If you did not have the opportunity to join us for the June Patch Tuesday webinar, make sure to watch our recording before proceeding with this month’s patches.

As always, here are the quick links to stay up to date on any developing known issues:

Patch Tuesday Follow-up

Although we go over as many known issues as possible during our Patch Tuesday Webinar, new issues tend to arise over the week that are very important to your next patching cycle.

The highest-profile issue within patching forums is related to Bluetooth devices no longer working on any patched endpoint. Microsoft has detailed this issue within a KB article where devices would now reject connections with the error “BTHPORT_DEBUG_LINK_KEY_NOT_ALLOWED”. This error is due to Windows now blocking well-known encryption keys, preventing exploitation of CVE-2019-2102. To resolve this issue, all relevant Bluetooth devices will need to be updated to gain successful connection to patched Windows endpoints.

An additional high-impact issue within Microsoft documentation surrounds Hyper-V. During this Patch Tuesday, Microsoft remediated three CVEs (CVE-2019-0620, CVE-2019-0709, CVE-2019-0722), detailing virtual machine escape vulnerabilities where arbitrary code can be executed on the host. The most alarming side effects to these fixes are detailed in Microsoft’s KB article, where the host will enter “Bitlocker Recovery mode” with an error if Bitlocker is enabled on the host. While a helpful workaround is supplied through the article, please roll this out to a test group if you have a chance to be affected.

As always, make sure to stay up to date on the issues as they develop via the links at the beginning of this post.

Third-Party Updates

While Patch Tuesday has been in the spotlight, other vendors have also released potentially valuable non-security updates this week. See the list below and be sure to add these to your patching cycle.

Software Title

Ivanti ID

Ivanti KB

Adobe Acrobat DC 15.006.30498

ARDC19-006

QADC1500630498

Adobe Acrobat DC 17.011.30143

ARDC19-005

QADC1701130143

Adobe Acrobat DC Continuous 19.012.20035

ARDC19-004

QADC1901220035

Apache Tomcat 8.5.42

TOMCAT-136

QTOMCAT8542

Apache Tomcat 9.0.21

TOMCAT-137

QTOMCAT9021

Firefox 67.0.2

FF19-013

QFF6702

GoToMeeting 8.45.2

GOTOM-065

QGTM8452

Microsoft Power BI Desktop 2.70.5494.562

PBID-058

QBI2705494562

Microsoft Power BI Desktop 2.70.5494.661

PBID-059

QBI2705494661

PeaZip 6.8.1

PZIP-016

QPZIP681

Plex Media Player 2.35.1

PLXP-038

QPLXP2351986

Plex Media Server 1.15.8.1198

PLXS-037

QPLXS11581198

Skype 8.47.0.59

SKYPE-160

QSKY847059

Thunderbird 60.7.1

TB19-6071

QTB6071

Visual Studio 2017 version 15.9.13

MS19-06-VS2017

QVS201715913

Visual Studio Code 1.35.1

MSNS19-0613-CODE

QVSCODE1351

VLC Media Player 3.0.7

VLC-307

QVLC307

VLC Media Player 3.0.7.1

VLC-3071

QVLC3071

How Ivanti Endpoint Security Customers Can Achieve a 176% ROI Over 3 Years - DOWNLOAD THE STUDY