Windows OS Updates

[Josh Levitsky]

So the first Patch Tuesday of 2023 is upon us! https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2023-patch-tuesday-fixes-98-flaws-1-zero-day/ The number of bugs in each vulnerability category is listed below:

39 Elevation of Privilege Vulnerabilities
4 Security Feature Bypass Vulnerabilities
33 Remote Code Execution Vulnerabilities
10 Information Disclosure Vulnerabilities
10 Denial of Service Vulnerabilities
2 Spoofing Vulnerabilities
1 Zero Day

I wanted to post this here and start a thread about patching Windows OS via FileWave and the importance of having procedures in place to patch every month, but this month seems even more important. If you have any questions about how to see Windows Updates in FileWave or how to assign them to devices please ask here. If you aren't patching your machines there is serious risk and so we just wanted to raise this as an important topic.

[kjames]

When can we expect Feb updates to be live in the software update assistant?

[Josh Levitsky]

I think I see if you are looking in FileWave Central (Admin) and you don't see them can you look in Anywhere (Web) ? I picked one that was easy to pick out from the Feb 2023 patches. I've also asked internally why I only can pick to deploy this in Anywhere and don't see it in Central. If Anywhere works for you to assign then great. If you have a minute to open a support ticket that would let us work with you to see why Central doesn't show it, but I am going to try to work with support with my lab that is in this state. 

[Josh Levitsky]

So I ran

/usr/local/sbin/fwsu

and then checked /private/var/log/fwsu.log and saw that the offline catalog had updated. The Feb patches are not in Central because Microsoft must not have them in the offline catalog yet. So the solution would be to use FileWave Anywhere (Web) because of this. I raised that this is a concern about how the offline catalog is updated by Microsoft.