back to article New year, new updates for security holes in Windows, Adobe, Android and more

Microsoft rang in the New Year with a relatively calm Patch Tuesday: Just 49 Windows security updates including fixes for two critical-rated bugs, plus four high-severity Chrome flaws in Microsoft Edge. None of the January CVEs are under active exploit, according to Redmond. Of the two critical vulnerabilities, CVE-2024-20674 …

  1. Robert42
    Mushroom

    Windows update Situation Normal

    Another year and MS is back to normal, messing up windows update.

    I installed the January updates on a laptop I use as a test PC and found that KB5034441 will not update because the recovery partition is not big enough.

    MS admit this in the release notes with instructions how to extend the partition. How on earth will an average user be able to address this.

    I wait with bated breath for MS to fix it. Do they ever test this stuff or even understand how PCs work?

    1. ldo

      Re: Windows Update Situation Normal

      This is why they say, Windows is a great OS—if your time is worth nothing.

    2. Who-me

      Re: Windows update Situation Normal

      The general public that can't do this are the lucky ones. I've run their so-called fix and you have to turn off Bitlocker for the fix to work. It then it refuses to enable Win RE on the new partition if you are using Biotlocker on the same volume. It's a joke even by MS standards. Must be April 1st in the US.

      1. arctic_haze

        Re: Windows update Situation Normal

        I am during the process of migration from Windows 10 to Ubuntu. The Ubuntu laptop upgrades often but with no surprises (except for the fact that it requires a reboot much often than the Redhat machines I used to administer at work. But Windows is of course a constant source of surprises. Yes, I did the sequence of command lines to increase the RE partition. It did work but (obviously) only after a reboot.

        So the bottom line is that in the olden days Window upgrades worked pretty easily but needed reboots while Linux needed a lot of commandline tweaks to make some updates work. Now it is the other way.

    3. cosymart
      Facepalm

      Re: Windows update Situation Normal

      The world waits for a patch to fix the patch, this is a new low even by M$ standards or is that an oxymoron?

    4. The Man Who Fell To Earth Silver badge
      FAIL

      KB5034441: Windows Recovery Environment update for Windows 10 FAIL

      KB5034441: Windows Recovery Environment update for Windows 10 which patches a flaw in could allow attackers to bypass BitLocker encryption by using Windows Recovery Environment (WinRE).

      This patch is an example of a bad patch rushed out. While it should ignore machines that have WinRE disabled & don't have a recover partition, instead it generates a Windows Recovery Environment servicing failed error in the form of "CBS_E_INSUFFICIENT_DISK_SPACE" or "0x80070643 - ERROR_INSTALL_FAILURE".

      It's done this on every machine I've seen that doesn't have a Windows Recovery partition & has WinRE disabled. There are boatloads of posts about this patch failure all over the Internet.

  2. druck Silver badge
    Devil

    Blackhats away

    None of the January CVEs are under active exploit, according to Redmond.

    Yeah right, if they weren't before they are now.

  3. Kev99 Silver badge

    Do any of these outfits bother to run QC on their code?

  4. Anonymous Coward
    Anonymous Coward

    Chrome flaws in Microsoft Edge ö

    “security feature bypass bug in Windows Kerberos.”

    Parsing error, Dave /s

    An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM)

    This is new to me. Since when did “Man in the Middle” become “Machine in the Middle”.

    1. ldo

      Re: Since when did “Man in the Middle” become “Machine in the Middle”.

      Part of a conscious effort to end discrimination against people of gender, particularly their underrepresentation among the criminal underworld.

  5. drankinatty

    Patch-Tuesday Woes --- "Status: Download error - 0x80070643"

    Seem there are many computers afflicted by See: FYI on "Status: Download error - 0x80070643" with "2024-01 Security Update for Windows 10 Version 22H2 for x64-based Systems (KB5034441)" https://www.reddit.com/r/WindowsHelp/comments/192mww0/fyi_on_status_download_error_0x80070643_with/

    1. HenryCrun

      Re: Patch-Tuesday Woes --- "Status: Download error - 0x80070643"

      Six Windows PCs here (5 of W10, 1 of W11) and all 5 W11 ones failed to install KB503441. I think that this KB doesn't apply to W11.

    2. 43300 Silver badge

      Re: Patch-Tuesday Woes --- "Status: Download error - 0x80070643"

      Windows Server 2022 is also affected - it's not just the client versions.

      In testing, I've not encountered it on W11 - have others seen it on that? I am only seeing it on W10 (22H2) and Server 2022.

      Resizing the recovery partition manually is a completely impractical solution when loads of clients and servers are involved - they are going to have to issue a patch to fix the patch!

  6. Bitsminer Silver badge

    W11 video playback is screwed up

    On my machine at least. The left third of the screen runs at a different "contrast" setting when full screen. But if I move the mouse it goes back to normal. For a second. But if I turn on subtitles the screen flickers with every new subtitle and stays normal for a second. If I don't run fullscreen it works-ish sort of.

    ffplay is (still) flawless.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like