-
Thought I’ve posted it already here – but probably got lost. I’ve summarized that within the blog post: Windows 10 20H2: lsass.exe crashes (Oct. 2020) a few days ago. Then I forwarded the links to Microsoft’s social media teams responsible for Windows Update and WindowsITPro, and I’ve escalated a MS answer case to all MS moderators and asked to forward the case to developers. But I haven’t any feedback.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
Made also the experience, that Adobe Flash files was left in WinSxS – found them with a search. Was able to execute FlashUtil_ActiveX.exe as administrator from WinSxS folder. An Adobe uninstaller window is shown – but the uninstaller didn’t do anything. I’m confused.
Also I received feedback from a user, that the update for Windows Server 2012 R2 wasn’t installable.
Update KB4577586 removes Flash in Windows 8 – 10/Server
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
This reply was modified 4 years, 6 months ago by
. Reason: typos
-
This reply was modified 4 years, 6 months ago by
5 users thanked author for this post.
-
This reply was modified 4 years, 6 months ago by
-
Still remember some cases I’ve seen in the internet, where Firmware Updates from Microsoft broke their Surfaces – so users had to send the devices back to get a replace.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
1 user thanked author for this post.
-
As Woody mentioned – the update – during patchday, in a modest silent way would be ok. But not that marketing driven b******t, they are enrolling to consumer machines only.
Side note: I remembered an episode from the 90s, when my employer did send through various management seminars. In one of these seminars we were coached by a psychologist on ‘How to motivate our employees properly’ (wasn’t bad and carried me for the last 30 years). His statement at that time about what you should never do: ‘Never act like some mothers who force their child to clean up their room and then expect or demand that the child does it with joy – that goes wrong and ends in a refusal attitude’. Why did this sentence suddenly came to my mind, when I read Woody’s story …
Side note #2: Guess it’s time, that the European Commission (EC) re-invoke the Browser Choice in Windows. Obviously Microsoft never learned or forget the lesson from 2009 (expired 2014).
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
4 users thanked author for this post.
-
Why doesn’t KB4576754 show up in the MS Catalog?
Because the update is there to enslave and torture consumers – you won’t find that in managed enterprise environments – read the notes of KB4576754:
Important
- This update is not intended to target Windows Update for Business (WUfB) managed devices.
- To get this update for the new Microsoft Edge for Windows 10, version 1803, see KB4576753.
[sic]
BTW: In the old kb article MS wrote ‘You do not have to restart your device after you apply this update.’ Obviously they changed their mind, if I understand Woody’s original post …
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
1 user thanked author for this post.
-
Just to remember, that also Samba is vulnerable. I had compiled a few pieces here:
Zerologon Exploits are used in the wild, patching (Windows Server, Samba) recommended
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
It’s about time MS fixed this problem! I wonder if this “fix” will trim SSD’s correctly?
No, they didn’t fix the SSD defrag issue – see my addendum at
Windows 10 Version 2004: Update KB4571744 will fix the Defrag bug
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
1 user thanked author for this post.
-
It’s Redmond at it’s best. They have released a patch for a vulnerability, that should have been patched already on August 11, 2018. Their KB article about Update KB4578013 is simply a mess. Wrong as h*** and don’t reveal, why they need to patch again.
Their Windows Message Center says ‘install immediately’ – but the CVE article says ‘2 – Exploitation Less Likely’.
BTW: I’ve send @Windows Update a tweet to inform them to update that contradictious information they are publishing.
Windows 8.1/ Windows Server 2012 R2: Update KB4578013
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
2 users thanked author for this post.
-
With respect to Catalin Ciampanu – and the FBI warning – it’s a lot of what we call in Germany ‘eine Binse’ (A bulrush). Microsoft offers the ESU program – and then enterprises receive updates as well as Win 8.1 or Win 10.
Win 10 have some improvements – but many things are what we call ‘weiße Salbe’ (white cream). Have a look from a security view at some Win 10 feature – their code & foundations are more than a decade old.
We have a lot of libraries (run times) shipped from Microsoft, that are brewed with terrible old tools (MS has bought sometimes), that has known security flaws.
We have several dozends of DLL hijacking applications shipped with Windows …
I’m not the expert, but from time to time security researcher allow me to have a look into the abyss …
And ‘upgrading to a more powerful system like Windows 10’ is just transportation of marketing b*****t. If my hard- and software environment isn’t ready for Win 10, there is nothing ‘more powerful’. If I don’t have the resources to manage semi-annual upgrades with all it’s whistle and bells and compatibility issues, there is nothing powerful – it’s just a night mare.
What’s true in the light of the FBI warning: Running an unpatched Windows 7 isn’t the best idea. But if an enterprise has booked ESU licenses, they receive patches untill Jan. 2023.
Just my opinion.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
17 users thanked author for this post.
-
Just a remark: Microsoft provides a workaround for OneDrive connection issues with Windows – but that’s imho not the final fix. As mentioned within my english blog post Windows 10 2004 OneDrive issue: No access after upgrade a missing registry entry is responsible, that Win 10 never sees a successful upgrade finished. The OneDrive and printer issues are a result of. I didn’t see that addressed within Microsofts support article https://t.co/qAZJEMbqao?amp=1 – that is dedicated to Win 10 2004 – but the flaw is located in ALL W10 versions …
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
1 user thanked author for this post.
-
Well, what Terry didn’t tell: Their nasty attempt for one year to force/trick Windows 7/8.1 users to upgrade to Windows 10 – that was the point where things are started going downhill.
Then the latest (marketing) approach, to connect all things with a Microsoft Account – recently we have hat blog posts, that a fresh install of Windows 10 Home won’t allow an ordinary user a local account.
I’ve addressed the dark side for consumers within my blogs. Some other MVP and me, we are collecting cases, where Microsoft Accounts are deactivated from Microsoft for some users (it was a machine learning program that made this decision). There is no way for an affected person to gain his Microsoft account back – the user is facing a ‘digital dead’ in Microsoft’s universe.
Feel free to add more mess …
2025 will the the date, when one premises products like Office 2019 and other are reaching end of life. My guess: Microsoft will force people to migrate to the cloud and subscription services. There are enough signs.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
8 users thanked author for this post.
-
gborn (and anyone that might be interested): Microfix was replying to my general question, not to one specific to Malwarebytes:
“So, to rephrase my question: if one does not grant that [elevation of privilege] request whenever an application makes it, or if an application is content to run with the default privileges and does no ask for elevation of same, all should be well as far as this particular problem goes? And, as a corollary, “do not use applications that ask for elevated privileges” is a good policy?”
I wish you all the best in your new career, from next year onwards.
Well, it’s not that simple – unfortunately.
A misbehaved application executed without privileged user rights may do some nasty things – like encrypt the personal files of the current user – and if the Admin granted access for another user to files via Windows Explorer, the file permission is set in a way that the user has permanent access. Also a misbehaved application may copy bad dlls into the download or temp folders and all folders writeable with default user right. If the user launches later another application, that requests UAC – and DLL hijacking exists – the bad DLLs are also loaded with new privileges.
It’s not a good thing, if an application requests elevated privileges in Windows, if it’s not necessary. But most applications need those privileges to do some things (accessing files in programs folder, accessing registry entries in HKLM etc.).
So it’s always the question to answer: Do you trust that application, that shall be executed – and is it the application you think it should be.
My assumption: The user works with default user rights and uses UAC to grant elevated privileges. In case users are logged to an admin account, sometimes things are getting complicated. The default Windows settings allows some commands to bypass UAC and runs elevated without user consent. Hope this anwers your question.
BTW: Linux sudo or su is a fundamental different thing to Microsoft’s UAC – imho.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
I’ve covered it this night within my English Windows 10 installs .NET Framwork Preview Update KB4562902 withouth user consent and German Windows 10 installiert ungefragt .NET Framwork Preview Update KB4562902 blog – after an Ex MVP colleague pointed out his observation.
One German reader came back and left a comment, that on his V1909 machine optional updates has been offered via download and install link. But after the paused optional update thing (the corona virus moratorium) the optional preview .NET update was pushed on the machines …
it seems to me that Microsoft has lost its track again.
Or to say it with Susan Bradley (see this old post): A while ago I had put in place a “Pinocchio” scale. I’d put a graphic on a post when I felt Microsoft wasn’t being transparent enough. I think I need another graphic. One that represents when your Company hasn’t earned our trust.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
1 user thanked author for this post.
-
Good questions that go beyond my pay grade as a volunteer. I don’t work for Malwarebytes and Gunter Born is far more knowledgeable in this field than I 🙂
I don’t have internal insights. From what I observed: The lead developer reacts promptly, each time, after I put my fingers again into the DLL hijacking thing. In worst cases, somebody grabbed an old script or a system with older settings to build that software – don’t know.
The lead developer told me after the latest incident, that he took actions to make sure that this never happended again. Let’s leave that on this state – if I find a DLL hijacking in future adwcleaner builds, I will notify my contacts.
Sometimes life is complicated – and software development (and administration of it systems also) is even more complicated and complex.
PostScript: Glad, I’m facing my retirement (after 52 years in IT circus) next year. Then I will be blogging ‘just for fun’ on a less frequent base about that stuff – perhaps in a position of Stadler and Waldorf 😉
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
Just a few additional remarks.
The issue seems to happen with Outlook 2016 client in C2R-Installs (Office 365). There is a Workaround to fix that Outlook crash, caused by a broken PST file – see my blog post below from June 22, 2020:
Outlook: June 2020 updates and PST issues?
This night (June 24, 2020) Microsoft has released this support article, confirming the bug and also my explanations given in den blog post.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
1 user thanked author for this post.
Author
