News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • More fixes for the VB/VBA/VBScript bugs in this month’s patches

    Posted on August 18th, 2019 at 07:10 woody Comment on the AskWoody Lounge

    On Friday evening, we got fixes for the VB “invalid procedure call” bugs in

    • Win10 1709
    • Win7
    • Win8.1
    • Server 2008
    • Server 2008 R2
    • Server 2012
    • Server 2012 R2

    On Saturday afternoon (US time), a few more appeared:

    • Win10 1809
    • Win10 1703
    • Win10 1607
    • Win10 1507
    • Server 2016
    • Server 2019

    Like the others, these are one-off patches that have to be installed manually or via a “Check for updates” click of death.

    We’re still waiting for fixes for Win10 1803 and 1903.

    There’s a reason why we’re on MS-DEFCON 2. Don’t install ANY of this month’s patches. Stay tuned.

    I still get a chuckle when people tell me that Win10 is the “last” version of Windows…

    UPDATE: Günter Born says, “But I received user feedback, that the issue isn’t completely fixed.” Oh boy.

  • Win7 and 8.1 Previews of Monthly Rollups – released on Saturday?

    Posted on August 18th, 2019 at 06:57 woody Comment on the AskWoody Lounge

    It looks like Microsoft rolled out its usual Monthly Rollup Previews for Win7, 8.1, and Server 2008 on Saturday afternoon, US time.


    The only listed improvements (this for Win7):

    This non-security update includes improvements and fixes that were a part of KB4512506 (released August 13, 2019) and also includes these new quality improvements as a preview of the next Monthly Rollup update:

    Addresses an issue that causes the svchost.exe that hosts the WSMan Service (WsmSvc) to stop working and stops other services in the same host process. This issue occurs when you run multiple instances of Windows Remote Management (WinRM).

    Addresses an issue that may prevent devices from starting when they start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM). The error is, “Status: 0xc0000001, Info: A required device isn’t connected or can’t be accessed.”

    I’m going to hazard a guess that, in spite of the verbiage in the KB article, these patches also include the VB fixes released on Friday. The KB article for Saturday’s Win7 patch mentions the buggy Patch Tuesday patch, but neglects to mention the fix for the VB bug released on Friday, KB 4517297.

    I bet that somebody decided to get the Monthly Rollup Previews out early so MS can tell people to install the Rollup Preview if they want to fix the VB bug. Once again we see a bug in a security patch fixed in a non-security patch.

    Ths @geekdom, @WildBill

  • DejaBlue update: We’re still safe.

    Posted on August 17th, 2019 at 10:05 woody Comment on the AskWoody Lounge

  • MS fixes the bug that causes a looooong delay in starting Internet Explorer

    Posted on August 16th, 2019 at 22:11 woody Comment on the AskWoody Lounge

    From four hours ago:

    On August 16, 2019 at 7:16 AM a server required for downloading the Internet Explorer 11 (IE11) startup page, went down. As a result of the server outage, IE 11 became unresponsive for some customers who had not yet installed the August 2019 security updates. Customers who had the August 2019 security update installed were not affected. In order to ensure your devices remain in a serviced and secure state, we recommend you install the latest monthly update.
    This issue was resolved on the server side at 1:00 pm PST.
  • Microsoft releases patches to fix the VB/VBA/VBScript bugs

    Posted on August 16th, 2019 at 21:59 woody Comment on the AskWoody Lounge

    Sometime in the past few hours, Microsoft released 18 new patches through the Update Catalog.

    They purport to fix the VB, VBA and VBScript bug in Tuesday’s patches.

    At this moment – 10 pm US Central time on Friday night – patches are only available for Win10 1709 (!), Win7, Win8.1, Server 2008, 2008 R2, 2012 and 2012 R2. The 1709 patch is documented. I don’t see any KB articles for the others – but that’ll likely change as the night wears on.

    We’re still at MS-DEFCON 2. Don’t install them. Let’s see what wails of pain emerge in the next 12 hours or so.

    Like I said on Monday:

    Traditionally, August finds Microsoft in a mid-summer lull, with lots of folks on vacation and more than the usual chances of surprising screw-ups from second-string staff. It’s an excellent month to sit on the sidelines and see what problems appear with the latest round of Windows and Office patches.

  • Do you want to protect yourself against BlueKeep, or break Visual Basic?

    Posted on August 16th, 2019 at 09:51 woody Comment on the AskWoody Lounge

    Gawd this is tiresome.

    If you read somewhere that you have to install the August patches, even though you read somewhere that you can’t install the August patches (e.g., if you use Juris), chill. The authors of those advisories are parroting things that they’ve read that they don’t understand.

    Installing patches right now is not a good idea. In very rare circumstances, you need to install a patch soon after it arrives. This isn’t one of those circumstances.

    Right now, we know for sure that these August patches break VB, VBA and VBScript in some situations. Günter Born has a good explainer, which points the finger at array handling. An anonymous follow-on post says it’s related to working with empty arrays.

    You’ll get hit if you’re using Raiser’s Edge, Financial Edge, Education Edge, Epic, Ivanti Workspace Control, or Juris. All have been mentioned by name in our forums.

    DejaBlue, on the other hand — BlueKeep II, III, IV and V — remain theoretical. They, like BlueKeep, will pose a threat at some point. But that point isn’t now.

    It looks like Metasploit is poised to add a BlueKeep module to its package at some point in the next week or two. You’re protected if you followed my instructions and have installed any Windows patch from May onward.

    Meanwhile, there are no credible reports that I can see of a BlueKeep infection. And DejaBlue? I haven’t heard of anything beyond bluescreens.

    Meanwhile, every local news show is telling people to patch now. Bah.

  • Microsoft quietly updates all of this month’s Windows patches warning about conflicts with Visual Basic 6, VBA and VBScript

    Posted on August 15th, 2019 at 07:05 woody Comment on the AskWoody Lounge

    Sometime in the past few hours, the KB articles for every August Windows patch have been updated with this “Known issue”

    After installing this update, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an “invalid procedure call error.”

    I can’t find any independent description of the problem. Can you?

    And… who tests this stuff anyway? It’s VB, fer heaven’s sake.

    More in Computerworld Woody on Windows.

  • The sky is not falling: DejaBlue (aka BlueKeep II, III, IV, V) are not being exploited in the wild

    Posted on August 14th, 2019 at 14:55 woody Comment on the AskWoody Lounge

    I’m hearing a lot of saber rattling, urging folks to install the latest Patch Tuesday patches to guard against the newly-discovered BlueKeep variants. One blog says, “So patch your PCs and spread the word. Millions of users around the world refuse to update their versions of Windows but, in this case, the threat is immediate, viral and very real.”


    Permit me to remind you that BlueKeep itself hasn’t been reliably exploited. The threat is real, but it’s not viral or immediate.

    That said, Kevin Beaumont thinks these new exploits may be able to circumvent Microsoft’s recommended “mitigation”: NLA may not break the infection chain.

    I’ll be keeping a close eye on developments. In the meantime, I still don’t see any pressing reason to install this month’s patches — and I’m seeing more and more reports of bugs.

    We’re still at MS-DEFCON 2.