on the lookout for another release this month.
- Apple released their latest OS updates on July 29th and then followed up with a dot release earlier this week. Make sure you include them in your updates next week if you haven’t already.
- Google Chrome released a beta version of Desktop yesterday, so expect a security update next week as usual.
- Mozilla released security updates for Firefox 129, Firefox ESR 115 and 128, and Thunderbird 115 and 128 on Tuesday, so we should get a break next week.
Overall, it was a very busy July for many of us. Let’s look forward to a regular release next Tuesday and then a calm period for the remainder of the month without all the excitement of unexpected security events. We want to recover some vacation time we missed in July!
source: HelpNetSecurity
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024Hackers now use AppDomain Injection to drop CobaltStrike beacons
August 24, 2024