As we come to the end of our first patch week of the year, the list of known issues continues to grow for the Patch Tuesday patches. Aside from the two higher profile issues below, be sure to look at Microsoft’s known issues for the operating systems in your environment. Here are some quick links below:

In the news, a new side channel-based attack has been discovered that is not caused by hardware-level flaws but is present in Windows and Linux. According to ZDNet, this attack targets page caches within RAM where an attacker can read the cache and recover relatively large quantities of data such as live keystrokes. Microsoft has already fixed this within the latest Windows 10 insider build, but a patch has yet to be released for production Windows versions.

Patch Tuesday Follow Up

While we have our Patch Tuesday Webinar, there are usually other issues that come out over the rest of the week. Due to this, we’re going to publish an article on patch week to cover the new issues discovered before the patching cycle begins.

The most notable issue this month is around hosted SMBv2 shares that could no longer be connected to on Windows 7 and Server 2008 R2 endpoints. This bug, which affects both the Security Bundle (KB4480960) and the Monthly Rollup (KB4480970), has now been acknowledged as a known issue on the release notes with the following description:

Local users who are part of the local “Administrators“ group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines after installing the January 8th, 2019 security updates. This does not affect domain accounts in the local "Administrators" group.

WindowsLatest summarizes the issue well, where it also provides an additional registry fix that could remediate this issue outside of rolling back certain configurations, leaving them exposed to the additional vulnerabilities found in the two patches.

Be sure to roll this patch out to a test group to see if your current configurations are vulnerable to this bug as this could cause considerable headaches for your end users.

Another issue has also reared its head this week where endpoints that use KMS in conjunction with KB971033 began receiving Windows Activation errors. This issue, detailed in a new Microsoft article, KB4487266, states that the issue is not related to Patch Tuesday and the resolution involves removing KB971033.

Security Releases

Wireshark released updates to its popular packet analyzer for its 2.4 and 2.6 branch, with a total of four vulnerabilities. All four CVEs are classified with a “Low” severity, with CVSSv3 scores at 3.3. As mentioned in previous posts, Wireshark is one of those software titles that can exist sparsely through your respective environment but is continuously updated with new discovered vulnerabilities. A summary of the CVEs and their respective versions can be found below:

Wireshark 2.6.6

Wireshark 2.4.12

CVE-2019-5716

CVE-2019-5717

CVE-2019-5717

CVE-2019-5718

CVE-2019-5718

CVE-2019-5719

CVE-2019-5719

Third-Party Updates

Here are the other updates we released in our content this week. These updates might not have CVEs, but they may still have helpful stability fixes as well as undisclosed security fixes:

Bulletin title

Ivanti ID

Ivanti KB

Cisco WebEx Meeting Center 32.15.33.8

WMC-014

QWMC3215338

DropBox 64.4.141

DROPBOX-100

QDROPBOX644141

Firefox 64.0.2

FF19-001

QFF6402

Google Backup and Sync 3.43.2448.9071

GSYNC-016

QGBS34324489071

KeePass Pro 2.41

KEEP-030

QKPP241

Opera 57.0.3098.116

OPERA-197

QOP5703098116

Plex Media Player 2.25.0

PLXP-027

QPLXP2250

Visual Studio Code 1.30.2

MSNS19-0110-CODE

QVSCODE1302

VLC Media Player 3.0.6

VLC-306

QVLC306

WinSCP 5.13.7

WINSCP-023

QWINSCP5137

How Ivanti Endpoint Security Customers Can Achieve a 176% ROI Over 3 Years - DOWNLOAD THE STUDY