Automox has identified multiple patch administrator reports that the installation of Microsoft Patch Tuesday cumulative updates for Microsoft Windows 10 are causing possible Blue Screen Of Death (BSOD) errors. The updates in question address a key FILE port printing vulnerability of “important” severity classification (CVE-2021-1640). Microsoft is currently investigating the issue but has acknowledged and annotated in multiple KB articles accordingly that users may receive ‘APC_INDEX_MISMATCH’ errors with a BSOD after attempting to print with Kyocera, Ricoh and Zebra printers, among others, and using currently unnamed or unknown software applications.
As with any patch that introduces new potential risk, organizational stakeholders should consider the trade-off of installing these updates based on their own business objectives and risk tolerances. This is especially true if existing security controls can be modified to mitigate the vulnerabilities addressed by these security updates until a fix or workaround is identified.
Automox customers can prevent this patch from being installed by using the Automox Console, navigating to the Software page, and choosing “Ignore” from the Actions drop down of the associated KBs until a fix or workaround is in place as depicted below:
For customers that have already installed these updates, Automox has added a Worklet to our community to remove them from the environment.
Microsoft has qualified the following Windows releases to be impacted:
- 1803 to 20H2
Windows Server 2019
Related KB Articles
- KB5000802 for Windows 10 (2004 and 20H2)
- KB5000808 for Windows 10 (1909)
- KB5000822 for Windows 10 (1809)
- KB5000848, KB5000853 for Windows 8.1
- KB5000841, KB5000851 for Windows 7 (SP1)
About Automox Automated Patch Management
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-based and globally available, Automox enforces OS and third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-based patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.