It is patch week once again. Although this is an application month (Microsoft usually rotates every other month for OS then Apps like office, etc.), there will likely be one critical update to IE that would concern companies continuing on Windows XP. If you are one of those companies continuing to run Windows XP read on.
According to Gartner, “one-third of enterprises had more than 10% of their systems
remaining on XP when extended support ended”. Of those customers some will be purchasing a Premium Support Contract with Microsoft to continue receiving Critical Updates for Windows XP. Many of those same companies have started asking the question of how they will be distributing those patches to systems. They want the same level of quality assurance for detecting and deploying patches to Windows XP systems. They want to do this without manually packaging, testing, and delivering the updates outside of their current solutions. They also want compliance reporting and status on the updates being applied as their policies require.
Microsoft has announced this month’s Patch Tuesday release. There are 8 total patches expected to be released on Tuesday, May 13th. Here is the breakdown for this month:
- 2 bulletins are rated as Critical.
- 6 bulletins are rated as Important.
- 3 bulletins address vulnerabilities that could allow Remote Code Execution.
- 3 bulletins address vulnerabilities that could allow Elevation of Privileges.
- 1 bulletin addresses a vulnerability that could lead to Denial of Service.
- 1 bulletin addresses a vulnerability that could lead to Security Feature Bypass.
- All supported Windows operating systems
- All supported Internet Explorer versions
- All supported versions of Office
- All Supported versions of Sharepoint
- Microsoft Office Web Apps
- Sharepoint Designer
Join us as we review the Microsoft and third-party releases for May Patch Tuesday in our next monthly Patch Tuesday webcast, which is scheduled for Wednesday, May 14th at 11 a.m. CDT. We will also discuss other product and patch releases since the February Patch Tuesday.
You can register for the Patch Tuesday webinar here.
Congratulations! You are off of Windows XP or will complete your migration shortly, but of course not everyone is happy. As Windows 8 first came out everyone got used to hearing the question “Where did the @#$&*%! start button go!”. Good question, and that among other post XP Migration questions is the topic of discussion for today. There are some tools and updates than can help alleviate these user pains. Did you know that with Windows 8.1 Update 1 Microsoft has added some valuable features to improve the experience for users and also to make it backward compatible with applications that ran on Windows XP? You can also deploy Classic Shell, which is a popular 3rd party tool for returning some of the classic windows UI features on windows 8.1.
Microsoft has announced Security Bulletin MS14-021 on Technet to resolve the IE Zero Day identified on April 26th. The Shavlik Content team is investigating and will be releasing support for this bulletin as soon as possible. A restart will be required to apply the patch. Also, if you have applied any of the mitigation steps you will need to take a look at the ‘Workarounds’ section of the bulletin to see if the steps you chose will need to be reverted.
For those of you on Windows XP, the bulletin identifies variations on IE 6, 7, and 8 and according to the MSRC post today, Microsoft has decided to support this bulletin on Windows XP. According to Dustin Child’s post Microsoft “…made the decision to issue a security update for Windows XP users. Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system…”.
Watch for the Shavlik Content Announcement later today once we have tested and made it available to our customers.