Before I start this post let me make this very clear – you have to run the patches and updates for your systems as soon as they become available to keep your organisation secure.
But sometime those updates can cause more problems – as in the case of some Windows Server patches included in last week’s Microsoft Patch Tuesday.
June Windows Server updates break Microsoft 365 Defender features – Bleeping Computer
In this case the problem was compounded by the update flaw compromising parts of the anti-virus/anti-malware defences.
Sys-admins can confirm of their Windows Server 2022s are impacted. Microsoft is working on a fix.
Your Takeaway
Software is complicated – that is why hackers can exploit overlooked vulnerabilities and why sometimes the vendors get the patches wrong. You need something in your Incident Response Plan to cope with these issues if one of your critical systems is impacted.
As an example, Octagon Technology relies heavily on email to delivery its IT support services and if this is compromised it can have serious implications for their clients – this was highlighted in the IT and Cyber Security Audit we carried out internally. Consequently they now run an independent, emergency, shadow email system – just in case.
One more thing, that email system, they have and continue to test it, so they know it will work on that day!
Clive Catton MSc (Cyber Security) – by-line and other articles