News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • About that Flash-zapping patch, KB 4577586? One leeetle problem. It doesn’t remove Flash.

    Posted on October 27th, 2020 at 21:08 woody Comment on the AskWoody Lounge

    Earlier today Microsoft released KB 4577586, the “Update for the removal of Adobe Flash Player: October 27, 2020.” As Susan notes in the entry below, it’s only available if you manually download and install it from the Microsoft Catalog.

    Now comes word from Lawrence Abrams at BleepingComputer that the patch doesn’t do anything of the sort:

    In our tests, though, Adobe Flash Player remained installed after installing the update… When we checked the Adobe Flash Player component in Microsoft Edge, it was still installed after installing the update.

    Let’s hear it for Microsoft’s testers – the unpaid ones, at least.

     

  • Patch Lady – if you use WSUS can I get your feedback?

    Posted on October 23rd, 2020 at 12:52 Susan Bradley Comment on the AskWoody Lounge

    https://www.surveymonkey.com/r/WSUSSurvey

    The first ever unofficial survey on Microsoft’s on premise patching tool called WSUS.

    If you use the platform, can you fill out my unofficial survey please?  I will be sharing the results in a few weeks.

  • Where we stand with the October patches

    Posted on October 22nd, 2020 at 00:26 woody Comment on the AskWoody Lounge

    The run-of-the-mill cumulative updates had all the usual problems. But the other patches were a bit odd.

    I’m still amazed that the cumulative updates went out with a hard bug in an HP app, but HP has fixed its wayward ways.

    And we still don’t have the announced security fix for Microsoft Dynamics 365 Commerce.

    Winter – and version 20H2 – are coming.

    Details in Computerworld Woody on Windows.

  • Is KB 4580980, the .NET update preview for 1903 and 1909, being installed even if you don’t “seek” for it?

    Posted on October 20th, 2020 at 21:12 woody Comment on the AskWoody Lounge

    A distressing post from @Brockton:

    I’m running Win10 Home 1909 which was current with the October updates and currently updates are NOT paused.  I still have v2004 sitting in my update screen as an optional ‘download and install’.

    I just had a notification pop-up to restart my computer.  It turns out KB4580980 downloaded and installed without me checking for updates.  I figured with this being a preview it would be optional.  Note that when I system did it’s usual auto-check for updates it pushed the .NET preview without my permission.

    I know the thought was that if you un-pause updates it may perform a check and pull down the .NET preview … BUT my updates were not paused and it still auto-installed the .NET preview.  It was not optional like it used to be…

    it seemed to act like a standard ‘Patch Tuesday’ update that you’d typically pause and prepare for.  But I’m used to the preview patches showing as optional so I kept my updates un-paused not expecting this unless I manuall check for updates.  It seemed to get pushed through like the monthly standard updates that you get even if you don’t ‘seek’.

    Can you confirm? I’m not seeing it – but I’m paused.

  • Microsoft has released October 2020 “C” Week Preview Updates for 1809, 1903 and 1909

    Posted on October 20th, 2020 at 13:16 PKCano Comment on the AskWoody Lounge

    Microsotf has released October “C” Week Cumulative Update Previews for Win10 versions 1809, 1903 and 1909

    KB4580386 for 1903/1909
    KB4580390 for 1809

    Highlights for versions 1903/1909 include:

    • Introducing Meet Now in the Windows 10 Taskbar

      Earlier this year we introduced Meet Now in Skype. Meet Now makes it easy to connect with anyone in as little as two clicks for free and each call can last up to 24 hours. Today, we’re excited to share that we will be extending this capability in Windows 10 by bringing Meet Now right to the taskbar. In the coming weeks, you will be able to easily set up a video call and reach friends and family in an instant by clicking the Meet Now icon in the taskbar notification area. No sign ups or downloads needed.

    • Updates an issue that might prevent a Microsoft Xbox Game Pass user from playing certain games that are eligible for play.
    • Updates a reliability issue that causes the screen to flash constantly.
    • Updates an issue that causes a USB printer port to disappear after restarting when the printer device is turned power off.

    There is a substantial list of fixes for all versions but no impending need to install any of them.

    .NET updates Previews for 1809, 1903, and 1909 have also been released:
    KB4580980 for .NET 3.5/4.8 for 1903/1909
    KB4580979 for .NET 3.5/4.8 for 1809
    Thx @abbodi86

  • SwiftOnSecurity on Patch Tuesday

    Posted on October 17th, 2020 at 20:41 woody Comment on the AskWoody Lounge

    Man, ain’t that the truth….

  • HP Issues Sure Click Enterprise 4.2 Patch 1 to fix Initialization Failures caused by Windows Updates (October 2020)

    Posted on October 16th, 2020 at 10:34 PKCano Comment on the AskWoody Lounge

    Posted on October 15, 2020, HP announced the release of HP Sure Click Enterprise 4.4 Patch 1 and Bromium Secure Platform 4.1 Update 8 (Patch 5) to fix Initialization failures caused by October 2020 Windows Updates.

    Issue Description

    After installing any of the referenced Windows Update KBs below, HP Sure Click Enterprise and Bromium Secure Platform will be unable to successfully initialize. New initialization attempts will fail with error UPDATEGUEST_NETWORK_SETUP_FAIL. Your devices will continue to work until a new initialization is needed, giving you additional time to rollback the Microsoft KBs. New initialization requests would generally be caused by:

    • Upgrading supported applications to a new major version, such as Chrome, Microsoft Office or Adobe Reader.

    • Manually requesting a new initialization from the Desktop Console

    • Installing a new version of HP Sure Click Enterprise

    This is a list of the Windows Updates affected

    • KB4579311 – Windows 10 Version 2004 x64
    • KB4577671 – Windows 10 Version 1903 x64
    • KB4577671 – Windows 10 Version 1909 x64
    • KB4577668 – Windows 10 Version 1809 x64
    • KB4580330 – Windows 10 Version 1803 x64
    • KB4580328 – Windows 10 Version 1709 x64
    • KB4580346 – Windows 10 Version 1607 x64
    • KB4580327 – Windows 10 RTM x6

    HP Sure Click Enterprise 4.2 Patch 1 Released.

    According to Windows Central

    There’s HP Sure Click Enterprise. HP calls this the “world’s most secure endpoint application isolation and containment solution.” Supported on Windows 8 and Windows 10, Sure Click Enterprise brings enhanced run-time protection with non-persistent virtual machines. It can also protect user credentials from phishing attacks and supports large-scale deployments.

    Gunter Born has more details on Born’s Tech and Windows World.

  • Another HEVC codec bug fixed via the Microsoft Store – plus a couple of updates on this month’s mayhem

    Posted on October 15th, 2020 at 22:58 woody Comment on the AskWoody Lounge

    Back in July I wrote about two weird Microsoft Store patches for a couple of security holes in the HEVC codecs, which are programs that Microsoft created to let you play Apple HEVC files. (Protip: You probably don’t have them, unless you’ve installed codecs from the Store.)

    Now comes word that we have another identified security hole in that same HEVC codecs,

    CVE-2020-17022

    This warning isn’t for everybody. Per MS,

    Only customers who have installed the optional HEVC or “HEVC from Device Manufacturer” media codecs from Microsoft Store may be vulnerable.

    So unless you’ve specifically downloaded the Microsoft codec, you don’t need to worry about it – but be aware that this one is also coming through Windows Update the Microsoft Store. There’s a lengthy discussion of versions in the KB article.

    The announcement also says that CVE-2020-17022 is a security hole in Remote Desktop Services, but it isn’t. Be calm, grasshopper.

    There’s also a bug for Visual Studio programmers, CVE-2020-17023, which involves opening a nasty package.json file. If you’re using Visual Studio, watch out.

    Finally, we have CVE-2020-16943, which was just updated (the original notice was released on Patch Tuesday). The problem? This security hole is in Microsoft Dynamics 365 Commerce. Microsoft posted about the fix on Patch Tuesday and then decided, two days later, to tell people that it doesn’t yet have a fix:

    The security update for Dynamics 365 Commerce is not immediately available. The update will be released as soon as possible, and when it becomes available, customers will be notified via a revision to this CVE information.

    Golly.