- A significant update for all supported versions (2016-2022) of Microsoft SQL Server that will require a full installation test.
- An updated Windows core library (SQLOLEDB) that helps Windows applications communicate with SQL Server databases and tools. While Microsoft has rated this change as low risk, Readiness recommends a portfolio analysis highlighting all applications that rely on this data-driven communication approach and a full testing cycle for each one identified.
Due to the nature of this September SQL Server update, we strongly recommend testing the patch itself and the patch application process, with an eye toward the patch REMOVAL process. We understand that this will take time, skill, and effort, but it will be better than a full restore from a backup.
Windows
Microsoft has put the spotlight on network security and memory management issues this month with the following changes to Windows:
- Due to an update to memory handling from 64-bit to 32-bit in Windows (called thunking), 32-bit camera apps will need to be tested on 64-bit machines this month. Using Microsoft Teams or playing a video from a USB drive would provide good test coverage for this change.
- Virtual machines (VMs) that require a VPN will need to undergo connectivity testing. Additionally, the following protocols (PPP, PPTP, SSTP) will require a basic connectivity test.
- A minor update to Windows Defender will require basic endpoint security testing.
- This month, we will be rolling out a minor update to basic networking features that will require a high network traffic test. The focus should be on large file transfers using applications such as Teams, Outlook, and Microsoft Edge.
Microsoft has released a major update to the MSI Installer subsystem that will require application installation level testing for a portion of its portfolio. Part of this update relates to the way shell links are handled in the storage subsystem, which could cause redirected folders or shortcuts to behave unexpectedly during an installation, particularly in secure or locked down configurations.