Latest Microsoft Patch Fixes Dozens of Bugs

Even if you don’t consistently install Microsoft’s security patches as soon as they’re released, the September 2022 patch released this week deserves immediate attention.

Dozens of bugs, flaws, and vulnerabilities were addressed in this iteration, including fixes for:


  • *30 Remote Code Execution vulnerabilities
  • 18 Elevation of Privilege vulnerabilities
  • 16 Edge/Chromium vulnerabilities
  • 7 Information Disclosure vulnerabilities
  • 7 Denial of Service (DoS) vulnerabilities
  • 1 Security Feature Bypass vulnerability

In addition to the above, the patch also addresses two zero-day vulnerabilities. The first of these is being tracked as CVE-2022-37969.

It was discovered independently by researchers from CrowdStrike, Zscaler, Mandiant, and DBAPP Security. Described as a Windows Common Log File System Driver Elevation of Privilege Vulnerability, hackers are currently exploiting this flaw in the wild.

The other is being tracked as CVE-2022-23960 and is described as a Cache Speculation Restriction Vulnerability.

The researchers at VUSec who discovered the issue have dubbed it “Spectre-BHB” and utilize Branch History Injection to allow for speculative execution. While it is similar to the Spectre security flaws found in chipsets last year, it is only tangentially related. Furthermore, there is no evidence that hackers are currently exploiting it.

On top of the impressive bug fixes, this release also includes improvements to Microsoft Defender and enhanced IT administrators’ capabilities to make it easier to control language-related features remotely in the OS.

Patch Tuesdays are always significant, but this one is even more critical than most. If you haven’t already done so, head to Microsoft’s website and install it on all your Windows 10 devices running versions 1809, 21H1, and 21H2. Also, note that one week before Microsoft released this patch, they released Windows 10 builds KB5017308 and KB5017315, which addressed various performance issues and patched twenty bugs.

Patch Tuesday is a regularly scheduled event. Microsoft rolls them out on the second Tuesday of each month at 10:00 AM PST.

Microsoft Resolves File Explorer Freezing Bug In Windows 11

Recent Windows 11 updates have been problematic in several ways.  That’s not the end of the world, but it has been more than a little frustrating for those in the test group getting a first look at the new operating system.

One recently introduced bug has been a sore spot for Windows 11 users.  The File Explorer will randomly freeze and the only way to get use of it is to reboot the system.

Thankfully, that issue has been resolved as of the KB5015882 update.  If you’re in the test group and have been pulling your hair out because of that issue, you’ll want to grab the update referenced above right away.

Note that this release is separate from the one the company pushed out on Patch Tuesday.  This one does not contain security updates.  You’ll only find bug fixes and performance updates here, with the Windows Explorer fix being the headliner of the bunch.

Although the fix to Explorer is the main reason you’ll want to get this update, it does have some other goodies to offer as well.

These include:

  • An option to receive urgent notifications when “Focus Assist” is turned on. The Focus Assist feature is like a Windows Do Not Disturb mode that typically hides notifications.  This addition gives you some flexibility that will allow urgent notifications to filter through.
  • A new “auto update” feature that gives you the option to upgrade your system to a newer version of Windows 11 at startup if your device is eligible
  • Fixes an issue that displays a non-closeable blank window when you hover over the search icon on the taskbar.
  • And fixed a bug that had prevented certain troubleshooting tools from opening.

All in all, it’s a solid update and well worth grabbing at your next convenience.

RDP Brute Force Attacks Blocked By Windows 11

A small but important feature was recently incorporated by the Windows 11 design team.  A new Account Lockout Policy enabled by default has been added.  This policy automatically locks user accounts (including Admin accounts) after ten failed sign-in attempts.

The account remains in a locked state for ten minutes, requiring users to wait that amount of time before they can try again.

The addition was made in a bid to prevent or at least minimize the risk of brute force attacks being made against systems. This is used in instances where different passwords are tried in rapid succession until an attacker gets a hit and is given some level of access on a target system.

It’s an excellent change because many human operated ransomware attacks rely on simple, brute force methods. Statistics gathered on the subject by the FBI indicate that between 70 to 80 percent of network breaches are because of brute force attacks.

The above describes the default settings, but Admins will have a great degree of flexibility in terms of deciding the exact policy.  The number of unsuccessful attempts before lockout can be varied. The lockout duration can be varied. The option to disable Admin accounts can be toggled on or off. Of course, the entire policy can be disabled if an Admin so desires.

Interestingly, Windows 10 has a similar lockout policy but it is not enabled by default, which is the important change here.

We regard this as another of those small but important changes that the Windows 11 team is making designed to make the new OS better, safer, and more secure than anything that Microsoft has released previously.

Kudos to the Microsoft engineers who are working tirelessly to ensure Windows 11 is a smashing success.  If the preview we’ve gotten to this point is any indication, it certainly will be!

DuckDuckGo Browser Blocks Microsoft Trackers

If you haven’t heard of DuckDuckGo, it’s a tiny browser that only gets a fraction of the traffic that Google does. If we’re being honest, it gets only a fraction of the web traffic that Bing does.  The search engine does have some pluck though and bills itself as the engine of choice for those who value their privacy.

In fact, blocking trackers is DuckDuckGo’s main selling point. It is the overriding reason that those who use the tiny search engine don’t simply go somewhere else.

That’s why when Jack Edwards discovered that DuckDuckGo did not stop data flows to Microsoft’s Linkedin domains or their Bing advertising domains, the company received fierce backlash from their user base, who felt betrayed.

The reason that DuckDuckGo was in the habit of letting Microsoft trackers through lies in the fact that they’re in an advertising partnership with the much larger company. To block all their trackers would be to cut off their own revenue streams and the company makes a big chunk of its revenue via Microsoft Advertising.

The backlash against the discovery, posted and widely shared on Twitter, prompted CEO Gabriel Weinberg to issue a statement.

Weinberg’s statement reads:

“Recently, I’ve heard from a number of users and understand that we didn’t meet their expectations around one of our browser’s web tracking protections.  So today we are announcing more privacy and transparency around DuckjDuckGo’s web tracking protections.”

The new policy can be summed up as follows:  DuckDuckGo will now block most of Microsoft’s trackers for most of the time.  They are making exceptions for trackers used by Microsoft Advertising, because without that, the company would be down a vital revenue stream.

Significantly, this means that all third-party trackers affiliated with Microsoft are now blocked, and while it’s not a perfect solution, it should be enough to mollify the engine’s user base.

Windows 11 Apps Are Being Tested For Kiosk Mode

There’s interesting news in the world of Windows 11 development.  Microsoft recently began testing a new Kiosk feature that will enable IT administrators to limit which applications users can use while logged into their user profiles, blocking all other functionalities.

Even better is that the kiosk approach allows you to create multiple different apps and access configurations for different user classifications on a single device.

This approach also unlocks the door to use Windows 11 machines in a variety of ways, including but not limited to:

  • Selective blocking of pop-ups and toasts that lead to a cluttered UI and diminish the overall user experience
  • Locking down the Start Menu such that it only shows allowed applications
  • And limiting access to the Windows Settings menu to selected pages defined by the Admin

If the new feature piques your interest, you can start playing around with it right now by joining the Windows Insiders team and joining the Dev channel.

Once you do, you’ll have access to the detailed instructions on how to toggle the feature on and configure it.  All you’ll need to do is to install the latest build, which is Windows 11 Insider Preview Build 25169.

Whatever your opinion is after testing it out, you can leave feedback by pressing WIN +F to access the Feedback Hub under Security and Privacy, then Device Lockdown.

Although this is the latest intriguing addition to Microsoft’s new and improved operating system, there have been a whole raft of additions like this in recent months. So if you decide you want in on the action, you’ll have all sorts of new features and capabilities to explore and play with, most of which will add value to your whole business.

The bottom line is Microsoft really seems to be trying to pull out all the stops here.  We think you’ll be impressed.