{"id":241686,"date":"2021-01-13T10:03:17","date_gmt":"2021-01-13T09:03:17","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=241686"},"modified":"2022-06-28T07:07:50","modified_gmt":"2022-06-28T05:07:50","slug":"patchday-windows-8-1-server-2012-updates-12-januar-2021","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2021\/01\/13\/patchday-windows-8-1-server-2012-updates-12-januar-2021\/","title":{"rendered":"Patchday: Windows 8.1\/Server 2012-Updates (12. Januar 2021)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"margin: 0px 10px 0px 0px;\" title=\"Update\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2015\/02\/Update.jpg\" alt=\"Windows Update\" width=\"54\" height=\"54\" align=\"left\" border=\"0\" \/>[<a href=\"https:\/\/borncity.com\/win\/2021\/01\/13\/patchday-windows-8-1-server-2012-updates-january-12-2021\/\" target=\"_blank\" rel=\"noopener\">English<\/a>]Zum12. Januar 2021 hat Microsoft diverse Updates f\u00fcr Windows 8.1 freigegeben. Diese Updates sind aber auch f\u00fcr Windows Server 2012 R2 verf\u00fcgbar. Hier einige Informationen dazu.<\/p>\n<p><!--more--><\/p>\n<h2>Updates f\u00fcr Windows 8.1 und Windows Server 2012 R2<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg06.met.vgwort.de\/na\/ab9b0485f4ce40caba7860f680e3c630\" alt=\"\" width=\"1\" height=\"1\" \/>F\u00fcr Windows 8.1 und Windows Server 2012 R2 wurden ein Rollup und ein Security-only Update freigegeben. Die Update-Historie f\u00fcr Windows 8.1 und Windows Server 2012 R2 ist auf <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4009470\/windows-8-1-windows-server-2012-r2-update-history\" target=\"_blank\" rel=\"noopener\">dieser Microsoft-Seite<\/a> zu finden.<\/p>\n<blockquote><p><strong>Wichtig:<\/strong> Ab Juli 2020 deaktivieren alle Windows Updates die <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows-server\/virtualization\/hyper-v\/deploy\/deploy-graphics-devices-using-remotefx-vgpu\" target=\"_blank\" rel=\"noopener\">RemoteFX vGPU-Funktion<\/a> aufgrund der Sicherheitsl\u00fccke <a href=\"https:\/\/web.archive.org\/web\/20201103231655\/https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-1036\" target=\"_blank\" rel=\"noopener\">CVE-2020-1036<\/a> (siehe auch <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4570006\" target=\"_blank\" rel=\"noopener\">KB4570006<\/a>). Nach der Installation dieses Updates schlagen Versuche, virtuelle Maschinen (VM) zu starten, bei denen RemoteFX vGPU aktiviert ist, fehl.<\/p>\n<p>Zudem ist der Support f\u00fcr den Flash Player von Adobe am 31. Dezember 2020 ausgelaufen und ab dem 12. Januar 2021 wird Flash nicht mehr unterst\u00fctzt.<\/p><\/blockquote>\n<h3>KB4598285 (Monthly Rollup) f\u00fcr Windows 8.1\/Server 2012 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/help\/4598285\" target=\"_blank\" rel=\"noopener\">KB4598285<\/a> (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) enth\u00e4lt Verbesserungen und Fixes, und adressiert die folgenden Punkte.<\/p>\n<ul>\n<li>Addresses a security bypass vulnerability that exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface. For more information, see <a href=\"https:\/\/support.microsoft.com\/help\/4599464\" target=\"_blank\" rel=\"noopener\">KB4599464<\/a>.<\/li>\n<li>Addresses a security vulnerability issue with HTTPS-based intranet servers. After you install this update, HTTPS-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy.<br \/>\nIf you must leverage a user proxy, you must configure the behavior by using the Windows Update policy <strong>Allow user proxy to be used as a fallback if detection using system proxy fails<\/strong>. To make sure that the highest levels of security, additionally leverage Windows Server Update Services (WSUS) Transport Layer Security (TLS) certificate pinning on all devices. For more information, see <a href=\"https:\/\/aka.ms\/WSUS-scans-part2\" target=\"_blank\" rel=\"noopener\">Changes to scans, improved security for Windows devices<\/a>.<br \/>\n<strong>Note<\/strong> This change does not affect customers who use HTTP WSUS servers.<\/li>\n<li>Addresses an issue in which a principal in a trusted Managed Identity for Application (MIT) realm does not obtain a Kerberos Service ticket from Active Directory domain controllers (DCs). This issue occurs after Windows Updates that contains <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2020-17049\" target=\"_blank\" rel=\"noopener\">CVE-2020-17049<\/a> protections released between November 10 and December 8, 2020 are installed and <strong>PerfromTicketSignature<\/strong> is configured to <strong>1<\/strong> or higher. Ticket acquisition fails with <strong>KRB_GENERIC_ERROR<\/strong> if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the <strong>USER_NO_AUTH_DATA_REQUIRED<\/strong> flag.<\/li>\n<li>Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Fundamentals, Windows Cryptography, and Windows Virtualization.<\/li>\n<\/ul>\n<p>Dieses Update wird automatisch von Windows Update heruntergeladen und installiert, ist aber auch im <a href=\"https:\/\/www.catalog.update.microsoft.com\/Search.aspx?q=KB4598285\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a> sowie per WSUS erh\u00e4ltlich. Bei einer manuellen Installation ist das neueste Servicing Stack Update (SSU <a href=\"https:\/\/support.microsoft.com\/help\/4566425\/\" target=\"_blank\" rel=\"noopener\">KB4566425<\/a> vom 14. Juli 2020) vorher zu installieren \u2013 wobei dieses SSU nicht mehr deinstalliert werden kann.<\/p>\n<p>Microsoft ist folgendes Problem in Verbindung mit dem Update bekannt: Bestimmte Operationen, wie z.B. Umbenennen, die Sie f\u00fcr Dateien oder Ordner auf einem Cluster Shared Volume (CSV) durchf\u00fchren, k\u00f6nnen mit dem Fehler \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\" fehlschlagen. Dies tritt auf, wenn Sie den Vorgang auf einem CSV-Eigent\u00fcmerknoten von einem Prozess aus durchf\u00fchren, der nicht \u00fcber Administratorrechte verf\u00fcgt. Im KB-Artikel wird ein Workaround zur Korrektur vorgeschlagen.<\/p>\n<h3>KB4598275 (Security-only update) f\u00fcr Windows 8.1\/Server 2012 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/help\/4598275\" target=\"_blank\" rel=\"noopener\">KB4598275<\/a> (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) adressiert folgenden Punkte.<\/p>\n<blockquote><p>Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Fundamentals, Windows Cryptography, and Windows Virtualization.<\/p><\/blockquote>\n<p>Das Update gibt es per WSUS oder im <a href=\"https:\/\/www.catalog.update.microsoft.com\/Search.aspx?q=KB4598275\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a>. Bei einer manuellen Installation ist vorher das neueste Servicing Stack Update (SSU) <a href=\"https:\/\/support.microsoft.com\/help\/4566425\" target=\"_blank\" rel=\"noopener\">KB4566425<\/a> zu installieren. Es sind die gleichen Fehler\u00a0 wie beim Rollup-Update bekannt, Details zum Update sind im KB-Artikel beschrieben. Ein Sicherheitsupdate f\u00fcr den Internet Explorer 11 habe ich nicht gefunden.<\/p>\n<p><strong>\u00c4hnliche Artikel:<\/strong><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2021\/01\/06\/microsoft-office-patchday-january-5-2021\/\" rel=\"noopener noreferrer\" data-wpel-link=\"internal\">Microsoft Office Patchday (5. Januar 2021)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2021\/01\/13\/microsoft-security-update-summary-12-januar-2021\/\" rel=\"noopener noreferrer\" data-wpel-link=\"internal\">Microsoft Security Update Summary (12. Januar 2021)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2021\/01\/13\/patchday-windows-10-updates-12-januar-2021\/\" rel=\"noopener noreferrer\" data-wpel-link=\"internal\">Patchday: Windows 10-Updates (12. Januar 2021)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2021\/01\/13\/patchday-updates-fr-windows-7-server-2008-r2-12-januar-2021\/\" rel=\"noopener noreferrer\" data-wpel-link=\"internal\">Patchday: Updates f\u00fcr Windows 7\/Server 2008 R2 (12. Januar 2021)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2021\/01\/13\/patchday-windows-8-1-server-2012-updates-12-januar-2021\/\" rel=\"noopener noreferrer\" data-wpel-link=\"internal\">Patchday: Windows 8.1\/Server 2012-Updates (12. Januar 2021)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/?p=241698\" rel=\"noopener noreferrer\" data-wpel-link=\"internal\">Patchday Microsoft Office Updates (12. Januar 2021)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Zum12. Januar 2021 hat Microsoft diverse Updates f\u00fcr Windows 8.1 freigegeben. Diese Updates sind aber auch f\u00fcr Windows Server 2012 R2 verf\u00fcgbar. Hier einige Informationen dazu.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426,185,2557],"tags":[8220,4328,4315,4366,2882],"class_list":["post-241686","post","type-post","status-publish","format-standard","hentry","category-sicherheit","category-update","category-windows-server","tag-patchday-1-2021","tag-sicherheit","tag-update","tag-windows-8-1","tag-windows-server-2012-r2"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/241686","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=241686"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/241686\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=241686"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=241686"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=241686"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}