Windows 10, tutte le novità del Patch Tuesday di Aprile

In occasione del secondo Martedì del mese di Aprile, come ogni mese, Microsoft ha rilasciato i nuovi aggiornamenti cumulativi "di qualità" per Windows 10. Il 9 Aprile la compagnia ha cessato il supporto su una serie di software, mentre per quelli supportati ha rilasciato nuovi fix e nuove ottimizzazioni in seno a quello che chiama Patch Tuesday. Nonostante il cessato supporto, tuttavia, tutte le versioni di Windows 10 hanno ottenuto qualche novità, tutte ad eccezione della versione 1511 se non si considera il LTSC.

Windows 10 October 2018 Update, versione 1809, riceve il KB4493509 e arriva al build number 17763.437. Contiene le seguenti correzioni, così come riportate dal changelog ufficiale:

• Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
• Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
• Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
• Addresses an issue that may cause authentication issues for Internet Explorer 11 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons.
• Security updates to Windows Datacenter Networking, Windows Server, the Microsoft JET Database Engine, Windows Kernel, Windows Input and Composition, Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Virtualization, Windows MSXML, Windows SQL components, and Microsoft Edge.

In questa versione ci sono alcuni bug noti, fra cui uno con Internet Explorer e con alcune funzioni del Custom URI Schemes for Application Protocol. Un altro problema indicato da Microsoft è con il Preboot Execution Environment (PXE) da un server WDF configurato per utilizzare Variable Window Extensions. Problemi, comunque, che non dovrebbero coinvolgere il pubblico mainstream.

Si aggiorna anche Windows 10 April 2018 Update, versione 1803, con il pacchetto KB4493464 che porta la build alla 17134.706. Ecco le novità:

• Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers. These protections are enabled by default for the Windows Client, but disabled by default for Windows Server. For Windows Client (IT Pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable or disable these mitigations for VIA-based computers.
• Addresses a stop error that occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.
• Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
• Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
• Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
• Security updates to Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Storage and Filesystems, Windows Server, Windows Graphics, Windows Input and Composition, Windows Kernel, Windows Virtualization, Windows MSXML, and the Microsoft JET Database Engine.

Non ci sono bug noti in questa versione.

Chi è su Windows 10 Fall Creators Update, versione 1709, riceve il KB4493441 e la build arriva alla 16299.1087. Dovrebbe essere l'ultima per i canali consumer e introduce i seguenti fix:

• Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
• Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
• Addresses a stop error that occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.
• Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
• Security updates to Microsoft Scripting Engine, Windows Input and Composition, Windows Graphics, Microsoft Graphics Component, Windows App Platform and Frameworks, Windows Storage and Filesystems, Windows Server, Windows Datacenter Networking, Windows Server, Windows MSXML, Windows Kernel, Windows Virtualization, and the Microsoft JET Database Engine.

Qui è presente solo il bug con le funzioni del Custom URI Schemes for Application Protocol.

Andiamo avanti con il Windows 10 Creators Update, versione 1703, che riceve il KB4493474 e arriva alla build 15063.1747. Ecco le novità:

• Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
• Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
• Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
• Security updates to Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Storage and Filesystems, Windows Server, Windows Graphics, Microsoft Graphics Component, Windows Input and Composition. Windows Datacenter Networking, Windows Kernel, Windows MSXML, Windows Server, and the Microsoft JET Database Engine.
  

Windows 10 Anniversary Update, versione 1607, si aggiorna invece con il KB4493470 e arriva alla build 14393.2906. Si tratta dell'ultima versione per le SKU Enterprise ed Education, e da qui in avanti questa versione sarà supportata solo sul Long-Term Servicing Channel. Ecco le novità:

• Addresses an issue to meet GB18030 certificate requirements.
• Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
• Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
• Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
• Addresses an issue that may cause authentication issues for Internet Explorer 11 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons.
• Security updates to Microsoft Scripting Engine, Windows Storage and Filesystems, Windows Server, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Windows Datacenter Networking, Windows Kernel, Windows MSXML, Windows SQL components, and the Microsoft JET Database Engine.
  

In questa versione sono presenti alcune vulnerabilità note.

L'ultima versione aggiornata è quella originale di Windows 10, il cui supporto è presente solo sul LTSC. Questa riceve il pacchetto KB4493475 e arriva alla build 10240.18186. Ecco le novità:

• Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
• Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
• Addresses an issue with Custom URI Schemes for Application Protocol handlers, which may not start the corresponding application for local intranet and trusted sites on Internet Explorer.
• Addresses an issue that causes Internet Explorer to block a sub-resource download when its loaded over the HTTP protocol on a page hosted over the HTTPS protocol.
• Addresses an issue to meet GB18030 certificate requirements.
• Updates time zone information for Kazakhstan.
• Updates time zone information for São Tomé and Príncipe.
• Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
• Addresses an issue that prevents the CALDATETIME structure from handling more than four Japanese Eras. For more information, see KB4469068.
• Addresses an issue with Microsoft Office Visual Basic for Applications that fails to use the Japanese Era registry settings for dates in the Japanese format. For more information, see KB4469068.
• Addresses an issue that prevents users from enabling gan-nen support for the Japanese Era. For more information, see KB4469068.
• Addresses an issue that prevents date parsers from converting future and past dates (Gregorian and Japanese) in compound documents (formerly OLE) to a relevant Japanese Era date. For more information, see KB4469068.
• Security updates to Microsoft Scripting Engine, Windows Input and Composition, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Server, Windows App Platform and Frameworks, Windows Datacenter Networking, Windows MSXML, Windows Kernel, and the Microsoft JET Database Engine.

Non sono presenti vulnerabilità note.