{"id":18145,"date":"2021-01-13T10:12:47","date_gmt":"2021-01-13T09:12:47","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=18145"},"modified":"2022-03-24T00:40:53","modified_gmt":"2022-03-23T23:40:53","slug":"patchday-windows-8-1-server-2012-updates-january-12-2021","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2021\/01\/13\/patchday-windows-8-1-server-2012-updates-january-12-2021\/","title":{"rendered":"Patchday: Windows 8.1\/Server 2012-Updates (January 12, 2021)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"margin: 0px 10px 0px 0px;\" title=\"Update\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/02\/Update.jpg\" alt=\"Windows Update\" width=\"54\" height=\"54\" align=\"left\" border=\"0\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2021\/01\/13\/patchday-windows-8-1-server-2012-updates-12-januar-2021\/\">German<\/a>]As of January 12, 2021, Microsoft has released various updates for Windows 8.1. However, these updates are also available for Windows Server 2012 R2. Here is some information about them.<\/p>\n<p><!--more--><\/p>\n<h2>Updates for Windows 8.1 and Windows Server 2012 R2<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg06.met.vgwort.de\/na\/ab9b0485f4ce40caba7860f680e3c630\" alt=\"\" width=\"1\" height=\"1\" \/>A rollup and security-only update have been released for Windows 8.1 and Windows Server 2012 R2. The update history for Windows 8.1 and Windows Server 2012 R2 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4009470\/windows-8-1-windows-server-2012-r2-update-history\" target=\"_blank\" rel=\"noopener\">this Microsoft page<\/a>.<\/p>\n<blockquote><p>Important: As of July 2020, all Windows updates disable the <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows-server\/virtualization\/hyper-v\/deploy\/deploy-graphics-devices-using-remotefx-vgpu\" target=\"_blank\" rel=\"noopener\">RemoteFX vGPU feature<\/a> due to vulnerability <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-us\/vulnerability\/CVE-2020-1036\" target=\"_blank\" rel=\"noopener\">CVE-2020-1036<\/a> (see also <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4570006\" target=\"_blank\" rel=\"noopener\">KB4570006<\/a>). After installing this update, attempts to start virtual machines (VM) with RemoteFX vGPU enabled will fail.<\/p>\n<p>In addition, Adobe's Flash Player support expired on December 31, 2020, and Flash will no longer be supported as of January 12, 2021.<\/p><\/blockquote>\n<h3>KB4598285 (Monthly Rollup) for Windows 8.1\/Server 2012 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/help\/4598285\" target=\"_blank\" rel=\"noopener\">KB4598285<\/a> (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes, and addresses the following issues.<\/p>\n<ul>\n<li>Addresses a security bypass vulnerability that exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface. For more information, see <a href=\"https:\/\/support.microsoft.com\/help\/4599464\" target=\"_blank\" rel=\"noopener\">KB4599464<\/a>.<\/li>\n<li>Addresses a security vulnerability issue with HTTPS-based intranet servers. After you install this update, HTTPS-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy.<br \/>\nIf you must leverage a user proxy, you must configure the behavior by using the Windows Update policy <strong>Allow user proxy to be used as a fallback if detection using system proxy fails<\/strong>. To make sure that the highest levels of security, additionally leverage Windows Server Update Services (WSUS) Transport Layer Security (TLS) certificate pinning on all devices. For more information, see <a href=\"https:\/\/aka.ms\/WSUS-scans-part2\" target=\"_blank\" rel=\"noopener\">Changes to scans, improved security for Windows devices<\/a>.<br \/>\n<strong>Note<\/strong> This change does not affect customers who use HTTP WSUS servers.<\/li>\n<li>Addresses an issue in which a principal in a trusted Managed Identity for Application (MIT) realm does not obtain a Kerberos Service ticket from Active Directory domain controllers (DCs). This issue occurs after Windows Updates that contains <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2020-17049\" target=\"_blank\" rel=\"noopener\">CVE-2020-17049<\/a> protections released between November 10 and December 8, 2020 are installed and <strong>PerfromTicketSignature<\/strong> is configured to <strong>1<\/strong> or higher. Ticket acquisition fails with <strong>KRB_GENERIC_ERROR<\/strong> if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the <strong>USER_NO_AUTH_DATA_REQUIRED<\/strong> flag.<\/li>\n<li>Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Fundamentals, Windows Cryptography, and Windows Virtualization.<\/li>\n<\/ul>\n<p>This update is automatically downloaded and installed by Windows Update, but is also available from the <a href=\"https:\/\/www.catalog.update.microsoft.com\/Search.aspx?q=KB4598285\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a> sowie and via WSUS. If installing manually, the latest Servicing Stack Update (SSU <a href=\"https:\/\/support.microsoft.com\/help\/4566425\/\" target=\"_blank\" rel=\"noopener\">KB4566425<\/a> dated July 14, 2020) must be installed beforehand &#8211; although this SSU cannot be uninstalled.<\/p>\n<p>Microsoft is aware of the following issue related to the update: Certain operations, such as renaming, that you perform for files or folders on a Cluster Shared Volume (CSV) may fail with the error \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that does not have administrator privileges. The KB article suggests a workaround to fix this.<\/p>\n<h3>KB4598275 (Security-only update) for Windows 8.1\/Server 2012 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/help\/4598275\" target=\"_blank\" rel=\"noopener\">KB4598275<\/a> (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses the following items.<\/p>\n<blockquote><p>Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Fundamentals, Windows Cryptography, and Windows Virtualization.<\/p><\/blockquote>\n<p>The update is available via WSUS or in the <a href=\"https:\/\/www.catalog.update.microsoft.com\/Search.aspx?q=KB4598275\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a>. In case of a manual installation, the latest Servicing Stack Update (SSU) <a href=\"https:\/\/support.microsoft.com\/help\/4566425\" target=\"_blank\" rel=\"noopener\">KB4566425<\/a> has to be installed first. The same bugs are known as with the rollup update, details about the update are described in the KB article. I did not find a security update for Internet Explorer 11.<\/p>\n<p><strong>Similar articles:<\/strong><a href=\"https:\/\/borncity.com\/win\/2021\/01\/06\/microsoft-office-patchday-january-5-2021\/\"><strong><br \/>\n<\/strong><\/a><a href=\"https:\/\/borncity.com\/win\/2021\/01\/06\/microsoft-office-patchday-january-5-2021\/\">Microsoft Office Patchday (January 5, 2021)<\/a><a href=\"https:\/\/borncity.com\/win\/2021\/01\/06\/microsoft-office-patchday-january-5-2021\/\"><br \/>\n<\/a><a href=\"https:\/\/borncity.com\/win\/2021\/01\/13\/microsoft-security-update-summary-january-12-2021\/\">Microsoft Security Update Summary (January 12, 2021)<\/a><a href=\"https:\/\/borncity.com\/win\/2021\/01\/06\/microsoft-office-patchday-january-5-2021\/\"><br \/>\n<\/a><a href=\"https:\/\/borncity.com\/win\/2021\/01\/13\/patchday-windows-10-updates-january-12-2021\/\">Patchday: Windows 10-Updates (January 12, 2021)<\/a><a href=\"https:\/\/borncity.com\/win\/2021\/01\/06\/microsoft-office-patchday-january-5-2021\/\"><br \/>\n<\/a><a href=\"https:\/\/borncity.com\/win\/2021\/01\/13\/patchday-updates-fr-windows-7-server-2008-r2-january-12-2021\/\">Patchday: Updates f\u00fcr Windows 7\/Server 2008 R2 (January 12, 2021)<\/a><a href=\"https:\/\/borncity.com\/win\/2021\/01\/06\/microsoft-office-patchday-january-5-2021\/\"><br \/>\n<\/a><a href=\"https:\/\/borncity.com\/win\/2021\/01\/13\/patchday-windows-8-1-server-2012-updates-january-12-2021\/\">Patchday: Windows 8.1\/Server 2012-Updates (January 12, 2021)<\/a><a href=\"https:\/\/borncity.com\/win\/2021\/01\/06\/microsoft-office-patchday-january-5-2021\/\"><br \/>\n<\/a><a href=\"https:\/\/borncity.com\/win\/?p=18158\">Patchday Microsoft Office Updates (January 12, 2021)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]As of January 12, 2021, Microsoft has released various updates for Windows 8.1. However, these updates are also available for Windows Server 2012 R2. Here is some information about them.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,22,2],"tags":[2612,69,195,23,567],"class_list":["post-18145","post","type-post","status-publish","format-standard","hentry","category-security","category-update","category-windows","tag-patchday-1-2021","tag-security","tag-update","tag-windows-8-1","tag-windows-server-2012-r2"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/18145","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=18145"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/18145\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=18145"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=18145"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=18145"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}