Each month, the team at Readiness analyses the latest Patch Tuesday updates from Microsoft and provides detailed, actionable testing guidance. This guidance is based on assessing a large application portfolio and a detailed analysis of the Microsoft patches and their potential impact on the Windows platforms and application installations.
Given the large number of changes included in this March patch cycle, I have broken down the testing scenarios into a high risk and standard risk groups:
Microsoft has a published several “high-risk” changes this month that have been included in the March Patch Tuesday release cycle. While all these changes may not lead to functionality changes, the testing profile for each of these updates should be mandatory:
- Microsoft has updated how DCOM responds to remote requests as part of the recent hardening effort. This process has been underway since June 2021 (Phase 1), with an update in June 2022 (Phase 2) and now this month with all changes now implemented as mandatory. DCOM is a core Windows component used for communicating between services or processes. Microsoft has advised that this (and full deployment of past recommendations) will cause application-level compatibility issues. Microsoft has offered some support on what is changing and how to mitigate any compatibility issues as a result of these recent mandatory settings.
- A major change to the core system file Win32kfull.sys has been included in this month’s March patch cycle as two functions (DrvPlgBlt and nf-wingdi-plgblt have been updated. Microsoft has advised there is no functional changes to these functions. Testing applications that depend on these functions will be essential before a full deployment of this month’s Patch Tuesday updates.
These scenarios will require significant application-level testing before a general deployment of this month’s update.
- Bluetooth: Try adding and removing new Bluetooth devices. Stressing Bluetooth network devices would be highly advised.
- Windows Network stack (TCPIP.SYS): Basic web surfing, “normal” file transfers and video streaming should be sufficient to test this month’s changes to the Windows networking stack.
- Hyper-V: Try testing both Gen1 and Gen2 virtual machines (VM’s). Both types of machines should start, stop, shut down, pause, and resume successfully.
In addition these changes, Microsoft has updated a key memory function (D3DKMTCreateDCFromMemory) that affects two key system level Windows drivers (win32kbase.sys and win32kfull.sys). Unfortunately, in past updates to these drivers some users have BSOD SYSTEM_SERVICE_EXCEPTION errors. Microsoft has published a nice article on how to manage these issues – which we hope that you don’t have to resolve this month.