Gloridel Morales announces critical November patches for Azure DevOps Server, highlighting security and performance fixes, and provides guidance for patch installation and verification.

November Security Patches Released for Azure DevOps Server

Overview

Gloridel Morales provides details on the November patch release for Azure DevOps Server, Microsoft’s self-hosted DevOps platform. These updates are designed to enhance security, ensure compliance, and optimize server performance.

Key Updates in Patch 7 (Azure DevOps Server 2022.2)

Security Enhancement (TFVC Proxy):
- The hash algorithm used in the TFVC Proxy authorization process has been upgraded from SHA-1 to SHA-256.
- Action Required: Update both proxy and server components to avoid compatibility issues.
Build Tasks Issue Fixed:
- Resolved problems with unsigned binaries in MSBuildV1 and VSBuildV1 tasks, improving build process reliability.
Performance Optimization:
- Steps related to deleting job definitions by extension name have been optimized for better performance.

Download and Installation

Get the latest version: Azure DevOps Server 2022.2 Patch 7
Full release notes: Release notes

Installation Verification

To confirm successful patch installation, run:

devops2022.2patch7.exe CheckInstall

The downloaded executable can be found at the patch link above.
The command will confirm if the patch is installed or needs attention.

Recommendations

Microsoft strongly recommends that all Azure DevOps Server users apply this patch to maintain the most secure and stable configuration.
Regularly review release notes and keep your installation up to date for ongoing protection and reliability.

Additional Resources

This post appeared first on “Microsoft DevOps Blog”. Read the entire article here