October’s (2024) Patch Tuesday Damage Report

** 2 Weeks After Patch Tuesday **

Two weeks hence and it looks like we’re in the clear with only some minor oddities listed below! Barely even enough text for a whole post, which is ideal given what’s at stake!

Server 2022

• Eventlog entries for uploads and other operations are missing username

Server 2016

• DCOM permissions are reset

Windows 10

• Quick assist not running unless launched as administrator (2nd)

Happy patching 🙂

---

** 72 Hours After Patch Tuesday **

72-hours in and it’s looking like Dell devices are the “hardest” hit this month, albeit not crazily. A lot of smaller disruptions this month, so let’s dig in!

No disruptions reported or detected on the trackd platform.

For some running Windows Server 2022 and Server 2019 the OpenSSH service won’t start after updating, but a handful of workarounds are available, a couple more issues with Dell devices (Latitude 5430s on Windows 11, OptiPlex Micro 7010s) having no taskbar or start menu, and some Dell laptops being knocked off wifi, but a workaround exists, a few Windows 11 virtual machines on HyperV could no longer use the default network, but a workaround exists, RDP issues compound with Windows Server 2022 RDP connections are failing after long connection attempts, for some Server 2019 and 2022 Bitlocker is getting killed that might be limited to Dell R750s.

Server 2022

• OpenSSH service won’t start after updating (workarounds exist)
• RDP connections failing/timing out after long connection attempts
• Bitlocker getting killed and prompting for recovery key (might be limited to Dell R750s)

Server 2019

• OpenSSH service won’t start after updating (workarounds exist)
• Bitlocker getting killed and prompting for recovery key (might be limited to Dell R750s)

Windows 11

• Missing start menu and taskbar (Dell Latitude 5430 & OptiPlex Micro 7010)
• Virtual machines on HyperV could no longer use the default network (workaround exists)

Dell – Unspecified OS

• Dell XPS 13” and 15” laptops being kicked off wifi (workaround exists)

---

Aloha! Today I Learned wifi doesn’t exist if you’re flying over the Pacific ocean 🙂

As such, October’s Patch Tuesday’s summary is coming in a few hours late from the big island of Hawaii, Hawai’i! 

This month we’ve got a cool 117 vulnerabilities, 2 Criticals, 3 Zero Days (all with Functional exploit code maturity, but only two actively exploited)!

Zero Days:

• CVE-2024-20659 – Windows Hyper-V Security Feature Bypass Vulnerability
• CVE-2024-43572 – Microsoft Management Console
• CVE-2024-43573 – Windows MSHTML Platform

Check out all of the details surrounding Microsoft’s September updates on their Release Notes page