Microsoft Issues Out-of-Band Update for Patch Tuesday Problems

Written by

Microsoft has been forced to issue an out-of-band update to fix several problems reported by system administrators following this month’s Patch Tuesday.

After installing the January Windows update, customers complained of Hyper-V not starting, Windows resilient file system (ReFS) being no longer accessible, unwanted system reboots and other issues.

Microsoft responded on Monday with a new update designed to fix the problems.

“This update addresses issues related to VPN connectivityWindows Server Domain Controllers restartingvirtual machines start failures and ReFS-formatted removable media failing to mount,” it noted.

“All updates are available on the Microsoft Update Catalog, and some are also available on Windows Update as an optional update. Check the release notes for your version of Windows for more information.”

Updates for Windows 8.1, Windows Server 2012 R2 and Windows Server 2012 are available only on the Microsoft Update Catalog. Updates for all other versions are available on Windows Update as an optional update.

Microsoft kicked off 2022 with fixes for 97 CVEs last week, including six publicly disclosed but not exploited.

Among these were CVE-2022-21839, a denial of service vulnerability in the Windows event tracing discretionary access control list; an elevation of privilege flaw in Windows user profile service (CVE-2022-21919); and a Windows certificates spoofing vulnerability (CVE-2022-21836).

The remaining three publicly disclosed flaws were remote code execution bugs in Windows Security Center API (CVE-2022-21874), libarchive (CVE-2021-36976) and open-source curl (CVE-2021-22947).

The Patch Tuesday release also included fixes for nine critical vulnerabilities, the largest number since July 2021.

Last year was a record-setter regarding new CVEs published to the US National Vulnerability Database.

By early December, the figure had reached 18,376, the fifth year in a row that it hit an all-time high.

What’s hot on Infosecurity Magazine?