News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Microsoft updates its schedule for SHA-2 ‘critical’ Win7 update, now due in March

    Posted on February 16th, 2019 at 07:05 woody Comment on the AskWoody Lounge

    Remember the dire warning, back last November, that you had to install a forthcoming Win7 security patch in order to continue to receive security patches?

    I had an article in Computerworld about it:

    Microsoft is changing its method for electronically signing patches from an old approach known as SHA-1 to the much more secure SHA-2. If you want to continue to get Win7, Server 2008 and WSUS security patches, you need to install a patch in February or March that makes Windows SHA-2-conversant.

    I hadn’t heard anything more about the transition until @abbodi86 posted an update a few minutes ago. Ends up that Microsoft will push the patch in March, according to a new bulletin posted just a few hours ago:

    Starting in early 2019, the migration process to SHA-2 support will occur in stages, and support will be delivered in standalone updates. Microsoft is targeting the following schedule to offer SHA-2 support.

    March 12, 2019

    Stand Alone updates that introduce SHA-2 code sign support will be released as security updates.

    Windows 7 SP1,
    Windows Server 2008 R2 SP1

    July 16, 2019

    Required: Updates for legacy Windows versions will require that SHA-2 code signing support be installed. The support released in March and April will be required in order to continue to receive updates on these versions of Windows.

    I’m sure you Win7 fans will love the fact that “legacy Windows” now includes Win7, Server 2008, and Server 2008 R2, but nevermind….

    Nothing wrong with being a legacy, eh?

  • Miscellaneous, minor problems with the Patch Tuesday patches

    Posted on February 13th, 2019 at 08:30 woody Comment on the AskWoody Lounge

    So far the patching situation looks pretty good. Mind you, we’re still at MS-DEFCON 2, and unless you’re using Internet Explorer, there’s nothing lurking in the depths – so don’t patch yet. Yes, there were 20 “critical” patches. No, you don’t need to worry about them yet.

    When the patches first came out, the Knowledge Base articles had all sorts of strange omissions. They were fixed yesterday afternoon/evening US time. So now we know officially:

    • The Win10 1803 cumulative update fixed the problem where Edge was trying to get to local IP addresses – a bug most commonly reported with routers. KB 4487017 now says this cumulative update “Addresses an issue that prevents Microsoft Edge from connecting using an IP address.”
    • All of the Windows patches — Win7 thru Win10 1809 are now admitted to have yet another Japanese date bug: “previously abbreviated Japanese date and time strings no longer parse.” We’re talking a tough computer science problem here.

    The KB articles for Win10 1809, 1803 and 1709 say they have fixed the Access 97-era Jet database bug. “Addresses an issue that may prevent applications that use a Microsoft Jet database with the Microsoft Access 97 file format from opening. This issue occurs if the database has column names greater than 32 characters. The database fails to open with the error, “Unrecognized Database Format”.”

    There’s an odd report from Johnny_55 on the Microsoft Answers forum (thanks, Julia!):

    After installing KB4487044 [the Win10 1809 cumulative update], it disabled Windows Defender leaving it with the Red X, and not possible to scan. This was never an issue prior with any CU installed on Retail 17763. Putting it back online, updating and back working.

    Jack Smook, reporting on the Microsoft Answers forum, said:

    Updates (KB4487044) downloaded ok to 2 computers, but during installation, they both got an error message… We couldn’t complete the updates / Undoing changes / Don’t turn your computer off…

    Two folks who identified themselves as “Independent Advisors… here to help you with your question” gave advice. Both apparently resulted in BSODs.

    And there’s the usual expletive-laced posting of problems on Reddit.

    @abbodi86 notes that there was no Office 2010 Click-to-Run released. Likely culprit: Japanese date bugs.

    Anybody spot other notable bugs?

  • Patch Tuesday patches start rolling out

    Posted on February 12th, 2019 at 12:14 woody Comment on the AskWoody Lounge

    Martin Brinkmann is out with his usual monthly overview

    • Windows 7: 24 vulnerabilities of which 3 are rated critical and 21 are rated important.
    • Windows 8.1: 25 vulnerabilities of which 3 are rated critical and 22 are rated important.
    • Windows 10 version 1709: 29 vulnerabilities of which 3 are critical and 26 are important
    • Windows 10 version 1803: 29 vulnerabilities of which 3 are critical and 26 are important
    • Windows 10 version 1809: 28 vulnerabilities of which 3 are critical and 25 are important

    All versions of Windows, all versions of Server, Edge, IE, Office, .NET, and much more.

    May the odds be forever in your.. oh, nevermind.

    Dustin Childs has his Zero Day Initiative post – always good reading.

    …security patches for 77 CVEs along with three new advisories.

    Of these 74 CVEs, 20 are rated Critical, 54 are rated Important, and three are rated Moderate in severity. A total of 21 of these CVEs came through the ZDI program. Four of these bugs are listed as public and one is listed as being under active attack at the time of release.

    The actively exploited vulnerability:

    An attacker could use this to check for files on a target system if a user browses [with Internet Explorer] to a specially crafted website. Microsoft doesn’t list how this bug is being exploited in the wild, but it’s likely restricted to targeted attacks.

    And of course you aren’t using IE. Right?

    There are new Servicing Stack Updates for:
    Win10 v1607  KB 4485447
    Win10 v1703  KB 4487327
    Win10 v1709  KB 4485448
    Win10 v1803  KB 4485449
    Servicing stack updates only count if you manually install the Windows 10 cumulative updates. And, of course, you followed my Block Monday advice and wouldn’t dream of installing any patches, much less manually install Win10 cumulative updates.
    February 2019 Security Updates for Microsoft Office 2010, Office 2013, Office 2016, the Office Viewers, and SharePoint Servers are available on the Office Support Pages. These Updates are for the .msi versions of Office, not Office 365 or C2R.
  • Microsoft (finally!) acknowledges a bug in Win7 virtual machines after installing the January Monthly Rollup KB 4480963 or Security-only KB 4480964

    Posted on February 12th, 2019 at 09:51 woody Comment on the AskWoody Lounge

    Shout-out to Lounger Freeco, who first notified us of the bug almost two weeks ago.

    The KB articles now say:

    After installing this update, virtual machines may fail to restore after being “Saved and Restored” the first time. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

    This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (2nd-gen) microarchitectures.

    Workaround:

    After installing this update, shut down the virtual machines before restarting the host.

    Microsoft is working on a resolution and estimates a solution will be available by mid-February 2019.

    Which presumably means it’ll be fixed in today’s Win7 Monthly Rollup.

  • MS-DEFCON 2: It’s time, once again, to make sure Windows Automatic Updating is blocked

    Posted on February 11th, 2019 at 06:12 woody Comment on the AskWoody Lounge

    Tomorrow’s Patch Tuesday so that means today is… Block Monday. As in blockhead. Don’t be one. Make sure you have Automatic Update well and thoroughly turned off.

    Full step-by-step details in Computerworld Woody on Windows.

    This bears repeating:

    The current beta test version of the next (“19H1” or “1903”) version of Win10 Home includes the ability to Pause updates for seven days. While that’s certainly a step in the right direction, it doesn’t help much in the real world:

    • You can only Pause once, and only for seven days
    • You can’t Pause again without accepting all backed-up updates in the interim
    • You have to know in advance that a bad update is coming down the pike –  there’s no warning

    All of which makes Win10 Home “Pause updates” a really nifty marketing setting (“Look! You can pause updates in Win10 Home!”) that’s basically useless. Unless you’re Carnac the Magnificent.

  • Patch Lady: Still on Win7? Get over it, for security’s sake

    Posted on February 11th, 2019 at 05:02 woody Comment on the AskWoody Lounge

    Are you still running Windows 7? And if so, are you ready for its official end early next year?

    Here’s why I think moving to Windows 10 now is wiser than sticking with an OS that will become more and more unsecure.

    Susan Bradley takes a look at the risks of continuing beyond Jan. 14, 2020, with everybody’s favorite operating system. Well, almost everybody’s.

    In the new AskWoody Plus Newsletter issue 16.5.0 – out this morning.

  • Microsoft Security Response Center: The biggest malware threat comes from zero-days; delayed patches, not so much

    Posted on February 8th, 2019 at 10:04 woody Comment on the AskWoody Lounge

    Of course your greatest security threat lies between the ears and in the twitching clicking fingers of people at the console. That hasn’t changed, and likely never will.

    What’s startling to me, though, is that numbers from Microsoft now confirm that waiting 30 days to install those monthly patches realistically doesn’t put you at greater risk for getting clobbered by a cretin.

    Computerworld Woody on Windows.

    Thx, Susan!

  • Patch Lady – keeping track of Access issues

    Posted on February 6th, 2019 at 22:56 Susan Bradley Comment on the AskWoody Lounge

    A recent question of the forum reminded me that there was a recent post I saw about issues migrating to 1803 and it’s impact to Access databases.  As I posted in the forum post the situation was as follows….

    “Client has a database app written In MS Access. It imports data from an Excel spreadsheet using a macro. Reportedly, when the client O/S is 1803 the import corrupts his data and it needs to be repaired. Not so when the client O/S is 1709.”

    To fix this, the person did:

    Add the following Registry Values:

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]

    “FileInfoCacheLifetime”=dword:00000000
    “FileNotFoundCacheLifetime”=dword:00000000
    “DirectoryCacheLifetime”=dword:0000

    Sources for these reg edits below:

    1803 UPDATE SERIOUS ISSUE

    https://social.technet.microsoft.com/Forums/en-US/3cd934cc-cbc3-4bdc-8c29-8e486528ce9f/1803-update-serious-issue?forum=officesetupdeploylegacy

    Microsoft Access Database Corruption

    https://answers.microsoft.com/en-us/msoffice/forum/msoffice_access-mso_win10-mso_2016/microsoft-access-database-corruption/e933f760-f7f2-4b3e-9bc3-0061d5073219

    Access – Bug – Database is in an Unrecognized Format

    https://www.devhut.net/2018/06/13/access-bug-database-is-in-an-unrecognized-format/

    Access reports that databases are in an ‘inconsistent state’

    https://support.office.com/en-us/article/access-reports-that-databases-are-in-an-inconsistent-state-%ef%bb%bf-7ec975da-f7a9-4414-a306-d3a7c422dc1d?ui=en-US&rs=en-US&ad=US

    Not this is not the same as the Access 97 bug that impacts all Windows platforms with data tables longer than 32 characters.