Windows Server Update Services Users Getting Proxy-Use Change This Month – Redmondmag.com

News

Windows Server Update Services Users Getting Proxy-Use Change This Month

131205REDMackieAD ProxyEgg Windows Server Update Services Users Getting Proxy-Use Change This Month - Redmondmag.com

Microsoft on Tuesday notified Windows Server Update Services (WSUS) users that it’s no longer going to automatically support “user proxies” to get patches from Microsoft’s content delivery networks (CDNs), starting with this month’s cumulative update release.

Instead, Microsoft wants WSUS users to use “system proxies” to get patches. If an organization wants to have a user proxy as a fallback method, too, then they’ll have to configure it themselves, starting this month.

This nuance builds on Microsoft’s announcement back in September mandating the use of HTTPS for WSUS users tapping CDNs. At that time, Microsoft also explained that client proxies can be subject to man-in-the-middle tampering, so Microsoft doesn’t recommend using them.

With the January cumulative updates for Windows 10, released this week, Microsoft is now changing this proxy behavior for WSUS users.

Here’s how the announcement described the change:

Old behavior:

  • Scan with user proxy.
  • If user proxy fails, attempt scan with system proxy.

New behavior as of the January 2021 cumulative update:

  • Scan with system proxy.
  • If system proxy fails, attempt scan with user proxy.

To avoid scanning failures, Microsoft is advising WSUS users to not enable user proxies. However, if that’s not possible, then an option called, “Select the proxy behavior for Windows Update client for detecting updates,” should get specified by IT pros.

The user proxy setting can be specified using Group Policy, Configuration Service Provider policy or via Microsoft Endpoint Configuration Manager, as described in the announcement.

Microsoft also recommended that WSUS users who connect to the CDN using TLS/HTTPS use certificate pinning “to get the highest level of security.” However, the details weren’t described.

With certificate pinning, certain certificates are specified beforehand as being valid for a particular Web site. However, things can go wrong with this approach. PKI solutions provider DigiCert flatly advised against using certificate pinning in this blog post, for instance.

About the Author

Kurt Mackie is senior news producer for 1105 Media’s Converge360 group.

Source of this news: https://redmondmag.com/articles/2021/01/13/wsus-proxy-use-change.aspx

Related posts:

Dallas Invents: 134 Patents Granted for Week of March 16 » Dallas Innovates - dallasinnovates.com
Dallas Invents is a weekly look at U.S. patents granted with a connection to the Dallas-Fort Worth-Arlington metro area. Listings include patents granted to local assignees and/or those with a N...
Adrian Pruteanu shows how to evade Intrusion Detection Systems using Proxy Cannon [Tutorial] - Packt...
These days, it is fairly common for mature companies to implement Intrusion detection system (IDS), intrusion prevention systems (IPS), and security information and event management (SIEM) when they ...
Best VPN for iPhone and iPad 2021 - ZDNet
Image: Daniel Romero via Unsplash My iPhone offers pretty good connectivity, but tends to be hamstrung by the limits imposed by my cellular carrier. Even though I have an unlimited data plan, using ...
Far-Right Sites Are Turning to Chinese and Russian Hosts - Foreign Policy
The founder of neo-Nazi rag the Daily Stormer had some advice for the people who ran Parler, after the app was purged from the internet last week: Ask China or Russia for help. Parler, which had bec...
How to Use a VPN With School Wi-Fi - Alphr
Device LinksMost K-12 schools and colleges put limits on what students can access via Wi-Fi. In most cases, the reasoning behind this decision is sound: minors shouldn’t have access to possibly inapp...
Under Attack: How Threat Actors are Exploiting SOCKS Proxies - Security Intelligence
From the basic building blocks of the internet to cryptocurrency mining on a supercomputer, SOCKS sits at the core of computing. A SOCKS proxy can be used to improve network security in an enterprise...
Steps to create manufacturing software for corporation? - Tech Critter
There are many different various manufacturing software available for smaller businesses. The type of software you choose through the specific needs of your community. Some common features ...
Macdonalds Developing "SiliFuzz" For Fuzzing CPUs To Uncover Electrical Blemishes - Phoronix
By having OSS-Fuzz for continuous fuzzing of open-source projects and after that along with working on the various sanitizers for compilers, Google has been doing a lot for proactively unveiling s...
A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries - The Hacker News
A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japa...
Why Use A Proxy? - iProgrammer
A proxy server provides a gateway between users and the internet and therefore offers a range of advantages - both for access and for security. We examine the question, "Why Would You WANT A Proxy?" ...
Why You Shouldn’t Use The Gmail App On Your iPhone - Forbes
Yet again this week we have seen headlines pitching Apple against Facebook, as the iPhone maker’s crackdown on user tracking threatens mobile ad revenues. But while Facebook is clearly in Apple’s sig...
A brand new Watch Mail app ceases to use company’s own Correspondance Privacy Protection - 9to5Mac
A fabulous developer and security examiner has discovered that the official Apple Watch Post office app fails to use the company’s own Mail Privacy Insurance policy feature. The feature was ...
Mac How to Create a Proxy Server (2021) - Alphr
Proxy servers are beneficial because they act as mediators between your computer and the internet. They make online requests for you, and then they return the requested information. If you want to cr...
Follón and Expo 2020 Kuwait mark over 1, 200 days collaboration - ZAWYA
Over the last four years, additional than 1, 500 business days, Cisco ’s strategic collaboration has helped Expo 2020 Dubai establish a secure, intelligent foundation for connectivity. The...
Is Windscribe Netflix-Compatible In 2021? [Free VPN] - Cloudwards
While you may not always get the fastest connection speeds out of Windscribe, it’s easy to unblock Netflix with this versatile free VPN app. Free VPNs have acquired a somewhat negative reputation fo...
Individuals Demonstrate New Way to Locate MITM Phishing Kits documented in Wild - Internet
No fewer than 1, 220 Man-in-the-Middle (MitM) phishing websites have been came across as targeting popular around the services like Instagram, That is definitely, PayPal, Apple, Twitter, and th...
8 Ways Your iPhone Can Make Emailing More Secure - Gadget Hacks
Privacy is a growing concern in the tech industry, but Apple has fallen behind many of its peers when it comes to email security. Fortunately, iOS 15 changes that. Your email address is the key to a...
New ZE Loader Targets Online Banking Users - Security Intelligence
New ZE Loader Targets Online Banking Users <!-- --> IBM Trusteer closely follows developments in th...

IP Rotating Proxy Onsale

SPECIAL LIMITED TIME OFFER

00
Months
00
Days
00
Hours
00
Minutes
00
Seconds
First month free with coupon code FREE30