Patch My PC (PMPC) has become a household name in the Information Technology industry, particularly for those of us involved with managing 3rd party application patching with System Center Configuration Manager (ConfigMgr/SCCM) and Microsoft Intune. I’ll share my reviews on PMPC in later blog posts but in so many words, it’s an amazing product. In the meantime, if you have any questions, let me know.
This post is to share my excitement for the swag I received from PMPC in appreciation for my strong recommendations and advocacy, not only for the rock solid solution but for the high quality customer service, technical support, and seriousness of listening to their customers for feedback and product improvements. Check out the unboxing video of the thoughtful gifts I received which I will definitely use.
Microsoft has released update KB4577586, which is named “Update for the removal of Adobe Flash Player: October 27, 2020“. This update removes Adobe Flash from all Windows 10 and Windows Server systems. Please note: Once this update has been installed, it cannot be removed. Also, this update will only uninstall the ActiveX version of Adobe Flash, and not those installed via other mechanisms.
This update is currently not available in Windows Server Update Service (WSUS), and therefore is only available via the Microsoft Update Catalog. Microsoft states that it will be made available in early 2021.
Manual Installation: You can install this update manually on systems running Windows 10 or server OS such as Windows Server 2012, 2012 R2, 2016, and 2019 by downloading the update using the Microsoft Update Catalog portal, and selecting the appropriate OS for your system.
Deployment Using WSUS/ConfigMgr: To deploy this update to multiple systems, you will need to use WSUS to import the update. 1. Launch the WSUS console, expand your server name, then click on Updates in the left-hand pane. 2. In the right-hand Actions pane, click on Import Updates. This will launch the Microsoft Update Catalog in your default browser.
3. In the Microsoft Update Catalog portal, click in the Search box on the top right hand side, and type KB4577586, and click Search.
4. Select the update for the desired OS types, and click on the Add button. This will add the updates to the basket.
5. Click on view basket on the top right-hand side of the page, which is located right below the search box. You will find all the updates you have added to be imported. Make sure that the checkbox for “Import directly into Windows Server Update Services” is selected, and then click the Import button. A window will open to show the import progress and when completed, the updates will be in WSUS.
In case you run into the following failed import state, you will need to add a fix in the registry.
By clicking on theredbutton labeled “Failed“, you will see it mentions the error number 80131509 with a description as seen in the image below.
To fix the error, launch the registry console by running regedit on the server. Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319.
Create a new DWORD (32-bit) key, and specify the name as SchUseStrongCrypto and apply the value as 1. Then, restart the server.
Update With ConfigMgr: If you use ConfigMgr to manage and deploy your Windows Updates, you will need to run a Software Update sync from the ConfigMgr console to pull in the recently imported updates from WSUS.
In the ConfigMgr console, under the Software Library node, go to Software Updates > All Software Updates. To synchronize updates, you can either click the Synchronize Software Updates button on the top left-hand of the console or right-click on “All Software Updates, and select “Synchronize Software Updates” from the pop-out menu.
On successful completion of the software update sync, you will find the update for KB4577586 under “All Software Updates”. At this point, you will need to download the updates into a deployment package, and then deploy the updates to the device collections.
I will add the steps and screen captures to show how to download and deploy the updates using ConfigMgr in my next update or revision of this blog post. Stay tuned.
The resources below are other options available to uninstall using PowerShell scripts. These were written by my friend Ben Whitmore aka ByteBen. He uses the application method instead of the software updates method to uninstall Adobe Flash from systems using the scripts he wrote. Check it out:
Here’s a YouTube episode on Namaste Techies covering all about Adobe Flash removal, including demos and useful tips. Please like and subscribe to the channel. Thanks.
I recently discovered this website, WhatIsMyTenantID.com which provides a quick and easy way to find your Microsoft Azure Tenant ID information. It’s very simple to use. Visit the website, type your domain name, and click “Find my tenant ID” to obtain the results.
On January 12, 2021 (Pacific Time), Microsoft released security updates affecting the following Microsoft products:
Product Family
Maximum Severity
Maximum Impact
Associated KB Articles and/or Support Webpages
Windows 10 v20H2, v2004, v1909, v1809, and v1803
Critical
Remote Code Execution
Windows 10 v2004 and Windows 10 v20H2: 4598242 Windows 10 v1909: 4598229 Windows 10 v1809: 4598230 Windows 10 v1803: 4598245
Windows Server 2019, Windows Server 2016, and Server Core installations (2019, 2016, v20H2, v2004, v1909)
Critical
Remote Code Execution
Windows Server 2019: 4598230 Windows Server 2016: 4598243 Windows Server v2004 and Windows Server v20H2: 4598242 Windows Server v1909: 4598229
Windows 8.1, Windows Server 2012 R2, and Windows Server 2012
Critical
Remote Code Execution
Windows 8.1 and Windows Server 2012 R2 Monthly Rollup: 4598285 Windows 8.1 and Windows Server 2012 R2 Security Only: 4598275 Windows Server 2012 Monthly Rollup: 4598278 Windows Server 2012 Security Only: 4598297
Resources for deploying updates to remote devices:
With so many people working remotely, it is a good time to review guidance on deploying security updates to remote devices, such as desktops, laptops, and tablets. Here are some resources to answer questions pertaining to deploying updates to remote devices.
Below are summaries for some of the security vulnerabilities in this release. These specific vulnerabilities were selected from the larger set of vulnerabilities in the release for one or more of the following reasons: 1) We received inquiries regarding the vulnerability; 2) the vulnerability may have received attention in the trade press; or 3) the vulnerability is potentially more impactful than others in the release. Because we do not provide summaries for every vulnerability in the release, you should review the content in the Security Update Guide for information not provided in these summaries.
Notes on details in the vulnerability summaries:
Attack Vector
This metric reflects the context by which vulnerability exploitation is possible. The Base Score increases the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable component.
Attack Complexity
This metric describes the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability. Such conditions may require the collection of more information about the target or computational exceptions. The assessment of this metric excludes any requirements for user interaction in order to exploit the vulnerability. If a specific configuration is required for an attack to succeed, the Base metrics should be scored assuming the vulnerable component is in that configuration.
Privileges Required
This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
User Interaction
This metric captures the requirement for a user, other than the attacker, to participate in the successful compromise the vulnerable component. This metric determines whether the vulnerability can be exploited solely at the will of the attacker, or whether a separate user (or user-initiated process) must participate in some manner.
CVE-2021-1674
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
Microsoft Word Remote Code Execution Vulnerability
Impact
Remote Code Execution
Severity
Important
Publicly Disclosed?
No
Known Exploits?
No
Exploitability
Exploitation less likely
CVSS Base Score
7.8
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Software
Microsoft Excel 365 Apps for Enterprise, Word 2010, Word 2013, Word 2016, Office 2010, Office 2019, Office 2019 for Mac, Office Online Server, Office Web Apps 2010, Office Web Apps Server 2013, Office SharePoint Enterprise Server 2013, SharePoint Enterprise Server 2016, SharePoint Server 2010, and SharePoint Server 2019
Office security updates published as part of the January 2021 Patch Tuesday address bugs exposing Windows systems running vulnerable Click to Run and Microsoft Installer (.msi)-based editions of Microsoft Office products to remote code execution (RCE) attacks.
Microsoft rated the six RCE bugs patched this month as Important severity issues since they could enable attackers to execute arbitrary code in the context of the currently logged-in user.
Further information about each of them is available within the knowledge base articles linked below.
To download the January 2021 Microsoft Office security updates, you have to click on the corresponding knowledge base article below and then scroll down to the ‘How to download and install the update‘ section.
