Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • MS-DEFCON 3: Yep, it’s time to get patched

    Posted on November 30th, 2017 at 15:50 woody Comment on the AskWoody Lounge

    Lots of warnings this month for odd bits and pieces, but it’s time to get everything caught up. There’s a nasty Equation Editor malware exploit making the rounds.

    Details in Computerworld Woody on Windows.

    With no small amount of fear and trepidation, I’m moving us to MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.

    UPDATE: You know how I said in the article….

    I’ve been waiting to see what Microsoft would do with Win10 version 1709. There was an entry in the Win10 Update History listing for a cumulative update called KB 4051963, which would bring 1709 up to build 16299.96, but that entry mysteriously disappeared yesterday.

    That was this morning. Guess what? Microsoft just released KB 4051963, which brings 1709 up to build 16299.98.

    Per SB, that new patch not only fixes the bug in this month’s Windows security updates that took out all Epson dot matrix printers (which is documented), it also fixes the bug in RDP/remote printing with certain printers (which is not documented).

    We also got KB 4054022, a new Servicing Stack update for 1709 (Servicing Stack updates are always OK to install); an improvement to “ease the upgrade and recovery experience to Windows 10 version 1709” KB 4055237; and an “update [that] changes the upgrade experience to Windows 10 Version 1709,” KB 4052342. No, I have  no idea what those last two entail.

  • In WSUS, Office 2010 update KB 4011618 and Office 2007 update KB 40144614, appearing dozens of times

    Posted on November 30th, 2017 at 15:23 woody Comment on the AskWoody Lounge

    @BoltsfanKevin just pointed me to an amazing thread on Spiceworks.

    Poster AB2000 has a screenshot of WSUS showing more than forty entries for Office 2010 update KB 4011618. Poster kevinhughes2 says he sees the same behavior with Office 2007 update KB 4011604.

    Anybody else see it?

    Reminder: This is the latest Equation Editor patch. As explained in my article this morning:

    Microsoft released an updated version of the Equation Editor patch. Per @abbodi86, the old versions (KB 4011276 and KB 2553204) only worked with English and Chinese versions of Office. The new patches, KB 4011604 (for Office 2007) and KB 4011618 (for Office 2010), now work with all languages.

  • Report that Win7 Monthly Rollup KB 4048957 crashes IE 11

    Posted on November 30th, 2017 at 13:59 woody Comment on the AskWoody Lounge

    Just got an email from JB:

    Have you heard of or seen an issue with Internet Explorer 11 crashing when the cumulative update for the Win 7 OS KB4048957 is installed? (not the IE patch mind you – the OS cumulative patch. Weird right?)

    We are seeing this on some Windows 7 x64 machines. Uninstalling the patch appears to resolve this as an interim fix. (Obviously not a long term fix as the patch is cumulative – but helpful workaround to buy time for now.)

    Initial indicators with a case we have open with Microsoft indicates if a registry key is removed this also fixes it (ironically, the removal also causes other issues so not a vector for the fix)

    Can anybody confirm?

  • Nadella: Win10 hits 600 million monthly active devices

    Posted on November 29th, 2017 at 11:22 woody Comment on the AskWoody Lounge

    Todd Bishop at GeekWire had it first:

    CEO Satya Nadella referenced the new number for the first time moments ago at the company’s annual shareholders meeting, where he is giving analysts and investors an update on Microsoft’s progress and strategy.

    That’s up from 500 million, announced in May.

    Be sure to read and interpret the number carefully: It’s monthly active devices, not users. It’s not clear to me if the 600 million number includes Xboxes, IoT devices, phones, and/or refrigerators.

  • How quickly — and thoroughly — does Apple fix macOS security holes?

    Posted on November 29th, 2017 at 10:56 woody Comment on the AskWoody Lounge

    You’ve no doubt read about the glaring security hole in macOS High Sierra version 10.13.1, that allows anybody to log in with the “root” account and no password.

    As best I can tell the bug was first publicized on Nov. 13. Very few folks saw the warning (hey! It’s a feature, not a bug!) at the time. I didn’t hear about it until yesterday — less than 24 hours ago, when Mark Gurman at Bloomberg wrote about it. (Mark’s much more photogenic these days, yes?)

    Of course, macOS users will have to wait until macPatch Tuesday, at which point the patch may or may not appear along with a gazillion of unrelated security and non-security patches, and may or may not break the computer.

    Oh. Hold on a second. Nope. Apple just rolled out the fix.

    UPDATE: You guessed it. The ultra-fast fix has a bug. Maybe more than one. Sigh.

  • Final AskWoody format is shaking out

    Posted on November 29th, 2017 at 08:23 woody Comment on the AskWoody Lounge

    You may have noticed the re-emergence of two long-missed “widgets” on the right side of this page. Several of you have written. Yes, this means the site is getting well again. (We haven’t seen any DoS style bombardments recently.) No, it’s not the final arrangement.

    As @PKCano noted to me privately, we’re really looking for something like this:

    • Login box
    • Welcome, shortcut to most-used links
    • Support AskWoody
    • Lounge list and links
    • Highly Recommended (I hand-pick Amazon ads)
    • Search
    • Ad from advertising broker
    • Recent Replies (20 with User name and time)
    • Recent Topics (20 with User name and time)
    • Shop Related products (auto generated ads)
    • Recent blog posts
    • Offiste links
    • Calendar
    • Ad for Win10 All-In-One for Dummies
    • Detailed Forum list

    It’ll take some time, but we’ll get there.

    I’m posting this in case you have recommendations. I’d sure like to hear about them, in the comments.

    For those of you who have asked… our advertising income took a serious hit these past few months, with the site bobbing up and down. The Lounge has been going for about nine months and, overall, we’re just breaking even financially. If you can help support the site it’ll be greatly appreciated.

    If you have workable ideas for a more sustainable site, I’d love to hear about it. Best idea I’ve heard is to tie it to an email newsletter, but there are all sorts of problems with that approach, given the interactive (and open, anonymous-friendly!) nature of what I’m doing.

  • HP is installing new spyware, “HP Touchpoint Analytics Client,” but the infection vector remains unclear

    Posted on November 29th, 2017 at 04:00 woody Comment on the AskWoody Lounge

    I can’t tell which versions of Windows are getting infected, or what is installing the “telemetry” (love that word) enhancement, but there are lots of reports now about HP Touchpoint Analytics Service showing up as a scheduled service.

    See Günter Born’s original article.

    Also see Martin Brinkmann’s analysis on ghacks.

    Computerworld Woody on Windows.

    UPDATE: Rachel England at engadget reports that HP has responded to her story about the HP spyware. Here’s what HP said:

    HP Touchpoint Analytics is a service we have offered since 2014 as part of HP Support Assistant. It anonymously collects diagnostic information about hardware performance. No data is shared with HP unless access is expressly granted. Customers can opt-out or uninstall the service at any time.

    HP Touchpoint Analytics was recently updated and there were no changes to privacy settings as part of this update. We take customer privacy very seriously and act in accordance with a strict policy, available here.

  • Patch Alert: Where we stand with this month’s mess

    Posted on November 28th, 2017 at 15:30 woody Comment on the AskWoody Lounge

    This month’s “security” patches bring forced upgrades, broken Epson printers, a vanishing patch, yanked .NET patches that underscore confusion inside Microsoft itself, blocked cumulative updates, and a self-induced memory violation error.

    Computerworld Woody on Windows.