October Patch Tuesday Frequently Asked Questions
In our October edition of our monthly Patch Tuesday analysis webinar, we recapped Microsoft and third-party security patches released on Patch Tuesday. If you missed it, you can watch here. And be sure to tune into our next webinar in November.
One of the most popular parts of this webinar series is the extensive Q&A session we run at the end. We come prepared with a full team ready to answer all of your patching questions. Below is a summary of some of the most frequently asked questions regarding October Patch Tuesday.
Q: Which CVE is the Zero Day Vulnerability?
- A: CVE-2018-8453 is currently actively exploited and should be remediated as soon as possible. All actively supported operating systems were provided a patch for this CVE.
Q: Are there any major known issues I should know about?
- A: HP systems had a driver compatibility issue for KB4462919 for Windows 10 1803 machines which could cause the system to get a blue screen error.
Q: After I installed KB3177467, a restart was required to complete the installation. During this restart, I found myself stuck on “Stage 2 of 2” or Stage 3 of 3.”
- A: This is a known issue on Microsoft’s KB article. The end user will need to press Ctrl+Alt+Del to bypass the hanging update screen
Q: Does Microsoft provide a spreadsheet with all the patches available for each OS?
- A: Microsoft’s created a security update guide which provides detailed information about the security patches for the month. This site only includes security updates, so any non-securities released during the month (e.g. the flash update this month) will not be present on the guide.
Q: I suspect some of my Windows 7 machines have not applied patches older than the bundle/rollup releases. What’s the easiest way to scan for this in LANDesk EPM? Is there a single particular definition I could use?
- A: Before the cumulative, Microsoft still had piecemeal updates. There were statements signifying that they were going to create a comprehensive cumulative initially, but no such patch has yet to release. As large as the number is, you might need to scan for all older KBs earlier than June 2016.
Q: If I’m applying patches via groups, how do I identify which servers need which patches?
- A: Each desktop OS patch will also apply to the respective kernel version (e.g. Windows 7/2008 R2, Windows 8.1/2012 R2, Windows 10 1607/2016). Make sure to include the proper security-only bundles or monthly rollups for each group.