Newsletter Archives

• The three Win10 version 1809 builds, what they mean, and what they break

  Posted on October 10, 2018 at 06:57 CDT by woody • Comment in the Forums

  If you were brave/foolhardy enough to install Win10 1809, there’s some relief in yesterday’s Cumulative Update.

  There are three builds of Win10 1809 now, each with their own… let’s call them foibles…

  0.01% of seekers got their Documents folder zapped? Pshaw. I’ve heard that folks fed the 1809 upgrade through WSUS also saw their Documents and Photos folders cleaned out. Can you corroborate?

  Computerworld Woody on Windows.

  Windows Patches/Security Win10 1809

• Patch Tuesday: The good, the bad, the ugly and the hopeless

  Posted on October 9, 2018 at 12:47 CDT by woody • Comment in the Forums

  Patch Tuesday patches are rolling out right now and there’s a bunch of them.

  Quick glance on the Microsoft Update Catalog shows 104 individual patches, dated Oct. 5 to 8 (none for Oct. 9 that I can see).

  Microsoft’s master list is here.

  I’m perplexed by the first cumulative update for Win10 version 1809, KB 4464330:

  Addresses an issue affecting group policy expiration where an incorrect timing calculation may prematurely remove profiles on devices subject to the “Delete user profiles older than a specified number of day.”

  There’s no indication if that fixes all of the disappearing Documents, Photos, etc., files that some encountered. Although it may well explain the “Delete user profiles” GPO problem. If it makes any difference, there’s been no change in the “Known issues” section of the original Win10 1809 release, KB 4464619. If Microsoft fixed the file deletion problem, they didn’t change the KB article to reflect the fix.

  There’s also no indication if this means the forced upgrades from 1803 to 1809 are poised to begin.

  Martin Brinkman at ghacks.net has his usual comprehensive list:

  • Windows 7: 13 vulnerabilities of which 2 are critical and 11 are important.
  • Windows 8.1: 14 vulnerabilities of which 2 are critical and 12 are important.
  • Windows 10 version 1607: 19 vulnerabilities of which 3 are critical and 16 are important.
  • Windows 10 version 1703: 18 vulnerabilities of which 3 are critical and 15 are important.
  • Windows 10 version 1709: 20 vulnerabilities of which 3 are critical and 17 are important.
  • Windows 10 version 1803: 20 vulnerabilities of which 2 are critical and 18 are important.
  • Windows 10 version 1809: 19 vulnerabilities of which 3 are critical and 16 are important.

  Dustin Childs on the Zero Day Initiative page weighs in:

  Microsoft released 49 security patches and two advisories covering Internet Explorer (IE), Edge, ChakraCore, Hyper-V, Exchange, Windows components, .NET Core, SQL Server, and Microsoft Office and Office Services. Of the 49 CVEs, 12 are listed as Critical, 35 are rated Important, one is rated as Moderate, and one is rated Low in severity. A total of eight of these CVEs came through the ZDI program. Three of these bugs are listed as publicly known at the time of release and one of these is reported as being actively exploited.

  We also got a Servicing Stack Update for Win10 1809, KB 4465477. If you’re manually installing the cumulative update for 1809 (sanity alert), be sure to get the SSU installed first. Thx @KPRP42.

  The only hole known to be actively exploited is a privilege escalation bug, which means the attacker has to be running on your machine already before they can take advantage of the bug.

  There’s a bumper crop of Office security patches, for Office 2010, 2013, 2016, several viewers, SharePoint Server 2010, 2013 and 2016.

  The SANS Internet Storm Center posted its usual overview, confirming that only one bug is currently known to be in use, and it’s a privilege elevation bug.

  Windows Patches/Security October 2018 Black Tuesday

• Keizer: Lab rats, Windows 10 and the importance of being last

  Posted on October 9, 2018 at 07:33 CDT by woody • Comment in the Forums

  Gregg Keizer just nailed it again:

  The file-deletion flaw that plagued last week’s rollout of the Windows 10 October 2018 Update shows how Microsoft uses consumers to test out the OS so its important customers – businesses – are protected.

  For Microsoft, a mistake and resulting upgrade retraction like this is a feature, not a bug, of its Windows 10 release strategy.

  Keizer explains how consumers are used as lab rats.  I tend to think of them (which is to say, us) as cannon fodder, but the simple fact is that Microsoft can and will push its bad updates on you, unless you’re connected to an update server, or you have Win10 Pro or Education set properly. Even if you have Win10 Pro set properly, Microsoft may still “forget” to honor its own settings.

  Right on. Check it out.

  (Yes, for those who ask, I do forgive Gregg for mis-spelling my name. Again. It’s the copyeditors I wonder about.)

  Windows Patches/Security Win10 1809

• Avoiding the ransomware protection in Win10

  Posted on October 8, 2018 at 08:10 CDT by woody • Comment in the Forums

  A real eye-opener from researcher Soya Aoyama, from a presentation at Derbycon 2018.

  Thx Catalin Cimpanu, @campuscodi

  Windows Patches/Security Win10 ransomware

• MS-DEFCON 1: There’s no reason in the world to leave Automatic Update turned on

  Posted on October 8, 2018 at 07:51 CDT by woody • Comment in the Forums

  Time to turn off Automatic Update again.

  If you survived the brutal barrage of bad patches in July, and avoided the 1809 carnage last week, you should understand why.

  Details in Computerworld: Woody on Windows.

  Windows Patches/Security MS-DEFCON 1, October 2018 Black Tuesday

• MS-DEFCON 1: If you didn’t get the September updates installed, fuhgeddaboutit

  Posted on October 6, 2018 at 05:35 CDT by woody • Comment in the Forums

  My previous MS-DEFCON 3 setting didn’t apply to clicking “Check for updates,” of course. But this is getting stupid.

  There’s no good reason to update anything right now.

  Nothing.

  MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.

  Windows Patches/Security MS-DEFCON 1, October 2018 Black Tuesday

• Microsoft yanks the Win10 1809 upgrade

  Posted on October 6, 2018 at 05:12 CDT by woody • Comment in the Forums

  

  UPDATE and some corrections in Computerworld Woody on Windows.

  In the past few hours — very early Saturday morning US time — Microsoft pulled the Win10 version 1809 upgrade package. Details are sparse (yawn, as I grab a cup of coffee), but it looks like the official Download Windows 10 page is on version 1803, and ISOs have disappeared.

  The KB 4464619 article now states:

  We have paused the rollout of the Windows 10 October 2018 Update (version 1809) for all users as we investigate isolated reports of users missing some files after updating.

  If you have checked for updates and believe you have an issue, please contact us directly at +1-800-MICROSOFT or find a local number in your area https://support.microsoft.com/en-us/help/4051701/global-customer-service-phone-numbers.

  If you have access to a different PC, please contact us at https://support.microsoft.com/en-us/contactus/ (link will vary according to country of origin).

  If you have manually downloaded the Windows 10 October 2018 Update installation media, please don’t install it and wait until new media is available.

  We will provide an update when we resume rolling out the Windows 10 October 2018 Update to customers.

  Permit me to provide an English-language translation:

  If you were gullible enough to believe the breathless reviews about a product that’s marginally better than what you have, and you trusted Microsoft enough to install it on your machine as quickly as you could, the joke’s on you.

  Moral of the story: Listen to what the experienced Windows folks say. It’s happened before, and it’ll happen again.

  This time it’s particularly dire, because I have no idea how Microsoft is going to restore the data it deleted.

  My Recuva trick for restoring deleted data doesn’t work all the time. Recuva itself doesn’t work all the time, even in the best circumstances (particularly on solid state drives). This isn’t one of those best circumstances.

  Note the strategic timing of the announcement. Microsoft has known about this bug since October 2. I reported on it, along with a workaround that works most of the time, on October 4. They waited until early Saturday morning, October 6, to acknowledge the problem and pull the plug.

  Anybody who tells you to install patches immediately should be drawn and quartered.

  Windows Patches/Security Win10 1809 bugs

• WHY are 1809 upgraders getting their files zapped?

  Posted on October 5, 2018 at 05:58 CDT by woody • Comment in the Forums

  I’ve been looking at reports from all over the world, and can’t find a pattern. Some people got hit, others didn’t, and I have no idea why.

  If you had your documents, pictures, or other files deleted on the road to 1809, please post on this Reddit thread and help Microsoft figure it out.

  And make sure to tell your friends that all is not lost. A quick run of Recuva should bring the deleted files back.

  UPDATE: There’s some question as to whether Recuva can recover 1809-upgrade-deleted-files from an SSD. Lots of moving parts. If you’ve hit the 1809-upgrade-deleted files problem, and they were deleted from an SSD, I’d appreciate your advice!

  After that, you can roll back the upgrade. Which ain’t a bad idea.

  Windows Patches/Security Win10 1809 bugs

• Patch lady – Icewarp warns of issues for 1809

  Posted on October 4, 2018 at 10:41 CDT by Susan Bradley • Comment in the Forums

  Patch Lady here – with another report/reinforcement of why deferring feature updates is wise.  Icewarp is an email platform that some small businesses use.  They are reporting issues with 1809 and interaction with Outlook 2010:

  Windows 10 Update Error

  Hello Susan,

  The new Windows 10 update called “October 2018 Update” (Windows 1809) has recently been released. Unfortunately, it brings a critical problem to older versions of Microsoft Outlook (2010 and older) that can negatively affect our IceWarp OutlookSync plugin and the synchronization of data may possibly end up with an error. The IceWarp support team has also received reports from our customers about smaller issues with newer versions of Outlook (particularly Outlook 2016) after updating Windows 10 to “October 2018 Update”.

  The IceWarp development team is currently working on a patch, which will address the described problems from the side of our OutlookSync plugin. We are confident this patch will be released late next week.

  In the meantime, we recommend you to postpone the “October 2018 Update” for your Windows 10 users, or roll-back the update if you are experiencing the temporary synchronization issues as mentioned previously.

  Thanks for your patience and understanding while we address these issues.

  Windows Patches/Security Patch Lady Posts, Win10 1809 bugs

• Win10 version 1809 buglog – including troubling tales of lost user data

  Posted on October 4, 2018 at 08:05 CDT by woody • Comment in the Forums

  I’m keeping a log of bugs that are uncovered in the just-released Win10 version 1809. Not that I recommend you install it, mind you — quite the opposite. But I figure the world could use a one-stop bug shop, to stay on top of things.

  So far, we have one officially recognized bug:

  Intel Audio displays an intcdaud.sys notification. Microsoft and Intel have identified a compatibility issue with a range of Intel Display Audio device drivers that may result in excessive processor demand and reduced battery life. As a result, the update process to Windows 10, version 1809 fails (KB4465877).

  Customers who see this notification when setting up their Windows 10 October 2018 Update have an Intel Audio Display device driver (intcdaud.sys, versions 10.25.0.3 – 10.25.0.8) installed on their systems.

  On the “What needs your attention notification”, select the backbutton to remain on your current version of Windows 10.

  And a bunch of unacknowledged problems, with the most distressing involving deleted user data:

  • I’m seeing reports all over about user data getting deleted during the upgrade. Still don’t see a unifying cause. (Brad Sams has an independent report on Petri.com.)
  • Various user folders (in this case C:\Users\Public\Documents and C:\Users\<user>\Documents) disappear.
  • Entire user profiles disappear. In this case, the problem may be with the Group Policy setting “Delete user profiles older than a specified number of days on system restart.” But this thread says that’s bunk, because the problem occurs on Home machines.
  • Deleted almost all the data on a solid state drive. It’s possible that the data was shuffled off to OneDrive, and is sitting there awaiting a full sync.
  • There’s the always-reliable problem set with the installer trying to bring in bad drivers.
  • The installer uninstalls CCleaner — which may be a bug or a feature, your choice.
  • If you disable IPv6,  the Edge and Microsoft apps won’t connect to the Internet.
  • Some issues with dark mode file explorer.

  The known problems with Task Manager are supposedly solved in the next-next version of Win10, RS6 version 19H1, which moved to build 18252 yesterday:

  • We fixed the issue causing Task Manager to report inaccurate CPU usage.
  • We fixed the issue where the arrows to expand “Background processes” in Task Manager blink constantly and weirdly.

  Of course, that doesn’t fix the bug in Win10 version 1809, but it’s likely that we’ll see a fix in the first cumulative update (which I expect next Tuesday).

  There are the usual problems with PCs that don’t upgrade properly — an HP notebook, for example, that hangs during the upgrade process and another report blaming UX Patcher.

  Have you hit a bug? If so, please reply to this post and include links whenever possible.

  (edit: Added link to ipv6 issue and dark mode)

  Windows Patches/Security Win10 1809 bugs

• Word to the Win10 wise: Don’t click “Check for Updates”

  Posted on October 3, 2018 at 07:01 CDT by woody • Comment in the Forums

  It’s like deja vu all over again.

  Microsoft pulled the Seeker stunt — upgrading Win10 machines to the latest version on a “Check for updates” — when they rolled out Win10 1803. Now, we’re getting the same behavior, except this time it’s fully (and unabashedly) documented.

  How do they get away with this stuff?

  Computerworld Woody on Windows.

  Windows Patches/Security seeker, Win10 1809

• As expected, Win10 version 1809 launched today – but don’t panic

  Posted on October 2, 2018 at 17:19 CDT by woody • Comment in the Forums

  Win10 1809 officially dropped a couple of hours ago, but you won’t get bit by it – won’t get tossed into the extended unpaid beta testing phase – unless you go looking.

  Microsoft has an official guide to the update rollout here:

  While we encourage you to wait until the update is offered to your device, if you’re an advanced user on an actively serviced version of Windows 10 and would like to install the Windows 10 October 2018 Update now, you can do so by manually checking for updates. In the Search box in the taskbar, type “Check for updates.” Once there, simply click “Check for updates” to begin the download and installation process. We are also streamlining the ability for users who seek to manually check for updates by limiting this to devices with no known key blocking issues, based on our ML model. If we detect that your device has a compatibility issue, we will not install the update until that issue is resolved, even if you “Check for updates.”

  So breathe easy for now and don’t Check for updates.

  UPDATE: Preston Gralla has a thorough — not fawning — review in Computerworld.

  Windows Patches/Security Win10 1809
• « Older Entries

  Newer Entries »