Each month, the team at Readiness analyzes the latest Patch Tuesday updates from Microsoft and provides detailed, actionable testing guidance. This guidance is based on assessing a large application portfolio and a comprehensive analysis of the Microsoft patches and their potential impact on Windows platforms and application deployments.
For this February release cycle from Microsoft, we have grouped the critical updates and required testing efforts into different functional areas, including:
Networking and Remote Desktop Services
- Winsock: Microsoft advises that a multipoint socket (type c_root) is created and employed with the following operations: bind, connect, and listen. The socket should close successfully.
- DHCP: Create test scenarios to validate Windows DHCP client operations (discover, offer, request, and acknowledgment (ACK)).
- RDP: Ensure that you can configure Microsoft RRAS servers through netsh commands.
- ICS: Ensure that Internet Connection Sharing (ICS) can be configured over Wi-Fi.
- FAX/Telephony: Ensure that your test scenarios include TAPI (Telephony Application Programming Interface) initialization and shutdown operations. Since these tests require an extended runtime, allocate additional time in your project plan.
Local Windows File System and Storage
- Ensure that File Explorer correctly renders URL file icons. Microsoft recommends testing the Storage Sense clean-up tool. If disk quotas are enabled, confirm that all I/O workloads function as expected.
Local and Domain Security
- Domain controllers should continue to support certificate logons after applying the updates.
- Kerberos: Microsoft recommends creating authentication scenarios for domain-joined systems, using local and encrypted login methods.
If you have the time and resources (VM’s and networking), the Readiness team strongly recommends building a test Remote Desktop environment that includes a connection broker, remote desktop gateway, and remote desktops on virtual machines. After setting up each component, verify that all RDP connections are established successfully.
Testing Microsoft’s ICS this month requires an extended testing plan that includes:
- Usability testing: Create test scenarios to verify that the process of enabling/disabling ICS functions as expected.
- Validation: Microsoft recommends confirming that Network Address Translation (NAT) correctly translates private IP addresses to that of the shared connection.
- Security: Ensure that ICS traffic adheres to existing firewall rules and does not create unintended security risks.
