News Stay informed about the latest enterprise technology news and product updates.

Microsoft unveils update guide, fixes Hyper-V on April Patch Tuesday

Microsoft dropped its security bulletin format on April Patch Tuesday and switched to its Security Update Guide. Windows Server admins should be aware of a Hyper-V host patch.

Systems administrators accustomed to Microsoft's verbose security bulletins got a change-up on April Patch Tuesday,...

as the company retired its bulletin IDs in favor of a new vulnerability reporting format via its Security Update Guide.

In preview since November, the Security Update Guide replaces the security bulletins that Microsoft had used since 1998. The new site allows admins to "view and search security and vulnerability information in a single online database," according to Microsoft. The company disclosed 45 vulnerabilities on its new vulnerability portal for April Patch Tuesday.

Instead of grouping related fixes under security bulletin ID numbers -- for example, MS17-008 -- the Security Update Guide lists vulnerability ID numbers and Knowledge Base article ID numbers.

"It was a learning curve, but I think with time, administrators and security teams will get used to the new format," said Amol Sarwate, director of vulnerability labs for Qualys Inc., based in Redwood City, Calif. "They'll get a holistic picture and see how things are interconnected with each other, and to get a general picture of what is being updated."

Some administrators will miss the security bulletin format, because it combined vulnerability reports and was easier to digest, Sarwate said. Now, organizations must learn how to format the reports themselves.

The decision to switch to the new vulnerability database was "to follow the ICASI Common Vulnerability Reporting Framework, the industry standard for vulnerability reporting," according to a Microsoft FAQ on the Security Update Guide.

Patch for Hyper-V

For April Patch Tuesday, Windows Server administrators should pay attention to several Hyper-V remote code execution vulnerabilities -- CVE-2017-0162, CVE-2017-0163, CVE-2017-0180 and CVE-2017-0181, Sarwate said. All the vulnerabilities are listed as critical.

The exploit occurs when an attacker runs a specially crafted application on a guest OS to allow the execution of arbitrary code on the Hyper-V host OS.

"The attacker can basically take control of the host operating system," Sarwate said.

Microsoft also provided updates for a known zero-day vulnerability in Microsoft Word, as well as vulnerabilities in Internet Explorer and Microsoft Edge. Administrators should issue these patches on the off chance that an employee uses Word or a browser on a Windows Server machine, Sarwate said.

Filtering feature helps narrow focus

The Security Update Guide format allows administrators to filter updates based on product, severity and impact to view only the vulnerabilities that affect their systems and help them prioritize patch rollouts. For example, a Windows Server 2012 R2 administrator can select just that product to see all its patches.

"From an administrator's point of view in larger organizations, those roles are pretty well-defined," Sarwate said. "Say I'm an Outlook administrator -- I can come in and search for Outlook CVEs [common vulnerabilities and exposures] and see those things that are affected, and then start applying the patches."

For more information about the remaining security vulnerabilities released on April Patch Tuesday, visit Microsoft's Security TechCenter site.

Dan Cagen is the associate site editor for SearchWindowsServer.com. Write to him at dcagen@techtarget.com.

Next Steps

A roundup of Windows Server patches in 2017

Microsoft patching change draws mixed reactions

Streamline the server patching process

PRO+

Content

Find more PRO+ content and other member only offers, here.

Essential Guide

Catch up on the Windows Server patches of 2017

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How do you feel about Microsoft's new Security Update Guide?
Cancel

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchEnterpriseDesktop

SearchVirtualDesktop

Close