News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Daily Archives: June 27, 2019

  • Microsoft (finally) posts its second monthly update for Win10 1903 – but the vanishing Update advanced options remains a mystery

    Posted on June 27th, 2019 at 20:20 woody Comment on the AskWoody Lounge

    Earlier today, Microsoft released KB 4501375, which brings Win10 1903 up to build 18362.207.

    As usual, the second monthly cumulative update is considered “optional, non-security” even if it includes fixes to bugs introduced by earlier security-only patches. In this case, the patch includes a fix for the Custom View bug in Event Viewer. No surprise there, as we got fixes for that same “security-only” bug earlier for 1803 and 1809.

    You’ll only get this patch if you click “Check for updates” (which, of course, you never do), or if you download and install it manually. If you do install it manually, be sure to first install the new Servicing Stack Update, KB 4506933.

    I’m seeing reports that the cumulative update is offered twice – even after it’s already installed. There’s also some confusing behavior with the “Download and install now” prompt appearing – even after the patch is installed. Clicking Check for updates again clears out the bogus “Download and install now.”


    Troublingly, there’s no mention of the mysterious vanishing Windows Update advanced update options. I sure hope we get that one fixed soon — or at least get a rationale for the bizarre behavior. My 1903 guinea pig machine, which was set to defer “quality updates” for 15 days (back when I could actually see the setting in the user interface, ya know) still hasn’t installed the first cumulative update for June.

    If you have any experiences to relate about 1903 deferrals, visible or invisible, I’m all ears.

  • Mimecast shows yet another way to zap systems using Excel’s Power Query feature

    Posted on June 27th, 2019 at 09:56 woody Comment on the AskWoody Lounge

    Early this morning, email security company Mimecast released a report detailing how malicious folks can attack by abusing the Excel feature called Power Query:

    Mimecast Threat Center found and developed a technique that uses a feature in Microsoft Excel called Power Query to dynamically launch a remote Dynamic Data Exchange (DDE) attack into an Excel spreadsheet and actively control the payload Power Query.

    The threat they describe isn’t unique — if you’ve been working with Excel for any time at all, you know there are features that just beg to be abused — but it is quite clever.

    The folks at Mimecast gave Microsoft a chance to respond, but

    Mimecast worked with Microsoft as part of the Coordinated Vulnerability Disclosure (CVD) process to determine if this is an intended behavior for Power Query, or if it was an issue to be addressed. Microsoft declined to release a fix at this time and instead offered a workaround to help mitigate the issue.

    Thus, we’re getting a full exposure. For more details, look at Mimecast’s report.