And so it begins
I was woken up by a relative phoning and reporting a bootloop after the update this morning.
Microsoft fixed 98 security flaws in its first Patch Tuesday of 2023 including one that's already been exploited and another listed as publicly known. Of the new January vulnerabilities, 11 are rated critical because they lead to remote code execution. The bug that's under exploit, tracked as CVE-2023-21674, is an advanced …
Details after the fix.
This was one of those tiny Lenovo boxes, with an NVME drive internally, and an old Win7 HDD in a USB case - it appears that the old drive confused Win Update; and also screwed all recovery attempts from my Win10 recovery thumbdrive.
I was faced with options to repair Win7 or Win Vista, despite the recovery tool clearly saying it was Win10 and the NVME drive; ditto all restore or back-up options.
After unplugging the external drive and rebooting, the repair options started working correctly and Win10 options replaced Win7/Vista; so I could roll back a few days and reinstall the updates with no issues.
I hope this helps anyone else facing issues today.
Somewhere along the way the line between drives got fuzzy, and it stopped trying to make sane guesses on things.
Not realizing there was more than one valid recovery partition or stopping looking after it "found" the first one is a fine example. Another is how Win10 will happily spray the system partitions across multiple disks, instead of keeping them together or asking. Another is is insistence of creating hidden volumes at the end of a disk, which is fun when you are using virtual storage and can expand the volume with a few mouse clicks, but can't enlarge it in windows because the disk management tools are from the 1990's still.
So yeah, when in doubt, disconnect everything but the boot volume and try again, and don't try to install on a setup windows will see as more than one dive volume if you don't feel like manually fixing it at either the command line or setup screens during the install.
My nephews have an old Win98 PC (I built it for their dad back in 1999) that runs a plasma cutter; works like a champ. I worked on it a couple of years ago and all it needed was a new CMOS battery. I would have upgraded them, but the plasma cutter requires a certain version of the software, which will only run under Win98.
It's not connected to the internet, so that may be part of it. It's also quite amazing how fast the PC boots into Windows on that old hardware.
CVE-2023-21743 interests me as Teams is basically SharePoint with knobs on. I've always said that using the SDK showed me the security in Teams is about as good as Swiss cheese, so let's see who's been compromised by this one and what interesting things are going to leak out (assuming it's actually been exploited, that is)
Anon because, y´know, stuff
Steps 1 & 2 are automated here, step 3 is autopilot.
Addendum based on November patches:
4. Wake up and find lots and lots of things broken and people screaming. Marvel that no-one invoked on-call.
5. Spend the next week with Microsoft trying to fix everything.
Android had 50 flaws that needed patching. I assume this does not include all the unsupported versions of Android still out there on half the 5 bazillion Android devices, also may take a while for you OEM/Vendor to release said patches, creating a small window of opportunity.
Adobe has just 6 or 7 apps and still managed 29 flaws patched.
Makes MS's 96 across it's OS and much larger range of applications seem quite reasonable.
I'm just a bit younger, but switched to a Mac as my main machine a few years after I retired (Possibly because I used some obscure BSDs in the 70s/80s?).
Occasionally I use Parallels VMs on an iMac to run Windows XP (not networked!) and Windows 11 - A Raspberry Pi 4B to play with; and sometimes, for nostalgia, an original Pi. If I ever upgrade the iMac to Silicon, my life will get simpler as Parallels and Windows won't be included.