News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Daily Archives: January 20, 2020

  • Citrix announces security patches for some (but not all) of its compromised products

    Posted on January 20th, 2020 at 17:01 woody Comment on the AskWoody Lounge

    Citrix says it’s fixed some things, and will fix the rest soon. Per the web announcement:

    Permanent fixes for ADC versions 11.1 and 12.0 are available as downloads here and here.

    • These fixes also apply to Citrix ADC and Citrix Gateway Virtual Appliances (VPX) hosted on any of ESX, Hyper-V, KVM, XenServer, Azure, AWS, GCP or on a Citrix ADC Service Delivery Appliance (SDX). SVM on SDX does not need to be updated.
    • It is necessary to upgrade all Citrix ADC and Citrix Gateway 11.1 instances (MPX or VPX) to build 11.1.63.15 to install the security vulnerability fixes. It is necessary to upgrade all Citrix ADC and Citrix Gateway 12.0 instances (MPX or VPX) to build 12.0.63.13 to install the security vulnerability fixes.

    Nope, that doesn’t cover all the bases.

    We have moved forward the availability of permanent fixes for other ADC versions and for SD-WAN WANOP from our previous target dates as follows:

    • ADC version 12.1, now January 24
    • ADC version 13 and ADC version 10.5, now January 24
    • SD-WAN WANOP fixes, now January 24

    “Soon” being relative, I guess.

    UPDATE: As of early Tuesday morning, Kevin Beaumont reports that GreyNoise’s honeypots are trapping lots of attempts to break into Citrix Gateway systems.

    The top thirty most scanned URLs today are almost all Citrix Gateway related. If you haven’t patched or mitigated your devices, you’re likely in deep doo doo. There’s another nugget in that data, which is people are scanning for Citrix devices using other paths, e.g. font files etc – likely IDS avoidance technique.

    Details in Computerworld Woody on Windows.

    UPDATE: FireEye just released a tool that scans for infections. Citrix has details.

  • Patch Lady – BornCity reports issue with 1909 KB4528760

    Posted on January 20th, 2020 at 16:47 Susan Bradley Comment on the AskWoody Lounge

    Windows 10 V1909: Update KB4528760 drops error 0x800F081F

    Over on BornCity he’s reporting tracking some issues with KB4528760.   I’ve already patched several 1909’s with no issues so I’m not seeing this as widespread.  But needless to say we’ll be keeping an eye out as to what’s what.

  • Patch Lady – Windows 10 versus 7 dealing with issues

    Posted on January 20th, 2020 at 15:15 Susan Bradley Comment on the AskWoody Lounge

    In the post Windows 7 era – if you are now dealing with Windows 10 there’s different ways to deal with issues.

    G. Winston Natoli shared this recap of the major ways to fix up 10:

    Windows 10 keeps it’s own local system image (which it uses to operate a variety of Windows functions)

    • It is not a backup of the system volume or boot volume (the system image you would create using Windows or 3rd party imaging utilities)
    • Windows keeps an additional set of files called the component store located in the WinSXS folder. Note: Windows total component store is comprised of those files in WinSXS and other files (via Hard Links external to WinSXS) in various Windows system folders.
    • DISM commands can: Scan, Check, Clean and Restore (repair)any files within the local system image.

    ScanHealth
    CheckHealth
    Cleanup-Image
    RestoreHealth

    • When restoring/repairing using DISM’s RestoreHealth command) it will first look locally for file corruption, then automatically repair, if necessary also to Windows Update for the installed version specific files….once done restoring the local system image (that Win10 uses to operate) – effectively updating and fixing Windows files and ensuring that its component store is sound.
    • SFC needs a clean, updated local system image and component store to function

    Fyi…DISM is not available in Windows 7 and earlier(*).  i.e. the landscape for maintaining and fixing Windows has changed since Windows 7…one of the reasons, SFC in Windows 10 needs a functional, non-corrupted component store.

    Repair Windows 10 Apps

    • Use the Store Troubleshooter
    • See KB4028054

    < https://support.microsoft.com/en-us/help/4028054/windows-10-repair-or-remove-programs>

    If the Repair option is not available for an app, reset or uninstall and reinstall from the MSFT Store. If uninstall is not available, use the MSFT Store check if updates for the App are available then download and update the app.

    As attempted to note earlier…..It’s always a good idea, before changing or attempting to change anything in Windows 10 to validate the local system image using the DISM CheckHealth and ScanHealth commands. Not doing so, one always risk the the chance of attempting to fix something that is broken with a broken Windows.

     

    (*) As noted in the forum, it doesn’t do the same in 7 as it does in 10 and therefore not comparable.

  • Reports: Server 2008 R2 systems boot to recovery mode after January patches applied

    Posted on January 20th, 2020 at 12:28 woody Comment on the AskWoody Lounge

    Not clear which patches are causing the problem, but I’m seeing multiple reports of a boot to recovery mode on Server 2008 R2 systems.

    Can anybody out there confirm?

  • Closing the book on Windows 7

    Posted on January 20th, 2020 at 01:15 Tracey Capen Comment on the AskWoody Lounge

    WINDOWS 7

    By Susan Bradley

    We’ve finished the last chapter for the storied Windows 7 operating system — at least for almost all home users.

    With all the various notifications, can there be a Win7 user who doesn’t know that the last general patches were sent out this past Tuesday (January 14)? If so, it’s time to come out from under your rock.

    Read the full story in AskWoody Plus Newsletter 17.3.0 (2020-01-20).

  • Win10’s default lock screen is a wasted opportunity

    Posted on January 20th, 2020 at 01:10 Tracey Capen Comment on the AskWoody Lounge

    LANGALIST

    By Fred Langa

    The default Win10 lock screen is awful — a cluttered mess of ads, random impersonal images, and vanilla system information.

    But all three of those elements are easily customized; you can make the lock screen truly your own, with the information you need, the images you want — and with no ads!

    Read the full story in AskWoody Plus Newsletter 17.3.0 (2020-01-20).

  • 2020 patching starts with a bang!

    Posted on January 20th, 2020 at 01:05 Tracey Capen Comment on the AskWoody Lounge

    PATCH WATCH

    By Susan Bradley

    Patch Tuesday arrived on January 14, and it was not an auspicious start to the new year.

    An NSA warning about a newly revealed Windows vulnerability isn’t the only newsworthy event for January. Let’s recap:

    As we’ve discussed thoroughly on askwoody.com, millions of Windows users are saying goodbye (sort of) to the beloved Windows 7. For consumers, January’s updates are the last they’ll receive — barring some extraordinary event. Businesses still relying on Win7 machines (and there are possibly millions) get a three-year reprieve — if they take advantage of Microsoft’s Win7 Extended Security Updates (ESU) offering.

    Read the full story in AskWoody Plus Newsletter 17.3.0 (2020-01-20).

  • Say hello to the latest and greatest Microsoft Edge

    Posted on January 20th, 2020 at 01:00 Tracey Capen Comment on the AskWoody Lounge

    WOODY’S WINDOWS WATCH

    By Woody Leonhard

    Will Microsoft’s last-ditch effort to reinstate its Internet-browser hegemony succeed?

    There’s plenty to like about the new Chromium-based Edge — but plenty of shortcomings, too.

    Almost as soon as Microsoft won the Internet-browser race in the 2000s, its hold on that hard-fought market began to erode. By May 2007, Firefox was running on roughly a quarter of all Windows PCs. In 2009, Google’s Chrome burst onto the scene in a big way — and for Microsoft, it’s been all downhill ever since.

    Read the full story in AskWoody Plus Newsletter 17.3.0 (2020-01-20).