|
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
Blog Archives
-
Looks like Win10 version 1903 will get a fix for the Windows Update “disappearing deferral dialog” bug
Posted on November 7th, 2019 at 06:53 Comment on the AskWoody LoungeI’ve seen it now on two systems, with my very own eyes.
One of Win10 1903 Pro’s most obnoxious bugs will probably get fixed next week.
If you’re concerned about updating Win10 version 1903, you probably know that there’s a bug in the Windows Update advanced options setting, where changing either the feature update or quality update deferral setting caused that entire piece of the dialog to disappear. The settings were still there, and they still had an effect on when your machine was updated. But you couldn’t see the settings, short of digging into Group Policy or the Registry.
Looks like the bug’s been fixed in the “optional, non-security” second October cumulative update for Win10 1903 — which means it’s likely to appear on Patch Tuesday next week.
Best I can tell, Microsoft has never acknowledged the bug, and they certainly haven’t announced that it’s been fixed.
I’m starting to warm up to Win10 1903.
Details on Computerworld. Woody on Windows
Thx @Bree on Tenforums, @Tex265, @b, @PKCano, @abbodi86
-
Reports of Surface Pro swamping \Temp folder with bogus .evtx files
Posted on November 4th, 2019 at 11:47 Comment on the AskWoody LoungeI don’t have many details at this point, but the most succinct description I can find is on the StackExchange forum, from Sam Axe:
Every few seconds a new
.evtxfile and a new.txtfile appear inc:\windows\temp. Each .evtx file has nearly identical content (except for timestamps), ditto the .txt files.
The .evtx files are roughly 7 MB large and contain almost 3600 events each. As you can imagine, this is filling up the HDD rather quickly. We deleted ~30 GB worth of these files earlier today.He’s had some luck with this solution:
We were able to resolve this by removing the “Surface” app via powershell:
Get-AppxPackage *surface* | Remove-AppxPackageCompletely removing the “Surface” app and rebooting appears to have solved the issue.
In the same thread, Camile reports that it doesn’t work all the time:
I’ve fixed 2 of these issues today by updating the windows to the latest 1903 build. The removal of the App worked on 1 but didn’t work for the other so just updated both.
The twist: It looks like this problem occurs sporadically on several different kinds of Surface devices and may (or may not) be triggered by a specific Windows update.
Anybody else hitting the problem? Does the Remove-AppxPackage solution work?
-
Take charge of Windows 10 and Office 365 updating
Posted on November 4th, 2019 at 01:05 Comment on the AskWoody LoungeWINDOWS PATCHING
By Susan Bradley
Recently, I started the process of migrating Windows Server 2008 R2 and Server 2012 R2 to Server 2019.
Unfortunately, Server 2019 (and 2016) has a problem in common with Windows 10 — limited user/administrator control over when and how the OSes get patched.
Read the full story in AskWoody Plus Newsletter 16.40.0 (2019-11-04).
-
BlueKeep now being used in attacks – but the sky isn’t falling
Posted on November 3rd, 2019 at 07:25 Comment on the AskWoody LoungeRemember BlueKeep – the “wormable” monster infection that was supposed to take over the Windows world?
Two months ago, I warned that there was a working exploit making the rounds.
We finally saw a slightly modified version of that Metasploit exploit used in a for-real infection. Except it isn’t nearly as scary as originally projected, doesn’t operate as a worm, and isn’t exactly taking the world by storm.
Kevin Beaumont found evidence of the infection in some honeypots he set up – but had stopped monitoring.
huh, the EternalPot RDP honeypots have all started BSOD'ing recently. They only expose port 3389. pic.twitter.com/VdiKoqAwkr
— Kevin Beaumont (@GossiTheDog) November 2, 2019
As expected, folks who have either disabled RDP or blocked port 3389 are fine. Still…
Word to the wise: If you haven’t updated your Win7 or Server 2008/Server 2008R2 machine since May, you better get on the stick.
See, there’s a reason why you have to update sooner or later.
Full details from Catalin Cimpanu at ZDNet. Thx GoneToPlaid (who just had a Tesla mode named after him).
UPDATE:
Since publishing, all BlueKeep activity that I could see has stopped.
— Kevin Beaumont (@GossiTheDog) November 4, 2019
-
MS-DEFCON 4: It’s time to get patched
Posted on November 1st, 2019 at 10:59 Comment on the AskWoody LoungeThe moment you’ve all been waiting for…
It looks like the October Windows patches are ready for prime time. The usual caveats — and there are many — apply. We also have special warnings for people running Win10 1903 with certain RealTek LAN adapters, and for folks who need to run older VisualBasic programs on 32-bit version 1903.
There’s no rush this month, by the way. Nothing in the patches screams for installation. But in the normal course of events you want to get patched. We’ve entered the normal course of events.
Full step-by-step updating details for everybody, from Win7 to Win10 1903, are in Computerworld Woody on Windows.
-
Another patch-induced conflict: Transport Layer Security fails with error 0x8009030f
Posted on October 30th, 2019 at 11:08 Comment on the AskWoody LoungeMicrosoft has acknowledged a problem with the latest patches for Win7, 8.1, Server 2008, 2008 R2, 2012, 2012 R2 and Server 2016 – Monthly Rollups, Security-only or (apparently) Previews of Monthly Rollups.
When attempting to connect, Transport Layer Security (TLS) and Secure Sockets Layer (SSL) might intermittently fail or timeout. You might also recieve one or more of the with the following errors:
- “The request was aborted: Could not create SSL/TLS secure Channel”
- error 0x8009030f
- An error logged in the System Event Log for SCHANNEL event 36887 with alert code 20 and the description, “A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.”
If TLS is failing on your up-to-date Win7, 8.1 or related Server based machines, now you know why. There’s a fix, documented in the KB article, but it’s messy.
Thx @abbodi86
-
Another dumb block: MS induced “VMware Workstation Pro can’t run on Windows”
Posted on October 30th, 2019 at 08:06 Comment on the AskWoody LoungeI just heard about this from Office Watch, but checking around, it’s also described on Tenforums and on the VMWare blog.
When you install any of the recent cumulative updates for Win10 1903 (the third cumulative update for September, or any of the three cumulative updates in October, including the most recent one), Windows starts blocking older versions of VMWare.
The reason? MS removed VMWare from the Windows Application Compatibility database.
Apparently VMWare version 15.5 — the latest version — gets around the block. But if you aren’t willing to pay for the latest version, you’re up the ol’ creek.
The solution is so utterly trivial it boggles even my pre-boggled mind. You rename the program that runs VMWare, C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe. The renamed file passes the Application Compatibility block, and you’re free to use the old version. Stupid.
Does anybody know if there’s a reason why VMWare versions prior to 15.5 are prohibited from running on post-September-updated versions of Win10 1903?
-
Where we stand with the October patches
Posted on October 29th, 2019 at 13:26 Comment on the AskWoody LoungeWhat a weird month. First we got the third round of patches for a zero-day in Internet Explorer (which never materialized) and then Start, Search and print bugs reappeared.
To date, most — but not all — of the bugs have been fixed.
Details in Computerworld Woody on Windows.
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Recent Replies
satrow on Considering upgrade, which components are worth retaining?
1 hour, 2 minutes agomn-- on Microsoft's Office 365 crashes worldwide
1 hour, 15 minutes ago- 1 hour, 26 minutes ago
aquatarkus on Considering upgrade, which components are worth retaining?
2 hours, 16 minutes agoPaul T on What we know about the Win10 version 1909 upgrade: Easily managed by most; tricky for some
2 hours, 29 minutes ago- 2 hours, 47 minutes ago
- 3 hours, 1 minute ago
b on PowerPoint 2016 Notes Page Automatically Resizing
3 hours, 9 minutes agoNibbled To Death By Ducks on Runaway Kernel/NT and Odd HDD Events
3 hours, 10 minutes agoanonymous on What we know about the Win10 version 1909 upgrade: Easily managed by most; tricky for some
3 hours, 10 minutes ago- 3 hours, 14 minutes ago
- 3 hours, 22 minutes ago
Pierre77 on Where to get Microsoft office
4 hours, 14 minutes agoMrJimPhelps on Facetime for Windows 8.1
5 hours, 30 minutes ago- 7 hours, 14 minutes ago
GoneToPlaid on Restoring to a New HDD with Macrium Reflect Free: Impossible-Software Ideas?
7 hours, 19 minutes ago- 7 hours, 20 minutes ago
zero2dash on Need a password manager
8 hours, 2 minutes agoabbodi86 on Microsoft posts Monthly Rollup Previews for Win7, 8.1, Server 2008 SP2, 2012 and .NET
8 hours, 41 minutes agoAscaris on Restoring to a New HDD with Macrium Reflect Free: Impossible-Software Ideas?
8 hours, 56 minutes ago