|
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
Blog Archives
-
February 2020 Patch Tuesday foibles
Posted on February 11th, 2020 at 12:08 Comment on the AskWoody Lounge…. and… we’re off.
The Microsoft Update Catalog lists 151 separate patches. An enormous 99 different CVEs = individual security holes.
The Knowledge Base article for the Win10 1903 and 1909 patches does NOT list any fixes to the very-buggy “optional non-security C/D Week” patch. I’d be most interested in hearing about the long-standing Win10 1909 File Explorer Search bugs.
I don’t see a patch for Win7, in spite of the “Stretch”ed black wallpaper fix Preview released last week. No word on whether the manual-download-only fix is still clobbering boot files.
Dustin Childs’s report for ZDI covers all the bases. Worthy of note:
- That Internet Explorer JScript vulnerability, CVE 2020-0674, ADV200001 which Microsoft first talked about three weeks ago, is getting fixed. Except not for Win7, apparently, unless you pay for the patch. Microsoft lists it as being under active attack. Apparently it isn’t pressing enough to warrant an out-of-band patch, though, so those of you guarding state secrets and whistleblowers should probably worry about it sooner rather than later. The rest of us? I’ll wait until I see a widespread attack — or 0patch verifies that it’s plugged the problem.
- The CVE 2020-0674 security hole is the only one listed as “Exploited.”
Martin Brinkmann just posted his all-inclusive list. Five Win7 security holes that are only patched for Extended Support customers. The same five are fixed for Win8.1. Looks like Win10 versions 1803, 1809, 1903 and 1909 are all getting the same patches.
Microsoft has released patches for every version of Win10 (except version 1511), back to the original 1507, whether they’re supported or not.
The “classic” version of Edge is being patched, too, with 7 security holes filled. The Chromium based version of Edge was patched on Feb. 7. I’m surprised – there doesn’t seem to be a definitive statement about it – but it looks like the only fixed security holes in Chredge stem from the underlying Chromium engine.
There are new Servicing Stack Updates for Win7/Server 2008 R2 and for Server 2008. Wonder if those were re-issued because of the deleted boot files? There’s another SSU for Win10 1903 and 1909.
I expect we’ll hear much more about a pan-Win10 patch, KB 4524244, Security update for Windows 10, version 1607, 1703, 1709, 1803, 1809, and 1903: February 11, 2020. Childs seems to have missed it, although Brinkmann includes it. The description:
Addresses an issue in which a third-party Unified Extensible Firmware Interface (UEFI) boot manager might expose UEFI-enabled computers to a security vulnerability.
Seems very specific to one UEFI boot manager. I wonder which one?
-
More problems reported with the manual-install Win7/Server 2008 “Stretch” black wallpaper fix, KB 4539602
Posted on February 11th, 2020 at 07:56 Comment on the AskWoody LoungeRemember the manual-download-only patch For Win7/Server 2008 released late last week? It’s supposed to fix the bug introduced in last month’s Win7/Server 2008 R2 patches, which turn a “Stretch”ed wallpaper black. You may know it better as KB 4539602.
Surprise.
Microsoft changed the downloadable installation files yesterday. MS didn’t modify the Knowledge Base article, though, so we have no idea what changed, but that’s par for the course, eh?
There are widespread reports that installing the patch on Servers, in particular, may delete the boot file.
Details in Computerworld Woody on Windows.
-
MS-DEFCON 2: Make sure Windows is locked down in preparation for the Feb 2020 patches
Posted on February 10th, 2020 at 13:41 Comment on the AskWoody LoungeIf you’re running Win10 version 1903 or 1909 and followed my instructions last month, you’re in good shape – you have Pause Update in effect for several more weeks.
On the other hand… you really should check and make sure everything’s ready for tomorrow’s onslaught.
Step-by-step instructions in Computerworld Woody on Windows.
We’re at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
-
Are you running Win10 version 1903? Could you check something out for me?
Posted on February 9th, 2020 at 11:14 Comment on the AskWoody LoungeI have three bare-metal Win10 version 1903 machines.
None of them is showing the KB 4532695 “optional, non-security, C/D Week” patch for Win10 versions 1903 and 1909. I’ve only seen screenshots of that optional update being made available (“Download and install now”) on 1909 machines.
If you’re running Win10 1903 (type “winver” in the Search box), could you check and see if the optional update appears for you? Click Start > Settings > Update & Security. You should see it on the right.
Thanks!
-
New security patch for Chredge
Posted on February 8th, 2020 at 07:19 Comment on the AskWoody LoungeYesterday, Microsoft updated its ongoing Security Advisory for the Chromium based version of Edge, Security Advisory ADV2000002.
That’s Microsoft’s new way of telling you that it issued a security patch for Chredge that incorporates security patches contributed to the open source Chromium project. Since Chredge is based on Chromium, security patches to Chromium need to be rolled into Chredge.
No, it isn’t Patch Tuesday or Patch Tuesday related. It’s just kind of random at this point. Yes, that means we have another security cycle to worry about.
Chredge version 80.0.361.48 contains dozens of security patches. Günter Born has details.
-
Microsoft’s “optional, non-security” Win10 1903/1909 patch KB 4532695 having a host of problems
Posted on February 8th, 2020 at 06:03 Comment on the AskWoody LoungeThere’s a reason why you should never install an “optional, non-security, C/D Week” patch for any Windows 10 version. Last month’s is worse than most.
Mayank Parmar at Windows Latest presents an impressive list: Installation problems (par for the course), Blue Screens (decidedly above par), boot failure, performance slowdowns, Bluetooth problems, WiFi problems, audio problems… the list goes on and on.
Folks who install the “optional, non-security” patches need to know that they’re beta testing the fixes — even more than you normally beta test Microsoft’s patches.
There’s almost never any reason to click on Download and install now. In January, I had hopes that the Optional cumulative update would solve the File Explorer Search bug in Win10 1909. It didn’t.
The longer I work on warning people about bad Windows patches (16 years on AskWoody, before that in my books), the more I wonder what compels people to install the latest, untested patches.
Human nature, I guess. The eternal hope that something better waits just around the corner…
As Parmar notes, there’s no indication of problems on the official Windows Release Information Status page. In fact, I don’t see any updates there since November. Perhaps the effort has been abandoned?
-
Microsoft posts a manually-downloadable fix for their Win7 “Stretch” black wallpaper bug
Posted on February 7th, 2020 at 14:57 Comment on the AskWoody LoungeThis just out. Friday afternoon news dump time.
KB 4539602 Wallpaper set to Stretch is displayed as black in Windows 7 SP1 and Server 2008 R2 SP1
This update resolves the following issue:
-
Addresses an issue that might cause your wallpaper that is set to Stretch to display as black.
To get it you have to manually download the correct version from the Update Catalog and install. They’re marked “2020-01 Update” but dated 6 Feb.
I also noticed that we have a new Monthly Rollup Preview for Win7, KB 4539601, which only contains one acknowledged fix — precisely the same fix noted above. Although the Rollup Preview is dated January 31, in another long-nose Pinocchio move, Microsoft actually posted the KB article on Feb. 7, and they appear in the Update Catalog dated Feb 6.
Thx @Julia.
-
-
If Win10 Search is still giving you a black box…
Posted on February 6th, 2020 at 10:59 Comment on the AskWoody LoungeTake @teroalhonen’s advice and run this script.
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Recent Replies
PKCano on No fix for the Feb cumulative update “lost profile” bug in sight. I suggest you Win10 1903 and 1909 customers make sure Pause Updates is engaged.
4 minutes agoAscaris on Mesa 20 arrives– good news for Intel graphics users on Linux
18 minutes agoBrocktoon on No fix for the Feb cumulative update “lost profile” bug in sight. I suggest you Win10 1903 and 1909 customers make sure Pause Updates is engaged.
18 minutes agoKWGuy on No fix for the Feb cumulative update “lost profile” bug in sight. I suggest you Win10 1903 and 1909 customers make sure Pause Updates is engaged.
18 minutes ago- 32 minutes ago
joep517 on Windows 10's new icons are rolling out
45 minutes agogeekdom on Questions about KB4532693
49 minutes agobonbon on No fix for the Feb cumulative update “lost profile” bug in sight. I suggest you Win10 1903 and 1909 customers make sure Pause Updates is engaged.
50 minutes agoThe Surfing Pensioner on Can I NOW pause updates?
51 minutes agoKirsty on Update QB3205972
53 minutes ago- 59 minutes ago
CalixtoWVR1 on Home PC Network sees, but can\'t connect to other network pcs.
1 hour, 5 minutes agoCChamp on Can I NOW pause updates?
1 hour, 10 minutes agoNancySchwartz64 on February Win10 1903 and 1909 cumulative update, KB 4532693, causing desktops to disappear
1 hour, 11 minutes agoanonymous on Home PC Network sees, but can\'t connect to other network pcs.
1 hour, 25 minutes ago- 1 hour, 27 minutes ago
OscarCP on Aren't these the greatest performances of classical music?
1 hour, 52 minutes ago- 1 hour, 55 minutes ago
KYKaren on No fix for the Feb cumulative update “lost profile” bug in sight. I suggest you Win10 1903 and 1909 customers make sure Pause Updates is engaged.
1 hour, 57 minutes agoCarl on No fix for the Feb cumulative update “lost profile” bug in sight. I suggest you Win10 1903 and 1909 customers make sure Pause Updates is engaged.
1 hour, 58 minutes ago- 1 hour, 59 minutes ago
- 2 hours, 2 minutes ago
- 2 hours, 18 minutes ago
mentallo on No fix for the Feb cumulative update “lost profile” bug in sight. I suggest you Win10 1903 and 1909 customers make sure Pause Updates is engaged.
2 hours, 22 minutes ago- 2 hours, 34 minutes ago
- 2 hours, 41 minutes ago
b on No fix for the Feb cumulative update “lost profile” bug in sight. I suggest you Win10 1903 and 1909 customers make sure Pause Updates is engaged.
2 hours, 49 minutes agodph853 on No fix for the Feb cumulative update “lost profile” bug in sight. I suggest you Win10 1903 and 1909 customers make sure Pause Updates is engaged.
2 hours, 52 minutes ago- 3 hours, 5 minutes ago
Cybertooth on No fix for the Feb cumulative update “lost profile” bug in sight. I suggest you Win10 1903 and 1909 customers make sure Pause Updates is engaged.
3 hours, 10 minutes ago