{"id":24833,"date":"2020-07-01T15:46:39","date_gmt":"2020-07-01T19:46:39","guid":{"rendered":"http:\/\/pappp.net\/?guid=984d1e3701e8874024e8616a31b4a97c"},"modified":"2020-07-01T15:46:39","modified_gmt":"2020-07-01T19:46:39","slug":"unscheduled-fixes-for-critical-windows-flaws-delivered-through-rare-channel","status":"publish","type":"post","link":"https:\/\/pappp.net\/?p=24833","title":{"rendered":"Unscheduled fixes for critical Windows flaws delivered through rare channel"},"content":{"rendered":"<p class=\"syndicated-attribution\">Source: <a href=\"https:\/\/arstechnica.com\/?p=1688847\">Ars Technica<\/a><\/p>\n<div style=\"background-color : #fff7d5;\n\t\t\tborder-width : 1px; padding : 5px; border-style : dashed; border-color : #e7d796;margin-bottom : 1em; color : #9a8c59;\">Article note: Oh boy, distributing critical updates through a side-channel (Microsoft Store) that many enterprise (and some personal) customers have disabled instead of the update channel (Windows Update) just for this kind of thing.  \r\n\r\nThere must be a reason, but wtf?<\/div><div>\n<figure><img src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/07\/windows-security-800x533.jpg\" alt=\"Stylized illustration of a padlock.\" referrerpolicy=\"no-referrer\"\/><p><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/07\/windows-security.jpg\" rel=\"noopener noreferrer\">Enlarge<\/a> (credit: <a rel=\"noopener noreferrer\" href=\"https:\/\/www.microsoft.com\/en-us\">Microsoft<\/a>)<\/p>  <\/figure><div><a name=\"page-1\"><\/a><\/div>\n<p>Microsoft has published unscheduled fixes for two critical vulnerabilities that make it possible for attackers to execute malicious code on computers running any version of Windows 10.<\/p>\n<p>Unlike the vast majority of Windows patches, the ones released on Tuesday were delivered through the <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4026259\/microsoft-store-get-updates-for-apps-and-games\" rel=\"noopener noreferrer\">Microsoft Store<\/a>. The normal channel for operating System security fixes is Windows Update. Advisories <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/CVE-2020-1425\" rel=\"noopener noreferrer\">here<\/a> and <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/CVE-2020-1457\" rel=\"noopener noreferrer\">here<\/a> said users need not take any action to automatically receive and install the fixes.<\/p>\n<p>&ldquo;Affected customers will be automatically updated by Microsoft Store. Customers do not need to take any action to receive the update,&rdquo; both advisories said. &ldquo;Alternatively, customers who want to receive the update immediately can check for updates with the Microsoft Store App; more information on this process can be found <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4026259\/microsoft-store-get-updates-for-apps-and-games\" rel=\"noopener noreferrer\">here<\/a>.&rdquo;<\/p><\/div><p><a href=\"https:\/\/arstechnica.com\/?p=1688847#p3\" rel=\"noopener noreferrer\">Read 3 remaining paragraphs<\/a> | <a href=\"https:\/\/arstechnica.com\/?p=1688847&amp;comments=1\" rel=\"noopener noreferrer\">Comments<\/a><\/p><div>\n<a href=\"http:\/\/feeds.arstechnica.com\/~ff\/arstechnica\/index?a=7Ldum7PKQ8U:Z-B5UCmsXgQ:V_sGLiPBpWU\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?i=7Ldum7PKQ8U:Z-B5UCmsXgQ:V_sGLiPBpWU\" border=\"0\" referrerpolicy=\"no-referrer\"\/><\/a> <a href=\"http:\/\/feeds.arstechnica.com\/~ff\/arstechnica\/index?a=7Ldum7PKQ8U:Z-B5UCmsXgQ:F7zBnMyn0Lo\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?i=7Ldum7PKQ8U:Z-B5UCmsXgQ:F7zBnMyn0Lo\" border=\"0\" referrerpolicy=\"no-referrer\"\/><\/a> <a href=\"http:\/\/feeds.arstechnica.com\/~ff\/arstechnica\/index?a=7Ldum7PKQ8U:Z-B5UCmsXgQ:qj6IDK7rITs\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?d=qj6IDK7rITs\" border=\"0\" referrerpolicy=\"no-referrer\"\/><\/a> <a href=\"http:\/\/feeds.arstechnica.com\/~ff\/arstechnica\/index?a=7Ldum7PKQ8U:Z-B5UCmsXgQ:yIl2AUoC8zA\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?d=yIl2AUoC8zA\" border=\"0\" referrerpolicy=\"no-referrer\"\/><\/a>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Enlarge (credit: Microsoft)<br \/>\nMicrosoft has published unscheduled fixes for two critical vulnerabi&#8230;<\/p>\n<p> <a href=\"https:\/\/pappp.net\/?p=24833\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[226],"tags":[],"class_list":["post-24833","post","type-post","status-publish","format-standard","hentry","category-news-2"],"_links":{"self":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/24833","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=24833"}],"version-history":[{"count":0,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/24833\/revisions"}],"wp:attachment":[{"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=24833"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=24833"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=24833"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}