Last week’s patch Tuesday began with 73 updates, but ended (so far) with three versions and a later add-on (CVE-2022-30138) a total of 77 vulnerabilities reviewed this month. Compared to the wide range of updates released in April, we see great relevance in fixing Windows – especially with three zero days and a few very serious flaws in key servers and authentication areas. Sharing will require attention also because of new server upgrade technology.

There were no updates for Microsoft and Adobe Reader this month. And Windows 10 20H2 (we almost didn’t know you) is not supported now.

You can find more information about the risks of deploying these updates on Tuesday this useful infographic, and the MSRC Center has published a good review of how it handles security updates here.

Basic testing scenarios

Given the large number of changes included in this May patch cycle, I have broken down the testing scenarios into high and standard risk groups:

High risk: These changes are likely to include changes in functionality, may depreciate existing features, and are likely to require the creation of new test plans:

  • Check your corporate CA certificates (both new and refreshed). Your domain server KDC automatically checks for new extensions included in this update. Look for failed checks!
  • This update includes changing driver signatures, which now include timestamp verification as well authenticode signatures. Signed drivers must be loaded. Unsigned drivers should not. Check the test launches of the application for failed driver downloads. Also include checks on signed EXEs and DLLs.

Subsequent changes are not documented as including functional changes, but will still require at least “smoke testing“before the overall deployment of my patches:

Copyright © 2022 IDG Communications, Inc.

Previous articleMelanie Hill leaves Coronation Street after 7 years as Katie Matthews to spend more time with family
Next articleReturning control? Not if we give in to China, says Tom Tugendhat