By Sergiu Gatlan October 17, 2023 08:31 AM

Read this article for some update patches

According to customer reports, this month’s Patch Tuesday updates are breaking virtual machines on Hyper-V hosts, causing them to no longer boot and display “failed to start” errors.

According to complaints from Windows admins, the issue is triggered after installing KB5031361 and KB5031364 on Windows Server 2019 and Windows Server 2022 systems.

A Microsoft spokesperson told BleepingComputer that the company is aware of the issue and is investigating.

The following errors will be logged to the event viewer when trying to start a VM on an affected Hyper-V system:

Failed to start virtual machine TOOLS. Error: ‘TOOLS’ failed to start.
Failed to Power on with Error ‘Incorrect function.’
Failed to open attachment ‘vhdx_path’. Error: ‘Incorrect function.’

Administrators with impacted devices have noted that uninstalling the problematic updates resolves the issue, allowing all virtual machines (VMs) to start up without any problems.

This can be accomplished using the Windows Update Standalone Installer (WUSA) tool, which helps install and remove update packages through the Windows Update Agent API.

To fix the Hyper-V boot issues, open an elevated command prompt by clicking the Start menu, typing cmd, right-clicking the Command Prompt application, and choosing ‘Run as Administrator.’
Microsoft has yet to add this as a known issue to the Windows Health Dashboard, but, nonetheless, when it released the buggy cumulative updates, the company revised the support document for KB5031364, including and removing a known issue related to VMware ESXi.

“After installing this update on guest virtual machines (VMs) running Windows Server 2022 on some versions of VMware ESXi, Windows Server 2022 might not start up,” the now-removed known issue said.

“Only Windows Server 2022 VMs with Secure Boot enabled are affected by this issue. Affected versions of VMware ESXi are versions vSphere ESXi 7.0.x and below.”

Redmond also released emergency out-of-band Windows Server updates in January and December 2022 to fix known issues that caused Hyper-V VMs to no longer start and problems creating new VMs on some Hyper-V hosts.

Microsoft acknowledged a similar issue earlier this year affecting VMware ESXi VMs with Secure Boot after installing February 2023 cumulative updates. VMware issued emergency vSphere ESXi updates that fixed a bug causing boot issues after failing to locate a bootable operating system.

Article (https://www.bleepingcomputer.com/news/microsoft/october-windows-server-updates-cause-hyper-v-vm-boot-issues/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Axcient
“Where Service and Technical Skills Count”

Cloud Services Status (https://mspportalpartners.net/cloud-service-status/)

By Sergiu Gatlan September 21, 2023 01:57 PM
Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days fixed this year.

Two bugs were found in the WebKit browser engine (CVE-2023-41993) and the Security framework (CVE-2023-41991), enabling attackers to bypass signature validation using malicious apps or gain arbitrary code execution via maliciously crafted webpages.

The third one was found in the Kernel Framework, which provides APIs and support for kernel extensions and kernel-resident device drivers. Local attackers can exploit this flaw (CVE-2023-41992) to escalate privileges.

Apple fixed the three zero-day bugs in macOS 12.7/13.6, iOS 16.7/17.0.1, iPadOS 16.7/17.0.1, and watchOS 9.6.3/10.0.1 by addressing a certificate validation issue and through improved checks.

“Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7,” the company revealed in security advisories describing the security flaws.

The list of impacted devices encompasses older and newer device models, and it includes:

iPhone 8 and later
iPad mini 5th generation and later
Macs running macOS Monterey and newer
Apple Watch Series 4 and later
All three zero-days were found and reported by Bill Marczak of the Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group.

While Apple has yet to provide additional details regarding the flaws’ exploitation in the wild, Citizen Lab and Google Threat Analysis Group security researchers have often disclosed zero-day bugs abused in targeted spyware attacks targeting high-risk individuals, including journalists, opposition politicians, and dissidents.

Article (https://www.bleepingcomputer.com/news/apple/apple-emergency-updates-fix-3-new-zero-days-exploited-in-attacks/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Axcient
“Where Service and Technical Skills Count”

DO YOU REALLY WANT TO BUY THE NEW I15 PHONE THAT IS WAY OVERPRICED? Folks it is only a phone be real save the money