Another month, another patch week down! While we’ve covered the released patches within our monthly post, be sure to look at Microsoft’s known issues for the operating systems in your environment. Here are some quick links below:

In the news, a new set of vulnerabilities was discovered in the WPA3 Wi-Fi security standard where password-theft attacks are once again effective. This set of 5 vulnerabilities dubbed “Dragonblood” by Mathy VanHoef attacks various aspects of the WPA3 handshake to recover the password of the network. This same security researcher is responsible for the “KRACK” vulnerability that still plagues unpatched WPA2 networks to this day. Current mitigation against the vulnerabilities can be provided through a unique and complex password that can’t be speculated upon through the vulnerabilities detailed. Ultimately, a firmware update will be required for the newer WPA3 supported networking hardware, so keep an eye out on your vendors for an update soon.

Patch Tuesday Follow-up

While we try to cover as many known issues as possible in our Patch Tuesday webinar, new feedback continues to roll in from the patching community.

Shortly after Microsoft’s patches dropped on Tuesday, feedback began to roll in around systems failing to boot after April’s patches were applied. After further investigation it appeared that endpoints running legacy Windows versions (Windows 7/2008R2, 2012, and 8.1/2012R2) in conjunction with Sophos antivirus were experiencing these problems. This issue has since been added to the “Known Issues” section of the associated security-only bundles and monthly rollup patches where Microsoft has updated their WSUS detection to exclude endpoints with Sophos altogether. Avast has also reported issues with the same patches on their website, but the issue has yet to escalate to the patch notes. Rolling these patches out to a test group is more important than ever this month depending on your antivirus solution. Please see the community articles below for further details.

UPDATE (4/12/2019): Feedback is still rolling in, and the number of issues around April’s patches appear to be growing. KB4493509 on Windows 10 1809 appears to be causing widespread slowdowns and stability concerns according to a Microsoft Answers post where removing the patch was the only solution. Avira also posted a support article around slowdowns on Windows 7 and Windows 10 1809 in conjunction with their software with patch uninstall being the recommended fix.

Third-Party Updates

While Patch Tuesday is the focus of this week, other vendors have been releasing non-security updates since the last blog post. These updates might not remediate any CVEs, but they might contain valuable stability fixes to include in the upcoming patching cycle:

Software Title

Ivanti ID

Ivanti KB

CCleaner 5.56.7144

CCLEAN-078

QCCLEAN5567144

DropBox 70.4.93

DROPBOX-106

QDROPBOX70493

Firefox 66.0.3

FF19-008

QFF6603

Foxit PhantomPDF 9.5.0.20721

FIP-020

QFIP950

Foxit Reader 9.5.0.20721

FI19-950

QFI950

Foxit Reader Consumer 9.5.0.20721

FIC-005

QNFOXITC950

GIMP 2.10.10

GIMP-017

QGIMP21010

GoodSync 10.9.30

GOODSYNC-115

QGS10930

Google Chrome 73.0.3683.103

CHROME-249

QGC7303683103

GoToMeeting 8.41.0

GOTOM-061

QGTM8410

Microsoft Power BI Desktop 2.68.5432.661

PBID-054

QBI2685432661

Node.JS 6.17.1 (Maintain)

NOJSM-004

QNODEJSM6171

Notepad++ 7.6.6

NPPP-091

QNPPP766

Opera 60.0.3255.27

OPERA-208

QOP600325527

PDF-Xchange PRO 8.0.330.0

PDFX-030

QPDFX803300

Plex Media Server 1.15.3.876

PLXS-033

QPLXS1153876

TreeSize Free 4.3.1.494

TSF-018

QTSF431494

Visual Studio Code 1.33.0

MSNS19-0404-CODE

QVSCODE1330

WinMerge 2.16.2

WMER-003

QWMERG2162

WinSCP 5.15.1

WINSCP-027

QWINSCP5151

Reduce risks of cybersecurity threats