Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – documentation for admins

    Posted on March 24th, 2018 at 16:16 Susan Bradley Comment on the AskWoody Lounge

    This post is for all those admins out there in the trenches that have to deal with Windows 7, 8.1, Server 2008 R2, Server 2012 R2 and so on.  The other day it was pointed out to me that all of the documentation for the legacy products have been moved to a new location here:

    The concerning part of the news was/is that this documentation has been (as I understand it) flagged to not be searchable by Google or Bing.  Given that Windows 7 and Server 2008 R2 still have a year and a smidge of extended support as deemed by the Microsoft product support lifecycle, documentation, in my opinion, should be publicly searchable via the tools that us Admins use to find stuff.

    Then on top of that…. we still have folks looking for migration guidance in and out of small business products and just in my review of some of the links for Essentials servers, they are broken with 404’s all over the place.

    So,  if you are an admin like me and think that all documentation should be searchable, sign up on GitHub and vote up my feedback!

  • Friday night patch dump: KB 4088881, a flawed Win7 Monthly Rollup preview and KB 4089187, an IE fix

    Posted on March 24th, 2018 at 08:19 woody Comment on the AskWoody Lounge

    Microsoft continues its any-day-of-the-month patching policy with a highly anticipated preview of the April Win7 Monthly Rollup and a rushed patch for IE on Win7 that resolves a bug introduced two weeks ago

    When Microsoft released its gang of patches last Thursday, one patch was remarkably absent: We didn’t get a preview of next month’s Win7 Monthly Rollup. Win8.1, Server 2012 and Server 2012R2 all got previews, but not Win7 (or Server 2008R2).

    I hypothesized at the time that Microsoft didn’t release a new Win7 April Monthly Rollup preview because they were still trying to fix the bugs they introduced in this month’s Monthly Rollup for Windows 7 and Server 2008 R2, KB 4088875, and  the download-and-manually-install Security-only patch for March, KB 4088878.

    Microsoft now acknowledges all of these bugs in March’s Win7 Patch Tuesday release:

    • After you install this update, SMB servers may leak memory.
    • A Stop error occurs if this update is applied to a 32-Bit (x86) machine with the Physical Address Extension (PAE) mode disabled.
    • A Stop error occurs on computers that don’t support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2).
    • A new Ethernet virtual Network Interface Card (vNIC) that has default settings may replace the previously existing vNIC, causing network issues after you apply this update. Any custom settings on the previous vNIC persist in the registry but are unused.
    • IP address settings are lost after you apply this update.

    All of those bugs are new in March, except the memory leak, which first appeared in January.

    With the new, delayed preview of April’s Win7 Monthly Rollup, you might expect that at least some of those bugs would be fixed. Not so. They’re all still around, per the official write-up.

    Microsoft is working on a resolution and will provide an update in an upcoming release.

    Sooner or later.

    In addition to the Friday night Monthly Rollup preview that doesn’t fix the major bugs, Microsoft rolled out a patch for a bug introduced in IE by its Patch Tuesday patch. Another patch of a patch. The article for the original Patch Tuesday patch, KB 4089187, has been modified to state:

    After you install this update, security settings in some organizations that are running Windows 7 SP1 or Windows Server 2008 R2 may prevent Internet Explorer 11 from starting because of an invalid SHA1 certificate.

    To resolve this issue, use one of the following methods:

    If you’re a bit rusty on manually whitelisting an SHA1 certificate, you can run the patch released on Friday night, KB 4089187. Note that this is only for IE 11 running on Windows 7 (and Server 2008R2).

    I think of it as Mother Microsoft’s way of telling you that you really shouldn’t be using IE. Excuse my snark.

    Of course, you’ve been following along here and know that we’re still at MS-DEFCON 2, which means you didn’t install the original buggy patches, anyway. Right?

    By the by… for those of you who are manually installing the cumulative updates for Win10 1703 or 1607, there’s now an explicit warning in the associated KB article:

    Important When installing both the SSU (KB4088825) and the LCU updates from the Microsoft Update Catalog, install the SSU before installing the LCU.

    Which is an obtuse way of saying that, if you’re going to install the Cumulative Update manually, you better get the Servicing Stack Update installed first.

    MrBrian speculates that the root problem is the race condition on installation that Susan Bradley talked about last week.

    The Servicing Stack updates for 1703 and 1607 were part of the Thursday blast.

    Thx, @MrBrian, @gborn

  • The move to our new server is underway

    Posted on March 24th, 2018 at 05:30 woody Comment on the AskWoody Lounge

    The die is now cast.

    It’ll likely take a couple of days. If things get a little flakey, my apologies in advance!

  • The end is near – a Win10 1803 beta build without the watermark

    Posted on March 23rd, 2018 at 13:13 woody Comment on the AskWoody Lounge

    I’ve generally avoided posting about the beta builds of the next version of Windows, which has no official name (that’s GOOD) except “version 1803.” The beta builds have, in general, been more of the same with very few worthwhile changes.

    I’m current downloading and installing build 17128.1, which apparently doesn’t have the “Evaluation copy” watermark on the desktop.

    That puts me in a dead run to get the third edition of “Win10 All-In-One For Dummies” off to the publisher.

    It’s gonna be a long weekend!

  • More Windows patches — and warnings about the Win10 1709 update KB 4089848

    Posted on March 23rd, 2018 at 08:24 woody Comment on the AskWoody Lounge

    In yet another out-of-out-of-band flurry, on Thursday Microsoft released new cumulative updates for all Win10 versions, a couple of Servicing Stack updates, two previews of Monthly rollups… and absolutely nothing that fixes the flaws in this month’s botched Win7 patch.

    And the Windows Update bypassing routine blamed for the forced push from Win10 1703 to 1709? It’s baaaaaaaaaack.

    Computerworld Woody on Windows.

    UPDATE: @PKCano found a patch for Win10 1709 that “This update makes improvements to ease the upgrade experience to Windows 10 Version 1709.”

    Go figger. KB 4094276. It’s listed on the KBNew page, but the link there (which was provided by Microsoft) doesn’t work.

  • Surprise! A new version of the Windows Update block-buster KB 4023057

    Posted on March 23rd, 2018 at 07:42 woody Comment on the AskWoody Lounge

    While scanning through the KBNew list, I bumped into an old f(r)iend, KB 4023057. Looks like it was re-issued on March 22 — along with about half a gazillion patches for Windows.

    KB 4023057, if you don’t recall, is the patch that’s credited with busting through sites that have Windows Update blocked. There’s a discussion here, with this description from abbodi86:

    it evolved from just fixing registry to restore tasks and fix drivers DB, and compatibilty for UAC management..

    the main purpose or function did not change: re-allow blocked or disabled WU

    Of course, Microsoft’s official description is the usual “Nothing to see here, folks” drivel:

    This update includes reliability improvements that affect the update service components in Windows 10 Versions 1507, 1511, 1607, and 1703.

    This update includes files and resources that address issues that affect the update processes in Windows 10. These improvements ensure that quality updates are installed seamlessly on your device and help to improve the reliability and security of devices running Windows 10.  When Windows update is available for your device, devices that do not have enough disk…

    Only certain builds of Windows 10 Versions 1507, 1511, 1607, and 1703 require this update. Devices that are running those builds will automatically get the update downloaded and installed through Windows Update.

    This update is also offered directly to Windows Update Client for some devices that have not installed the most recent updates. This update is not offered from the Microsoft Update Catalog.

    I just wish Microsoft could speak plainly. In this case, some Win10 users (not sure which ones) are getting a patch that (apparently?) breaks their wuauserv settings. I assume that its entire reason for existence is to push more people onto the next version of Win10.

    Does anybody out there have any better info?

  • We’re testing on the new server

    Posted on March 23rd, 2018 at 02:16 woody Comment on the AskWoody Lounge

    It isn’t ready yet, but the initial data copy to the new server is now complete. Test, test, test.

    You shouldn’t see anything odd here, on the old server, but rest assured that we’re plunking away….

  • OUt-of out-of band patches for Win10 1709, 1703 and 1607

    Posted on March 22nd, 2018 at 15:18 woody Comment on the AskWoody Lounge

    Just a heads-up. We’ll have more later.

    KB 4089848 brings 1709 up to Build 16299.334 – seems to have fixed the problem with the January Delta update

    KB 4088891 brings 1703 up to build 15063.994

    KB 4088889 brings 1607 up to build 14393.2155 – this one’s a bit surprising because 1607 is due to go off life support in a couple of weeks.

    Also, a Servicing Stack update for 1703, KB 4088825, and a Servicing Stack update for 1607, KB 4089510.

    Two previews of Monthly rollups, KB 4088882 for Win 8.1 and Server 2012 R2, and KB 4088883 for Server 2012.

    Martin Brinkmann has some notes on his site.

    I’ve updated the list of revised KB articles, KBNew.