Windows zero-day fix highlights November Patch Tuesday - From TechTarget 11-13
On November 13, an article in TechTarget, by Associate Editor, Kristen Gloss, entitled,"Windows zero-day fix highlights November Patch Tuesday", described that, "In addition to the November Patch Tuesday updates, Microsoft offered assistance to combat a new side-channel attack and rereleased a Windows 10 update and Windows Server 2019."
According to Gloss: "Microsoft closed 62 vulnerabilities, with 12 rated critical, in the November Patch Tuesday releases. Admins should focus on patching systems affected by a zero-day exploit and public disclosure as quickly as possible," quoting Chris Goettl, director of product management at Utah-based Ivanti. Among the other pieces of news contained in the article: "Earlier this month, researchers revealed another side-channel attack that uses simultaneous multithreading architecture to steal data. Dubbed PortSmash, this attack method uses a unique spin on the side-channel vulnerabilities exposed earlier this year with the Meltdown and Spectre flaws." Goss indicates that these, and other vulnerabilities can be mitigated through the updates, through diligence of administrative staff (or consultancies that support your Windows environments like Derive Technologies), and "by disabling simultaneous multithreading."
Announced in the article as well: "Microsoft rereleases Windows Server 2019, discontinues hotfix service."
Contact Derive Technologies
Derive Technologies is a Microsoft Gold Certified Partner, with extensive experience in the complete front-end Windows platform, in Windows security and in Windows Server implementation and management. Please contact a Derive Microsoft Solutions Specialist for information about Microsoft updates, security patches and more by calling (212) 363-1111 [New York], (201) 299-9132 [New Jersey] or TOLL-FREE at (844) 363-1110. You may also reach us by completing the FORM ON THIS PAGE (please include "Windows Zero Day" in the comments).