News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Daily Archives: March 12, 2019

  • GWX Redux: We’re going to get “upgrade to Win10” nag notices in Win7

    Posted on March 12th, 2019 at 13:55 woody Comment on the AskWoody Lounge

    Any of you remember the GWX insanity – “Get Windows 10” and its associated deceits?

    I’m assured that Microsoft has learned its lesson. Microsoft has just released the first volley in its new, improved “Get Windows 10” campaign. According to Matt Barlow, on the Windows Blog:

    Beginning next month, if you are a Windows 7 customer, you can expect to see a notification appear on your Windows 7 PC. This is a courtesy reminder that you can expect to see a handful of times in 2019. By starting the reminders now, our hope is that you have time to plan and prepare for this transition. These notifications are designed to help provide information only and if you would prefer not to receive them again, you’ll be able to select an option for “do not notify me again,” and we will not send you any further reminders.

    Y’all remember how well that worked with the GWX campaign.

    Mary Jo Foley threaded the needle gently:

    Just closing the pop-up using the X in the right corner won’t prevent users from getting more of these notifications, however…. My guess is Microsoft is alerting users about the coming pop-up several weeks early so they’re not surprised — or worried that the coming pop-ups are malware — once they start appearing in April.

    Guess it depends on your definition of “malware,” eh?

  • March 2019 Patch Tuesday patches

    Posted on March 12th, 2019 at 12:10 woody Comment on the AskWoody Lounge

    They’re starting to roll in.

    Martin Brinkmann has a full roundup on ghacks.net:

    • Windows 7: 21 vulnerabilities of which 3 are rated critical and 18 are rated important.
    • Windows 8.1: 20 vulnerabilities of which 3 are rated critical and 17 are rated important.
    • Windows 10 version 1703:  24 vulnerabilities of which 2 are critical and 22 are important
    • Windows 10 version 1709: 28 vulnerabilities of which 2 are critical and 26 are important
    • Windows 10 version 1803: 33 vulnerabilities of which 6 are critical and 27 are important
    • Windows 10 version 1809: 33 vulnerabilities of which 6 are critical and 27 are important

    The Microsoft Update Catalog lists 124 individual patches.

    Dustin Childs has his usual thorough review on the ZDI blog:

    security patches for 64 CVEs [ = separately identified security holes ] along with four advisories… Four of these bugs are listed as public and two are listed as being under active attack at the time of release.

    The two that are under active attack (which is to say, the two 0days) are both rated “Important” which, as many of you know, means they aren’t really all that important. They’re “elevation of privilege” attacks — a miscreant has to be in your system already before they can leverage one of these two attacks to move themselves up to admin level.

    The list of Win10 patches is up on Reddit.

    Win10 1809 – It looks like the “crazy” performance drop in games, including Destiny 2, has been fixed.

    There’s a Servicing Stack Update for Windows 7 that’s related to the SHA-2 “critical update” we’ve been expecting since November. No idea if this is the whole fix, or if it’s just a part of enabling SHA-2 encryption for Win7 patches. As noted in the earlier article, you need to get this Servicing Stack Update in order to install any Win7 patches after July. Thx @EP, @Crysta.

    6 new Office security patches, to add to the 28 non-security patches from earlier this month. Two new versions of Office Click-toRun: 15.0.5119.1000 for Office 2013; 14.0.7230.5000 for Office 2010.

    I don’t see anything screaming to be patched at this moment. More as the day wears on.

  • Microsoft announces auto-uninstall for bad Win10 patches

    Posted on March 12th, 2019 at 06:56 woody Comment on the AskWoody Lounge

    Yesterday, Microsoft posted an odd Knowledge Base article that has me scratching my head. KB 4492307 says:

    Windows automatically installs updates to keep your device secure and running at peak efficiency. Occasionally, these updates can fail due to incompatibility or issues in new software. Your device has recently recovered from a startup failure if you have received this notification: “We removed some recently installed updates to recover your device from a startup failure.” If Windows detects this, it will try to resolve the failure by uninstalling recently installed updates. This is only done when all other automatic recovery attempts have been unsuccessful.

    To ensure that your device can start up and continue running as expected, Windows will also prevent problematic updates from installing automatically for the next 30 days. This will give Microsoft and our partners the opportunity to investigate the failure and fix any issues. After 30 days, Windows will again try to install the updates.

    That’s pretty short ‘n sweet – long on promises, short on details – but it begs a host of questions. It appears to announce a new Win10 feature that interrupts an endless reboot cycle and removes the most recently installed cumulative update and/or driver(s).

    Further, the feature blocks installation of the same cumulative update and/or driver(s) for 30 days — which is more or less the amount of time necessary to hit the next month’s cumulative update. In the case of bad Patch Tuesday patches, the next Patch Tuesday rolls around in 28 or 35 days. Makes you wonder why the KB article doesn’t say that the auto-uninstaller will just skip the current cumulative update.

    There’s no mention of which Windows 10 versions are covered.

    @alQamar tweets

    Great idea, but the uninstaller should ask before running.

    This KB article references other articles that are ancient — one describes automatic updates for XP and Windows 2000, another describes expanding drivers for Vista.

    It sure does sound like something an intern dredged up and posted just to increase his/her KB count. But maybe I’m wrong – maybe this is a significant new feature. We may never know.

    Color me skeptical, but if you ever hit a “We removed some recently installed updates to recover your device from a startup failure” notification, I’d sure like to hear about it.

    Thx Richard Speed at The Register, Rod Trent at myITforum, @rsmith98, Sergiu Gatlan at Bleeping Computer.