嗯,用户让我用中文帮他总结一下这篇文章的内容,控制在一百个字以内,而且不需要以“文章内容总结”或者“这篇文章”这样的开头,直接写描述就行。首先,我需要仔细阅读并理解文章内容。 文章主要讲的是微软10月份发布的KB5066835安全更新出现了严重问题。更新后,很多用户的Windows恢复环境(WinRE)无法正常工作,导致USB键盘和鼠标失灵。此外,更新还修复了一个加密绕过漏洞,但这个修复却导致一些企业系统崩溃,不得不回滚更新或手动修改注册表来解决。 用户还提到这些故障引发了对微软开发流程的质疑。有人认为微软在开发过程中可能没有进行充分的测试,甚至怀疑他们是否使用了AI工具来编写代码,导致质量下降。同时,文章中也有人建议避免在裸机上运行Windows,而是使用虚拟化技术来应对频繁的更新问题。 总结一下,文章的核心信息是:微软10月的安全更新存在严重bug,影响了多个系统和功能,并引发了对微软开发流程的批评。 接下来,我需要将这些信息浓缩到100字以内,并且直接描述内容,不使用特定的开头语。要注意用词简洁明了,涵盖主要问题:安全更新、WinRE故障、USB设备失灵、加密问题、企业影响以及开发流程的质疑。 最后检查一下字数是否符合要求,并确保信息准确无误。 </think> 微软10月安全更新KB5066835引发严重问题,包括Windows恢复环境WinRE无法使用USB键盘和鼠标、智能卡认证失败等。修复加密绕过漏洞导致部分企业系统崩溃。用户需手动修改注册表或回滚更新解决问题。 2025-10-21 15:32:45 Author: securityboulevard.com(查看原文) 阅读量:14 收藏
Showstopper bugs with security certificates—plus failing USB keyboards and mice—cause QA questions.
Microsoft’s Windows security update rollup is badly buggy this month. Post-patch, the WinRE recovery environment doesn’t work with most keyboards and mice. And a fix for a cryptography bypass bug is causing failures at several enterprises, requiring rollbacks or registry edits to resolve.
It’s leading to inevitable concerns about the Windows dev process. In today’s SB Blogwatch, we grab a Linux ISO.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Best of.
Satya Fiddles While Redmond Burns?
What’s the craic? Taryn Plumb asks, Security patch or self-inflicted DDoS?
“KB5066835”
An October 2025 Microsoft Windows security update is wreaking havoc on enterprises, impacting multiple systems. … The update in KB5066835 was intended to strengthen Windows cryptography, … but users may now be experiencing issues [that] impact … Windows 10 (version 22H2), Windows 11 (versions 23H2, 24H2, and 25H2), and Windows Server (2012, 2016, 2022, and 2025).
…
Smart card authentication and certificate issues include smart cards not being recognized as Cryptographic Service Providers (CSPs) in 32-bit applications, users’ inability to digitally sign documents, and failures in apps relying on certificate-based authentication. … Users can resolve it by modifying the DisableCapiOverrideForRSA registry key [to “0”].
…
Update KB5066835 can also cause USB … keyboards and mice to malfunction in WinRE, preventing navigation in recovery mode. … Microsoft has now released an out-of-band update, KB5070773, to address the issue.
What’s going on? Sergiu Gatlan has deets: Microsoft warns of Windows smart card auth issues after October updates
“Failures”
This month’s security updates are automatically enabling by default a security fix designed to address a security feature bypass vulnerability (CVE-2024-30098) in the Windows Cryptographic Services, built-in Windows service that handles security-related and cryptographic operations. … The DisableCapiOverrideForRSA registry key … isolate[s] cryptographic operations from the Smart Card implementation and block[s] attackers from creating a SHA1 hash collision to bypass digital signatures.
…
Affected users may observe various symptoms, from the inability to sign documents and failures in applications that use certificate-based authentication to smart cards not being recognized as CSP providers (Cryptographic Service Provider) in 32-bit apps. They can also see “invalid provider type specified” and “CryptAcquireCertificatePrivateKey error.” error messages.
What’s been happening on the ground? Sir Jon had a heck of a time with it:
Ran into this issue this weekend. First Windows’ latest update wouldn’t install. Did the normal checks and ran dsim for corrupted files. Rebooted and critical service failure. Rebooted into winre and asked for bitlocker. So unable to decrypt the drive.
…
In the end had to create a windows-to-go usb, decrypt the drive, then go to the backup from my NAS. … Thanks Microsoft for wasting my time. They’ve really got to get some proper programmers … that don’t rely on AI.
AI, you say? izacus sounds slightly sarcastic:
Wonder if they used Copilot for coding those features and then AI to review them. I bet the productivity of the engineers was off the charts for that one.
It’s not a good look. Here’s gweihir’s spittle flecked reaction:
How utterly incompetent can MS get? Apparently, this was not tested. And this is a “you are ****ed”-level bug. … Welcome to amateur-hour. At the same time, Linux recovery … continues to work just fine.
You might think the solution is to wait a week or two before updating. But u/IridiumIO has bad news for you:
No one … knows whether an update breaks anything or not. You upgrade to a new version, and over the next month nothing breaks so you think you’re in the clear. Then MS flips an internal switch and all of a sudden everything’s broken. You haven’t installed any new updates in that time, so you have no clear correlation for what actually broke things.
At least there are fixes. However, Hugo Rune has more bad news:
KB5070773 emergency replacement for this update is still failing to install.
Should we do something different? Yes, said MachineShedFred:
[Don’t] run Windows on bare metal if you don’t have to. … The best way to fix Microsoft products is to virtualize them. … Minor overhead increase on the CPU that is never pegged in exchange for a dead-simple way to roll back ****ty updates with ZFS snapshots.
Meanwhile, u/soru_baddogai unapologetically sums up their feels:
Satya Nadella has destroyed this company.
And Finally:
2023 (flashing images)
This month, we’re reprising the best of And Finally (because reasons).
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.
Image sauce: Geraldine le Meur (cc:by; leveled and cropped)
Recent Articles By Author
如有侵权请联系:admin#unsafe.sh