Whereas this month’s safety updates weren’t launched precisely on the Ides of March, they actually induced disruption for a lot of customers. (For these not into historical past or Shakespeare, the Ides of March — March 15, 44 BC — is legendary because the day Julius Caesar was assassinated.) Microsoft’s March 9 patch launch introduced extra bumpiness and points than I can bear in mind in a very long time. Maybe we must always reassign the date for this 12 months’s Ides of March to March 9 as an unofficial acknowledgment.
As I alluded to final week, this month was bumpy when it comes to patching unintended effects. Right here’s what we all know: The March updates included fixes for printing that triggered blue screens of loss of life on computer systems when customers tried to print. Within the case of Dymo label printers (and different bar code or graphical printers) they left them printing out clean labels. Bigger business-style multifunction printers noticed points, particularly the place you might have an older PCL three or PCL four fashion driver. Ricoh and Kyocera customers reported essentially the most points. (One workaround: use a generic PCL 6 driver as an alternative, although you would possibly lose some capabilities.) Any Kyocera printers that use the KX driver are affected, as are some Okidata, NiceLabel, and point-of-sale system printers from purposes referred to as BarTender.
For a lot of, the Dymo label printer situation is the worst. I’ve HP, Brother, and Lexmark printers and haven’t seen points with the March 9 base safety updates for Home windows 10, 8.1, or Home windows 7. First, I like to recommend putting in the updates launched on the Patch Tuesday and, when you your system reboots, testing your printing capabilities. For those who run into issues, you might have two selections:
Possibility 1: Uninstall the replace and pause the set up of updates till April. For these operating Home windows 10, click on on Begin, Settings, Replace and safety, Click on on View replace historical past, Click on on uninstall replace, discover the KB and click on. The system will uninstall the replace and roll itself again to the February patches. Now pause updates by clicking on Begin, Settings, Replace and safety, Home windows replace, Superior choices and Decide a brand new date. You may view a video of this course of on the Askwoody channel.
Possibility 2: Decide the most recent (March 18) updates and set up these. There are two methods to search out the suitable one in your system: The non-obligatory replace must be supplied to you in case you go to the Home windows replace part of your pc; if it isn’t, you can too go to the catalog web site. I am going to the Home windows 10 replace historical past web site, and discover model of Home windows I’m operating, then I search for the patches dated March 18 to search out the patch quantity I want, then go to the catalog web site and seek for it. Then you possibly can click on on the link supplied up and set up it. Reboot and see if printing works. If not, uninstall the replace (as famous above) and pause till April. Observe: since Home windows 10 updates are cumulative, you want solely set up the most recent March 18 launch, not the one from March 15.
For Home windows 10 2004 or 20H2 it’s best to skip the March 9 updates and bounce over to the March 18 replace for KB5001649. It must be supplied as much as you as an non-obligatory replace, or you possibly can obtain it from the catalog web site. (For Home windows 10 1909, you want KB5001648; it must also be supplied up as an non-obligatory replace in case you go to the Home windows replace interface or you possibly can obtain it from the catalog web site.)
It seems that the underlying points triggered by these updates are attributable to Microsoft trying to repair a privilege escalation bug. As famous within the bulletins: “Addresses an elevation of privilege safety vulnerability documented in CVE-2021-1640 associated to print jobs submitted to “FILE:” ports. After putting in Home windows updates from March 9, 2021 and later, print jobs which can be in a pending state earlier than restarting the print spooler service or restarting the OS will stay in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is on-line.”
Final June, Microsoft fastened an analogous situation and I had points printing to my Ricoh printers. Again then there have been no “fixing” patches; I needed to redeploy printer drivers and share them again out to the entire workstations. In a enterprise setting, this course of is cumbersome and disruptive and I usually discover myself having to return and tweak settings that I had forgotten reminiscent of turning off dual-sided printing (which we don’t use as a default in my agency).
For those who have been affected by these updates, I might take this as an indication that you want to discover a newer printer driver out of your vendor. Just like the necessary updates for video drivers that Home windows 10 calls for, printers will be an entry-point for attackers. Elevation-of-privilege bugs usually are not as vital as remote-code assaults, however when attackers can ship out phishing emails and trick you to click on on one thing, or when zero-day browser vulnerabilities will be bundled with these bugs, it’s necessary to cope with them.
I search for new printer drivers by going to the seller’s web site and placing within the model variety of the printer I take advantage of. I then search for the precise mannequin and attempt to discover a driver that’s merely a printer driver and doesn’t embrace notifications that my print cartridges are low, or another software program which will decelerate my system. Search for a driver date in the previous few years, in case you can. (In case your printer is older, you could have to put in a generic driver slightly than one particular in your machine.) For those who take time now to evaluate what printer driver you might have, and replace accordingly, you’ll be safer and fewer prone to run into patching points sooner or later.
Microsoft didn’t make this March patching season straightforward. Let’s hope April brings us a pleasant, quiet, boring, headline-free patch day. As at all times, be part of us on Askwoody in case you want extra assist or steerage putting in updates.
Copyright © 2021 IDG Communications, Inc.