Patch Tuesday de Mars 2018, bilan de la maintenance “Windows 10”
Microsoft propose depuis mardi dernier (13/03/2018) plusieurs mises à jours cumulatives pour toutes les versions de Windows 10. Elles sont déployées à l’occasion du Patch Tuesday.
Cette maintenance vise toutes les itérations de Windows 10. Dans certains cas il s’agit d’un support dans le cadre du LTSC contraction de Long Term Term Servicing Channel. Ceci concerne la toute première version de l’OS, Windows 10 v10240 et Windows 10 v1511. A noter que Windows 10 Anniversary Update sera également concerné d’ici quelques semaines. Son dernier Patch Tuesday classique est prévu pour le mois d’avril.
Toutes ces mises à jour cumulatives sont avant tout axées sur la sécurité. Dans certains il y a des améliorations visant les performances et la fiabilité. Vous trouverez ci-dessous l’ensemble des Updates proposés à l’occasion de ce Path Tuesday du mois de mars 2018 ainsi que les modifications apportées.
KB4088776 pour Windows 10 Fall Creators Update (1709)
Windows 10 Fall Creators Update est la version la plus récente du système d’exploitation de Microsoft. Selon la firme il s’agit de l’OS le plus sécurisé. L’installation de KB4088776 permet de le faire évoluer en version 16299.309. Son contenu apporte des améliorations, y compris des correctifs de sécurité pour les navigateurs Internet Explorer et Microsoft Edge ainsi que le noyau du système.
KB4088776 supprime également la vérification « antivirus » introduite par Microsoft en janvier dernier. Son objectif était de bloquer l’installation des mises à jour sur les systèmes exécutant des logiciels de sécurité incompatibles.
Addresses issue where Internet Explorer stops working when using F12-based developer tools.
Addresses issue with printing XML documents with Internet Explorer and Microsoft Edge.
Updates legacy Document Mode cell visibility in Internet Explorer.
Addresses issue with pinch and zoom gestures on some hardware in Internet Explorer.
Addresses issue where Internet Explorer is unresponsive in certain scenarios when a Browser Helper Object is installed.
Addresses issue to prevent media and other applications from becoming unresponsive or failing when upgrading graphics drivers.
Addresses issue where customers receive “Check your account, you don’t own this content” errors when attempting to play or install owned content. This issue can also result in customers getting kicked out of a game in the middle of play.
Addresses issue where, after installing KB4056892,KB4073291, KB4058258, KB4077675, or KB4074588 on a server, you may not be able to access SMB shared files in directory junction points or volume mount points hosted on that server. The error is “ERROR_INVALID_REPARSE_DATA”. As a result, editing some group policies using GPMC or AGPM 4.0 may fail with the error “The data present in the reparse point buffer is invalid. (Exception from HRESULT: 0x80071128)”.
Addresses issue where an AD FS server issue causes the WID AD FS database to become unusable after a restart. This might prevent the AD FS service from starting.
Addresses issue where, after installing KB4090913, the Mixed Reality Portal may fail to initialize. This results in an “SXXXXXXX-X” error or a “We couldn’t download the Windows Mixed Reality Software” message may appear after the software is successfully downloaded.
Due to recent work with our antivirus (AV) partners, AV software has now reached a sustained level of broad compatibility with Windows updates. After analyzing the available data, we’re lifting the AV compatibility check for the March 2018 Windows security updates for supported Windows 10 devices through Windows Update. We’ll continue to require that AV software be compatible. Devices with known AV driver compatibility problems will be blocked from updates. We recommend that customers check installed AV software compatibility with their AV provider.
Security updates to Internet Explorer, Microsoft Edge, Microsoft Scripting Engine, Windows Desktop Bridge, Windows Kernel, Windows Shell, Windows MSXML, Device Guard, Windows Hyper-V, Windows Installer, and the Microsoft Scripting Engine.
KB4088782 pour Windows 10 Creators Update (1703)
De son côté Windows 10 Creators Update (Windows 10 v1703) est visé par la mise à jour cumulative KB4088782. Elle fait évoluer sa version au numéro 15063.966. Tout comme KB4088776, KB4088782 supprime le blocage des mises à jour si un antivirus non pris en charge est présent.
A cela s’ajoute des correctifs de sécurité pour l’OS et plusieurs de ses composants systèmes ou applications natives. Cela concerne par exemple les navigateurs Internet Explorer, Microsoft Edge.
KB4088782, quoi de neuf ?
Addresses issue with printing XML documents in Internet Explorer and Microsoft Edge.
Addresses issue where Internet Explorer stops working when using F12-based developer tools.
Updates legacy Document Mode cell visibility in Internet Explorer.
Addresses issue where Internet Explorer is unresponsive in certain scenarios when a Browser Helper Object is installed.
Addresses issue that causes online video playback to stop responding.
Addresses issue where, after installing KB4056891, KB4057144, or KB4074592 on a server, you may not be able to access SMB shared files in directory junction points or volume mount points hosted on that server. The error is “ERROR_INVALID_REPARSE_DATA”. As a result, editing some group policies using GPMC or AGPM 4.0 may fail with the error “The data present in the reparse point buffer is invalid. (Exception from HRESULT: 0x80071128)”.
Due to recent work with our antivirus (AV) partners, AV software has now reached a sustained level of broad compatibility with Windows updates. After analyzing the available data, we’re lifting the AV compatibility check for the March 2018 Windows security updates for supported Windows 10 devices through Windows Update. We’ll continue to require that AV software be compatible. Devices with known AV driver compatibility problems will be blocked from updates. We recommend that customers check installed AV software compatibility with their AV provider.
Security updates to Internet Explorer, Microsoft Edge, Microsoft Scripting Engine, Windows Desktop Bridge, Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Windows Installer, and Windows Hyper-V.
KB4088787 pour Windows 10 Anniversary Update (1607)
Les utilisateurs de Windows 10 Anniversary Update (version 1607) sont concernées par la mise à jour KB4088787. Il permet de mettre à jour leur système en une seule opération. Il est important de noter que cette version vit actuellement ses dernières semaines de maintenance. Elle atteindra la fin de son support le mois prochain. Passé cette date, Microsoft ne propose plus d’update dédié.
Le journal des modifications n’est pas très important. Nous retrouvons une nouveau l’arrêt du blocage des mises à jour si un antivirus incompatible est détecté. Microsoft s’attaque à la correction de failles visant Microsoft Edge, Internet Explorer, Windows Desktop Bridge, le composant Microsoft Graphics et d’autres petites choses. Il s’agit de corrections et d’améliorations mineures.
Pour le moment aucun problème connu semble toucher KB4088787.
KB4088787, quoi de neuf ?
Addresses issue with printing XML documents with Internet Explorer and Microsoft Edge.
Addresses issue where Internet Explorer stops working when using F12-based developer tools.
Updates legacy Document Mode cell visibility in Internet Explorer.
Addresses issue where Internet Explorer is unresponsive in certain scenarios when a Browser Helper Object is installed.
Addresses issue that causes online video playback to stop responding.
Addresses issue where an AD FS server issue causes the WID AD FS database to become unusable after a restart. This might prevent the AD FS service from starting.
Due to recent work with our antivirus (AV) partners, AV software has now reached a sustained level of broad compatibility with Windows updates. After analyzing the available data, we’re lifting the AV compatibility check for the March 2018 Windows security updates for supported Windows 10 devices through Windows Update. We’ll continue to require that AV software be compatible. Devices with known AV driver compatibility problems will be blocked from updates. We recommend that customers check installed AV software compatibility with their AV provider.
Security updates to Internet Explorer, Microsoft Edge, Microsoft Scripting Engine, Microsoft Windows Search component, Windows Desktop Bridge, Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Windows Datacenter Networking, Windows Installer, and Windows Hyper-V.
KB4088779 et KB4088786 pour Windows 10 v1511 et v10240
Ces deux versions de Windows 10 sont désormais abandonnées par Microsoft. Une maintenance est encore possible dans le cadre de la branche LTSC. KB4088779 vise Windows 10 v1511. L’update propose trois changements, des améliorations de sécurité et des correctifs pour des vulnérabilités touchant le noyau Windows, le shell, Internet Explorer et Microsoft Edge.
Enfin KB4088786 s’attaque à Windows 10 v10240 publié en juillet 2015. Nous retrouvons des correctifs de sécurité mais pas seulement. L’OS évolue en version 10240.17797. A noter que Microsoft apporte un correctif de bug visant les fichiers protégés avec le système EFS (Encrypted File System) lors chiffrement ou d’un déchiffrement avec BitLocker.
KB4088779, quoi de neuf ?
Addresses issue where Internet Explorer stops working when using F12-based developer tools.
Due to recent work with our antivirus (AV) partners, AV software has now reached a sustained level of broad compatibility with Windows updates. After analyzing the available data, we’re lifting the AV compatibility check for the March 2018 Windows security updates for supported Windows 10 devices through Windows Update. We’ll continue to require that AV software be compatible. Devices with known AV driver compatibility problems will be blocked from updates. We recommend that customers check installed AV software compatibility with their AV provider.
Security updates to Internet Explorer, Microsoft Edge, Microsoft Scripting Engine, Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Device Guard, Windows Installer, and Windows Hyper-V.
KB4088786, quoi de neuf ?
Addresses issue with printing XML documents with Internet Explorer and Microsoft Edge.
Addresses issue with Internet Explorer and Microsoft Outlook integration.
Addresses issue where Internet Explorer stops working when using F12-based developer tools.
Updates legacy Document Mode cell visibility in Internet Explorer.
Addresses issue where Internet Explorer is unresponsive in certain scenarios when a Browser Helper Object is installed.
Addresses issue where files protected with the Encrypting File System (EFS) may become corrupted during BitLocker decryption or drive encryption.
Addresses issue where booting with Unified Write Filter (UWF) enabled may lead to stop error 0xE1 on embedded devices, particularly when using a USB hub.
Addresses issue where IoT devices may stop working because of an “unmountable_boot_volume” error when UWF is enabled.
Due to recent work with our antivirus (AV) partners, AV software has now reached a sustained level of broad compatibility with Windows updates. After analyzing the available data, we’re lifting the AV compatibility check for the March 2018 Windows security updates for supported Windows 10 devices through Windows Update. We’ll continue to require that AV software be compatible. Devices with known AV driver compatibility problems will be blocked from updates. We recommend that customers check installed AV software compatibility with their AV provider.
Security updates to Internet Explorer, Microsoft Edge, Microsoft Scripting Engine, Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Windows Installer, Device Guard, and Windows Hyper-V.
Jérôme Gianoli
Aime l'innovation, le hardware, la High Tech et le développement durable.
Soucieux du respect de la vie privée.