Woody Leonhard's no-bull news, tips and help for Windows and Office
RSS icon Email icon Home icon
  • WZor leaks Windows Server 10 Preview build 9926 and overview of new ‘Nano Server’

    Posted on March 2nd, 2015 at 07:58 woody No comments

    Nice to see WZor back in the thick of things.

    InfoWorld Tech Watch.

  • MS-DEFCON 4: Get Microsoft patches applied, but be aware of one big outstanding problem

    Posted on March 1st, 2015 at 15:44 woody 8 comments

    It looks like the February 2015 Black Tuesday patches have been fixed, by and large. But there are some exceptions, listed here.

    If you use Cisco AnyConnect VPN client, or Fortinet VPN Client 5.2.3, it’s easier to skip KB 3023607 for now. Microsoft and Cisco have come up with a manual Fixit, in case you do apply 3023607. There’s no solution, other than uninstalling the patch, for the Fortinet VPN client. Microsoft is on the hook to release an updated version of the patch next month. (How do you know if you’re using AnyConnect? After you install the patch, when you try to log on, you get the message “Failed to Initialize connection subsystem.”)

    If you’re using Vista, y0u might want to pass on patch KB 3013455, another kernel mode patch. Many people running Vista report that some font rendering is so bad they can’t read the screen. If you do install the patch, and you can’t stand the fuzzy fonts, run over to KB 3037639 and fix the fix. Microsoft is rumored to have a new version coming for this one, too, although it may have been fixed in the surreptitious re-release on Feb. 27.

    Finally, a problem from December 2014 hasn’t been fixed yet: If you use Excel macros, you’re better off avoiding the December patches KB 2726958 for Office 2013, KB 2553154 for Office 2010, and KB 2596927 for Office 2007. If you (or your customers) have those patches, and encounter problems with Excel macros, head over to KB 3025036 for manual Fixits and some additional tips. Note that KB 3025036 is now up to version 10.0. Kinda makes you feel warm and fuzzy.

    With those three caveats, I recommend that you install all outstanding Microsoft patches. That takes us down to MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.

    My usual boilerplate advice:

    For those of you who are new to this game, keep in mind that… You should always use Windows Update to install patches; downloading and installing individual patches is a clear sign of impending insanity. I always install Windows Defender/Microsoft Security Essentials updates as soon as they’re available – same with spam filter updates. I never install drivers from Windows Update (in the rare case where I can actually see a problem with a driver, I go to the manufacturer’s web site and download it from the original source). I almost never install “Recommended” patches (reader Marty suggests that you uncheck the Windows Update box that says “Give me the recommended updates the same way I receive important updates”). If Windows Update has a patch but the box isn’t checked, DON’T CHECK THE BOX. It’s like spitting in the wind. I use Chrome and Firefox, and only pull out IE when I feel very inclined — but even if you don’t use IE, you need to keep up with its patches.

  • 20 epic Microsoft Windows Automatic Update meltdowns

    Posted on February 27th, 2015 at 13:31 woody 4 comments

    When the editors at InfoWorld asked me to list the 20 worst patches of all time, I just about croaked. Just 20?

    Anyway, here’s my best shot. If you have other favorites, please comment in the article!


  • Third party patches

    Posted on February 27th, 2015 at 06:46 woody 10 comments

    Randy the Tech Professor just wrote in with his ancillary list for this month:

    Not many updates this month but some crucial ones: Adobe Flash, Google Chrome, Mozilla Firefox

    Adobe announced a critical vulnerability (being actively attacked) on February 2, then released an update on February 5.

    The vulnerability is being exploited in drive-by-download attacks and should be patched as soon as possible.

    Here is the link:

    Best wishes and stay warm!

    (Thanks, Randy. For an entire week, my driveway was coated in ice – couldn’t get the car up, but my son had a great time jumping on a sheet of cardboard and riding down. Nashville’s much warmer this week. For my Phuket-accustomed bones, that’s wonderful!)

  • No more Google tracking here

    Posted on February 25th, 2015 at 07:10 woody 17 comments

    For those of you who asked…

    Yes, I finally removed the Google ads from this site. A couple of days ago, I saw an ad for a registry cleaner that’s dangerous, and one for a completely dubious anti-malware service.

    I’ve always felt bad about putting Google-chosen ads on the site. Enough is enough. Google ads are gone.

  • WZor leaks new Windows 10 build 10022 and Server 9926 screenshots

    Posted on February 23rd, 2015 at 06:41 woody No comments

    Not a whole lot that’s new, but some interesting comments in a developer’s Release Notes.

    InfoWorld Tech Watch

  • Microsoft surreptitiously reissues KB 3013455 for Vista, Windows Server 2003

    Posted on February 19th, 2015 at 07:16 woody 12 comments

    See the comments at the end of the post for updates.

    InfoWorld Tech Watch

  • Microsoft rereleases botched December patch KB 3004394 — and it works

    Posted on February 18th, 2015 at 08:46 woody 5 comments

    Thanks to JB and MM for the heads-up, and SB for corroboration.

    Remember that monster patch from last December — the one that required a Silver Bullet patch to zap it away? The Root Cert patch is back – and it seems to be working.

    InfoWorld Tech Watch