April 11, 2019

Microsoft Security Update Guide – WST

As most of you already know, Microsoft has been releasing Windows cumulative monthly updates for some time now.  Each of these updates (generally) includes relevant security updates from previous releases, making the installation process simpler.  Apply the most recent cumulative updates for your Microsoft software, and you should be in pretty good shape.

The downside to this approach is that each update addresses multiple issues, and after applying the patch, there may be additional action needed (i.e. a registry key, GPO setting, etc.)  So how is a careful administrator supposed to find out what may be needed after the patch is “installed”?

Microsoft has several update information resources, but the most concise place we have found to see the security implications of a particular patch, and any additional actions needed is the Microsoft Security Update Guide ( https://portal.msrc.microsoft.com/en-us/security-guidance ).   Here you can look up individual updates, CVEs, or products.  A nice section called “Release Notes” will tell you about the important patches for any given month, showing the products needing updates, links, and most importantly, recent Release Note documents now indicate what CVEs or advisories may need additional scrutiny.  Items with asterisks (*) link to additional information on registry keys or changed functionality.  This information is incredibly hard to find via other Microsoft support resources.

Consider bookmarking this page and regularly reviewing the monthly update summaries.  This should help keep you up to date on the latest patches and can key you in on updates that might require you to read the “fine print”.

Past Weekly Security Tips – WST