Daily Archives: February 18, 2020
-
Still running Win10 v1809 or earlier? Watch out for KB 4023057!
Posted on February 18th, 2020 at 19:45 Comment on the AskWoody LoungeThe Infamous “Let us help you get upgraded” patch KB 4023057 has once again raised it’s ugly head. Each time it is re-released, the newer version makes it again eligible for Windows Update. Looks like Microsoft may be getting ready to push Force Upgrades to versions of Win10 prior to v1903/1909.
This time.KB 4023057 is listed and 2019-12 Update for Windows 10. The last one was listed as “2019-08,” so it has been revised again and will need to be hidden again.
Here is the description of what it does according to Microsoft:Notes about this update
-
This update may request your device to stay awake longer to enable installation of updates.
Note The installation will respect any user-configured sleep configurations and also your “active hours” when you use your device the most.
-
This update may try to reset network settings if problems are detected, and it will clean up registry keys that may be preventing updates from being installed successfully.
-
This update may repair disabled or corrupted Windows operating system components that determine the applicability of updates to your version of Windows 10.
-
This update may compress files in your user profile directory to help free up enough disk space to install important updates.
-
This update may reset the Windows Update database to repair the problems that could prevent updates from installing successfully. Therefore, you may see that your Windows Update history was cleared.
-
-
.NET Core non-security Feb 2020 Updates are out for 2.1.16, 3.0.3, and 3.1.2
Posted on February 18th, 2020 at 15:34 Comment on the AskWoody LoungeI don’t know anybody who installs non-security .NET patches, but if you’re among the elite who do, there are full details on the .NET Blog.
-
The Chredge “new tab” page won’t let you hide the Search box, or choose a search provider other than Bing, for the foreseeable future
Posted on February 18th, 2020 at 13:57 Comment on the AskWoody LoungeJust saw this tweet from Rafael Rivera:
Edge team still has no plan to let you choose your own search provider (or hide the search box completely) on the New Tab Page. The battle continues.
He includes a screenshot from the Chredge team’s Top Feedback Summary for February 11:, which shows that these proposed feature improvements have been on the list for the past six months:
And they’re still “Under review.” Sigh.
-
Born: “You don’t have permission to shut down and restart this computer” bug now evident on Win10 machines
Posted on February 18th, 2020 at 09:40 Comment on the AskWoody LoungeRemember the problem reported two weeks ago, where Win7 would stall on shut down, displaying the message “You You don’t have permission to shut down this computer”?
Günter Born is back with repeated reports that the same message now appears on Win10 machines:
Looks like the prime suspect is Adobe Creative Cloud but Born also points the finger at BitDefender Total Security and the January .NET Framework 4.8 patch.
Born has a link to Microsoft’s admission that the
patchproblem exists:On February 13, 2020, Paul Sey, Microsoft employee and owner of Microsoft Answers forum wrote here:
“We’ve identified and resolved the issue, which was related to a recent Adobe Genuine update that impacted a small number of Windows 7 users. Adobe has fully rolled back the update automatically for all impacted customers. No action is needed by customers. If you are still experiencing the issue, it will be resolved shortly via an automatic update.”
But, as you can readily confirm, either the link is bad or Microsoft has yanked it.
Sergiu Gatlan at Bleeping Computer has a screenshot of Paul Sey’s reply, but I’ll be hanged if I can find it. Can you?
UPDATE: Paul Sey’s comment is back — I could’ve sworn it wasn’t there early this morning when I checked. Thx to the commenters who pointed me to it! I note in passing that it still hasn’t been added to the Release Information Status page — perhaps because Microsoft considers it to be an Adobe bug.
-
Surface Laptop 3’s Spontaneous Cracked Screens?
Posted on February 18th, 2020 at 08:57 Comment on the AskWoody LoungeA growing number of customers on Microsoft’s Answers Forum and Reddit are complaining that their nearly new Surface Laptop 3’s have developed spontaneous cracks in the screen. It appears that these devices are all the non Alcantara variety and are Aluminum only. Customers are posting pictures like the one below showing the issue in Microsoft’s Answers Forum.
Customers state that they did not drop, bang, or mistreat these devices or expose them to extreme temperature swings. So far, Microsoft outsourced forum support has been treating these as individual physical damage claims. For those who spent the extra money on Microsoft Complete, there is better coverage, albeit there is a $49 cost and there are only two “incidents” covered and this counts as one. One customer contacted support and states: “ I am currently waiting to hear back from Microsoft after numerous complaints…. they are taking forever but I finally got someone to admit they were investigating reports of the same issue. They said they had no time frame for a resolution or reply “
Reports of this issue are growing. Here’s a partial list of complaint threads:
https://www.reddit.com/r/Surface/comments/ee17oc/surface_laptop_3_screen_cracked/
https://www.reddit.com/r/Surface/comments/e7zohz/surface_laptop_3_cracked_screen/
https://www.reddit.com/r/Surface/comments/ew4247/cracked_screen_new_laptop/
One customer writes: “ Soon after using it I noticed that the hinge would make a creaking sound when I opened it and the bottom chassis would do so as well when I lifted it applying even the slightest pressure. In addition to hearing the chassis creak, you can feel it flex when it happens. “
It appears that if you are afflicted with this issue and are able to get to an official Microsoft Store, you may be able to convince the Store Manager to waive charges, as Nightryder21 reports:
Clearly, something is amiss here and the typical silence from Microsoft is deafening. Panos Panay, are you listening?
-
Running a SQL Server? Heads up! You need to install this month’s patches quickly
Posted on February 18th, 2020 at 07:25 Comment on the AskWoody LoungeI just saw a notification that the SQL Server security hole known as CVE-2020-0618 has been cracked. Per Kevin Beaumont:
Ah bums, there’s an exploit for CVE-2020-0618 (Feb 2020 SQL vuln). The good news: it’s not yet point and click. The bad news: it will be, this will be a big enterprise vuln.
CVSS score 9.7, very easy to exploit but depends on SQL Reporting Services being installed. Some ICS solutions install it, as does Microsoft EPM (Project Server). I’ll keep thread updated if I see any scanning in the wild.
One thing if it helps people, although the MS advisory says it only impacts SQL Server 2012+, it appears to also impact SQL Server 2008 too (which is out of support).
He points to Jin Wook Kim’s Proof of Concept code on Github. In the comments, you can find reference to the original PoC on MDSec.co.uk.
If you aren’t running a SQL Server, or don’t know SQL Server from a hole in the ground, no need to sweat it. But if your company has SQL Server, somebody better let the admins know.