News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

ISSUE 17.32.0 • 2020-08-17

Logo
The AskWoody PLUS Newsletter

In this issue

SMALL-BUSINESS WEBSITES: Choosing a web-hosting service: The ins and outs

BEST OF THE LOUNGE: Fine-tuning laptop thermals with liquid metal and undervolting

LANGALIST: Recovering from ‘Unknown driver’ issues

PATCH WATCH: A new threat to the Wjndows print spooler

BEST UTILITIES: Freeware Spotlight — SwitchPowerScheme


SMALL-BUSINESS WEBSITES

Choosing a web-hosting service: The ins and outs

Will Fastie

By Will Fastie

The heart of the Web consists of millions of web servers, constantly streaming out trillions of webpages.

Relatively speaking, web servers are simple affairs — but choosing whose servers will host your website … not so much.

Years ago, a brilliant programmer I know once quipped that he could build a web server with just 12 lines of code. He was probably correct: for an exceptionally simple website, one containing nothing but text-based HTML, serving up pages is nothing more than requesting a file from the server and rendering it in a web browser.

Today’s websites are, of course, far more complex, often written with languages such as PHP, Python, C++, Ruby, and many others. But ultimately, the general principles remain: it’s still an HTML file that’s sent to a local browser.

So in theory, anyone with some basic know-how could set up a web server in their home — there are even applications that will build the “stack” for you. But effectively and reliably serving up a website is both time-consuming and complex, involving backup strategies, hardware maintenance, management of IP addresses, and more. All that requires skills and commitment that most individuals and small businesses either lack or don’t have the time for.

For those reasons, most of us rely on web-hosting companies. They have the expertise and resources to reliably deliver webpages, day in and day out — often at a very modest cost.

Given their mandate, you might think that most web-hosting services are alike. Generally speaking, they are; but dig down, and you’ll find that they’re not. Here’s what to consider when choosing who will host your website.

(Note: This is the fourth installment in my series of managing your presence on the Web. See links to the previous articles at the end of this story.)

Pricing

Website-hosting for small businesses and individuals can be surprisingly inexpensive. Previously in this series, I noted that I pay about USD $6 per month for my account at Pair Networks — and that includes four separate sites, all with SSL certificates.

But when it comes to the initial hosting fees, it’s important to not take advertised prices at face value. Look carefully at what exactly you’re getting for your money — and what will cost you extra.

Most important, remember Will’s mantra: No web service is unlimited, no matter what the company says.

Also, watch for “introductory” offers. It’s akin to those cable-company promos (more like scams): that low initial price will probably jump up sharply after the first contractual term expires. I especially abhor this practice with web-hosting services for two reasons.

First, it masks the true, long-term cost of hosting a site, lulling the buyer into assuming that a smaller budget will be the norm.

Second, intro offers that span lengthy terms — possibly up to three years — might seem attractive from a budget perspective, but they will lock you to that provider for longer than you might want. Note that you typically pay for these discounted offers up front. And if you move your site to another host for whatever reason, you probably won’t get a full refund.

Fifteen years ago, when I started helping clients with their websites, I advocated longer contracts as a way to save money. These days, I encourage paying the slightly higher fee for a month-to-month account. It lets you cancel the service more quickly, minimizing the cost of switching hosts while maximizing flexibility.

Features

Most hosting companies offer the same basic set of features in their hosting plans. But the combinations of features and their nature can differ significantly.

Here are some of the key features to check out:

Control Panel: This is the master online console for your hosted account. You want an especially strong password for accessing your website’s backend controls. cPanel is one of the most popular consoles; GoDaddy, HostGator, and many of the other big-name hosting services use it. Some boutique hosts (such as Pair Networks) have rolled out their own custom control panels. I prefer Pair’s because it’s simpler than cPanel — although it does lack a feature or two.

So it’s worth researching the console used by prospective hosts. You’ll have to decide the level of complexity you’re willing to handle. Some hosts will help you get started, but if your website-management skills are minimal, you should also consider consulting help.

Domains: Many basic plans allow only one or two domain names — which means only one or two independent websites. My plan says “Unlimited” domains, but keep in mind my mantra: It’s never truly unlimited. For instance, my plan limits me to 15 SQL databases. Because the sites I build require at least one database, my plan effectively limits me to 15 sites. (More on databases in a moment.)

One plus of “unlimited” domains is the ability to establish multiple domain names that all point to the same website — helpful, if you’re trying to dominate a brand.

Sub-domains: These are sites that are identified by a prefix to a top-level domain name — for example, store.joes-hardware.com. Sub-domains can represent an entirely independent site or a section of the main site. Although my plan has “unlimited” sub-domains, many plans set a limit because each sub-domain requires hosting resources.

Storage: This category requires a little math plus an understanding of how a host’s system works.

My plan allows 15GB of total storage. All together, my four sites take up about 2.5GB of space — so I’m nowhere near the limit.

On the other hand, my plan sets no limit on the number of files. My four sites consist of roughly 28,000 files — all the code, images, and other material. Doing the math based on an average file size, I could probably store 500,000 files. As they say, your mileage will vary.

The cPanel-based hosting plans I’ve worked with are limited to 250,000 nodes. That’s a tricky concept: A node can be an ordinary HTML file, one photo, a single email, and so forth. Over time, emails can suck up a large portion of your node allotment. But that 250K limitation is reasonable if, as I always recommend, your email is hosted elsewhere.

Bandwidth: Generally speaking, this represents the allowed amount of data transfers — in bytes — between your hosting server and browsers. As with your phone, it’s the amount of data you’re putting through the pipe each month.

Some hosts will specify a bandwidth quota. Other hosts will claim “unlimited” bandwidth but with a hidden catch. A clause typically buried in the service’s terms-of-service agreement prohibits sites that use huge amounts of bandwidth. You’re just not going to get away with setting up your own version of YouTube with a $12-per-month hosting plan. When the host sees heavy, continuous traffic from your site, it’ll threaten to shut you down — or just do so without notification.

My recommendations on bandwidth have also changed over the years. Early on, I looked for plans with no limits. But as I’ve gained experience, I’ve found that the quotas attached to economy hosting plans are mostly adequate for small businesses. I tell clients that exceeding bandwidth limits is a nice problem to have — it clearly shows that the site is heavily visited. And that problem is easily solved by simply upgrading the plan.

Databases: Again, low-cost plans usually have a limit on the number of databases — and always on the size of those databases (typically 1GB). Based on my experience, around 50MB is the minimum acceptable limit. Note that these size restrictions are based on stored text and numeric data — but not images, which fall under the overall storage-space cap. So make sure the plan’s database quota is sufficient for your sites’ needs.

Coding languages: Any website built with a content management system (CMS; e.g., WordPress) requires a back-end programming language. PHP is supported on every hosting plan that’s not designed specifically for some other language. My plan is something of a polyglot, supporting PHP, Python, Ruby Gems, and even Node.js. (WordPress requires PHP.)

SSL Certificates: Some years ago, SSL certificates (certs) were an expensive add-on. But with the rising popularity of the nonprofit Let’s Encrypt certification-authority service, many hosts now offer free or very inexpensive certificates. I pay no additional fee for three of my sites, but for the fourth, I pay an extra $10 per year. These days, every website should use SSL for secure connections.

The primary difference between free and paid certs is insurance. If the certificate fails to protect the server/browser connection, and you incur losses, the insurance will cover the cost up to a specified limit. Not surprisingly, the higher the limit, the more expensive the certificate. With free certificates, you’re on your own.

Bottom line: Don’t purchase a hosting plan that doesn’t offer free or low-cost SSL certificates.

User Accounts: Most hosting accounts allow only one user — the account holder. Anyone else working on your site will need to use those same credentials. And that could expose critical business information such as payment methods to someone outside your company. A few hosting plans — most notably, GoDaddy Pro — allow separate credentials for site management but not for the full account. That limited access is granted by and revoked by the account owner.

I really wish all hosting plans had a “consultant” sign-in option. Without it, you must implicitly trust anyone who might work on your website’s back end.

Performance: Inexpensive hosting plans use shared servers — your site lives alongside many other sites. With today’s powerful hardware, each physical server might support hundreds or thousands of sites (more info). I’ve found that most hosts make a reasonable effort to balance capacity and performance in order to assure smooth and responsive operation on each website.

For technical reasons, databases are not stored on the shared servers, which means that database access is handled over the host’s internal network. That setup can impact data-centric tasks — especially with low-cost hosting plans. I’ve noticed lags in my sites’ performance from time to time. I can live with it for now, but if traffic goes up significantly, I might have to upgrade my plan or move to another host.

Growth: Individuals and many small businesses can thrive in economy hosting plans. But of course, more website traffic is always welcome. However, at some point the growth will affect site performance. So before committing to a web host, check out the path to higher-capacity, more-advanced plans — and have a good understanding of what higher fees will buy. Options will include virtual private servers (aka virtual dedicated servers; more info) and dedicated physical servers, both of which will require considerably more technical expertise. With dedicated servers, system management may be entirely on the account-holder’s plate.

The Cloud

The most widely known cloud-computing services are Amazon Web Services and Microsoft Azure. They go way beyond simple website hosting, offering a broad range of advanced IT computing services. But for a rapidly expanding small business, both have the capacity to automatically handle growing site traffic — with no loss in performance.

These services are pay-as-you-go: you’re charged for the computer time used by your site, for every byte transmitted over the wire, and for every byte accessed from a database. In other words, you pay only for what you use (at fractions of pennies for each transaction). That means your costs can be unpredictable.

Consider cloud services if you know your site will require high capacity and top-notch security, reliability, performance, and management options. Keep in mind that you’ll likely need extensive skills — and if you don’t have them, you’ll need professional assistance.

The final installment — Website building: Next time, we’ll take a look at the options for building a website — from do-it-yourself to professional development and management services.

If you missed a previous installment of this series, here are the links:

  • What is your Web presence? – 2020-06-22
  • Getting the perfect domain name: The brand – 2020-07-06
  • Choosing an email provider: Your biggest decision – 2020-07-27
Questions or comments? Feedback on this article is always welcome in the AskWoody Lounge!

Will Fastie is a Web developer specializing in self-service websites for small businesses. Trained in computer science at Johns Hopkins University, he has held positions as a transaction-processing systems programmer, magazine editor, newsletter publisher, Wall Street analyst, CTO, and systems consultant.


Best of the Lounge

Fine-tuning laptop thermals with liquid metal and undervolting

Everyone likes to get the best speed out of their PCs, but some really like to push the envelope. Heat is one of the major causes of system throttling, even in high-end laptops. Fortunately, making adjustments here and there can keep a machine running at its top performance. But in the posts listed below, Ascaris describes specialized techniques for cooling a gaming laptop. Are you willing to fly into the danger zone?


Windows 10

Have you ever rushed through a Windows installation and then discovered a mistake you thought was now set in stone? Plus member Towson_Steve accidentally registered Win10 with an e-mail address that was supposed to be a spam trap. And that less-than-suitable address became the name for the PC. There are several ways to solve that problem, but MVP Rick Corbett offered a solution that’s simple and elegant!


Windows 7

You’ve just clean-installed Win7 on that new SSD drive, connected to the Internet, and let the machine update itself. SOP — except that MVP abboddi86 informs us that soon, Windows Update will no longer work as expected. The discussion that follows gets into the nitty-gritty of must-have patches. If you’re still on Win7, check out this post.


Windows 10

Many of us have at one time or another asked: “Am I missing something here, or is this how Windows 10 is supposed to be?” That was Plus member blueboy714‘s question to the Lounge, regarding the Win10 Start menu. The list of frequently used apps was fine, but items were missing in the all-apps list.

Sometimes the best solution is to go outside Windows. Da Boss PKCano recommended using the third-party tools Open-Shell or Stardock Start10. But ultimately, blueboy714 found the fix in Windows’ property settings.


History

Da Boss Woody triggered a flood of nostalgia with just one picture — of the venerable TRS-80! This pioneer personal computer held a whopping 48K of RAM. Its state-of-the-art storage was an external cassette tape deck. And it once had the largest selection of software available in the microcomputer market. Take a look at one of the earliest mass-produced, mass-marketed, personal computers … and be grateful for the progress we’ve made over the past four decades!


If you’re not already a Lounge member, use the quick registration form to sign up for free.


LANGALIST

Recovering from ‘Unknown driver’ issues

Fred Langa

By Fred Langa

Operating-system upgrades and resets sometimes leave behind nonworking, obsolete, or redundant device drivers that can open the door to future malfunctions.

Here’s how to easily remove any troublesome drivers cluttering up your Windows machine’s setup.

Plus: An AskWoody subscriber tries the “put the dead drive in the fridge” trick!

Unknown device drivers appear after Win10 reset

Salve Polinar’s Windows 10 fix didn’t go as planned:

  • “I used the Reset option on my Dell Win10 laptop. So why do I now have unknown device drivers installed? What’s the trick for tracking and removing unknown drivers?”

I’m guessing you used the Reset/Keep my files option or the similar Fresh Start to reinstall/restore Windows 10. Alas, neither of those tools gives Windows a truly “clean slate” — both retain user files and some Windows settings.

I suspect a previously installed device driver was mishandled during the reset, leaving behind a nonworking, obsolete, or redundant driver.

This should be easy to fix. But for future reference, note that the Reset/Remove everything option usually avoids this kind of problem by setting up Windows with absolutely no leftover baggage from previous installations. For information and cautions on all three Win10 reset options — Fresh Start, Keep my files, and Remove everything — see “Removing bloatware and OEM mods from new machines,” AskWoody Plus Newsletter, 2019-12-09.

I’ll further assume that you’ve made sure your system is fully updated via Windows Update and your hardware vendor’s driver update/support site (e.g., https://www.dell.com/support/). And I’ll assume that your post-reset PC is functioning normally in all regards — i.e., nothing is broken or malfunctioning. If those assumptions are correct, the unknown device drivers are truly not needed, and you can safely remove them.

On the other hand, if Windows Update or your hardware vendors’ sites say you’re missing updates or drivers, install them! Likewise, if some PC component or peripheral isn’t working as it should, visit that device’s support site and fix the problem before making further changes.

When you’re sure one or more unknown drivers are superfluous, you’re ready to weed them out. But first, make a just-in-case system backup. Now you’re ready to dig in! Here’s how:

Start by opening Device Manager. Enter “device manager” into the Windows search box and select Device Manager when it’s offered.

In the Device Manager window, select the View menu in the upper toolbar and then click on Show hidden devices (see Figure 1). This will ensure that Device Manager shows you everything — including currently inactive devices that would otherwise not be displayed.

Show hidden devices
Figure 1. Clicking Show hidden devices will let you view all driver-related items, including inactive ones.

Unknown device drivers are easy to find. Look for an entry literally labeled Unknown device, usually located within a generic Other devices heading (see Figure 2).

Clearly labeled Unknown Devices
Figure 2. Typically, Device Manager clearly labels unknown devices.

If you don’t immediately see an “Unknown device” or “Other devices” label, poke around inside the other headings, expanding each listed device in turn — “Unknown device” should be in there somewhere.

If you still can’t find the unwanted device driver, look for entries flagged with a Windows error symbol: i.e., an X in a red circle, an exclamation point in a yellow triangle, or a question mark in a white circle. They can all indicate malfunctioning or potentially problematic devices and drivers.

When you find a troublesome device in the list, right-click it and select Properties. Next, select the Driver tab and then click the Driver Details button. You’ll see a list of the device’s drivers and their exact locations on the hard drive.

Device Manager might be able to delete the unwanted drivers for you. Under the Driver tab, select Disable Device (if it’s available) and then click Uninstall Device. If Windows can, it’ll remove all associated software drivers and settings for that device. Reboot your system, and the bad driver should be gone!

If that didn’t work, try manual deletion. In File Manager, navigate to the drivers’ locations, as given in Driver Details, and delete them.

In some instances, the driver files can’t be deleted because they’re in use or locked. Reboot Windows into Safe Mode and try deleting the files again. Safe Mode automatically disables third-party and non-essential drivers, making them inert and removable. (See the Microsoft Support page “Start your PC in safe mode in Windows 10.”)

Once the bad drivers are gone, they should be gone for good — never to clutter your setup again!

Here are some additional resources that can help in this and similar situations:

  • “How to Identify an Unknown Device in Device Manager” – Dell.Com support article
  • “Identify Unknown Device Drivers in Windows” – WINDOWS.DO article
  • “How to Find Drivers for Unknown Devices in the Device Manager” – How-To Geek article
  • “How to easily find drivers for Unknown Devices in Windows” – PCWorld article
  • “Easily back up all your PC’s current drivers” – AskWoody Plus Newsletter, 2019-10-14
  • “When and how to restore your local driver backups” – AskWoody Plus Newsletter, 2019-10-28
  • “More on restoring drivers from local backups” – AskWoody Plus Newsletter, 2019-11-04
“Freezing hard drive; need response quickly … “

That was the subject line of Neil Michaels’s urgent-sounding email, which was sent shortly after the LangaList item “An old-school way to revive a dead drive” (AskWoody Plus Newsletter, 2020-08-03) was published. That item discussed a last-ditch method for trying to revive a dead spinning-platter HDD — by putting it in a refrigerator or freezer!

  • “Hi! I would like to try putting a nonfunctional hard drive in a cold environment, but your article says to put in the freezer — then it says refrigerator. Two totally different temperatures.

    “Kindly let me know the proper temperature so I can try it.

    “Please respond quickly, as I need to get into the drive ASAP. Thank you.

I wrote back:

  • “Hi, Neil. You can use either, but I think this is the best way.

    “If your hard drive is well and truly dead, and you have nothing left to lose, wrap the drive tightly in airtight plastic (to keep moisture/condensation out) and set it in a little-used part of your fridge for several hours — until you think it’s chilled all the way through.

    “Take it out of the fridge, unwrap it only enough to access the sockets, and reconnect it to a PC as an external drive. If it spins and starts, copy the data off the dying drive — RIGHT NOW! — because it’s already on its way out.

    “If the drive still won’t start, rewrap it and let it fully warm up to room temperature on its own. When it’s at room temp and the plastic wrap is dry (no condensation), unwrap the drive and try again. If it works, you’ve bought a little time. Again, get the data off immediately.

    “Good luck!”

A short while later, I received this:

  • “Dear Fred. It worked!

    “It was an external WD Passport drive that I use for backups. When I got to the last file the drive died! Thank you so much for clarifying the procedure.

    “Happy fan, Neil Michaels”

Glad it worked! Sometimes, the old ways really are still good!

Send your questions and topic suggestions to Fred at fred@askwoody.com. Feedback on this article is always welcome in the AskWoody Lounge!

Fred Langa has been writing about tech — and, specifically, about personal computing — for as long as there have been PCs. And he is one of the founding members of the original Windows Secrets newsletter. Check out Langa.com for all of Fred’s current projects.


PATCH WATCH

A new threat to the Windows print spooler

Susan BradleyBy Susan Bradley

The 2020 virtual Black Hat USA 2020 and DEF CON 28 security conferences are now history.

These were two for the books: totally virtual conferences. Instead of masses of hackers, hacker wannabees, security researchers, and government employees gathering in hot Las Vegas, everyone was online and watching from home.

One of the highlights of these shows is the development and unveiling of new exploits — by security researchers, not malicious hackers. Typically companies such as Microsoft scramble to patch the vulnerabilities revealed at these two conferences.

What snagged my attention was the discussion about cracking the “fixed” Windows print spooler. CVE-2020-1048 was patched this past May, but SafeBreach Labs’ Peleg Hadar and Tomer Bar found a way around the patch. This newly exposed vulnerability — CVE-2020-1337 — could allow elevation-of-privilege exploits.

The two researchers also discussed a related denial-of-service flaw that Microsoft will reportedly not patch. As noted on page 63 of their presentation (PDF), Microsoft responded, “The technique results in a local Denial of Service; which doesn’t meet Microsoft’s servicing bar for security updates.”

CVE-2020-1337 is notable for another reason: the number 1337. New vulnerabilities are typically tracked with the Common Vulnerabilities and Exposures (CVE) naming convention. That system consists of the year and an assigned number. In this case, 1337 also has special significance in the hacking and online gaming community. It’s a numeric “substitute” in the Leet modified-spelling system. (Simply put, it’s the amusement of swapping numbers for letters. So “leet” becomes “1337.”) So CVE-2020-1337 has a sort of “leetness” to it.

In any case, Microsoft’s August updates include a fix for this potential threat to the Windows print spooler. I’m keeping an eye out for any issues with the patch — especially given the PCL 5 printer-driver issues we experienced back in June. So far, I’ve not run across any side effects — though it’s still early in the patching cycle.

A deluge of vulnerability fixes. August is an especially heavy month for Windows and Office security patches. They fix 120 vulnerabilities in Windows, Office, .Net Framework, SharePoint, and other components.

Click-to-Run confusion

For a while now, I’ve recommended moving away from the “Monthly” (aka “Current”) Channel updating cycle for Office 365 in favor of the slower “Enterprise”/”Semi-Annual” process. But I haven’t made clear — because it wasn’t clear to me — how there are multiple Click-to-Run (CtR) versions with different patching policies. For example, the retail edition of Office 2016 is deployed via CtR, but not in the same way as Microsoft 365 subscriptions.

Here are the various — and confusing — releases that Microsoft shipped out this month for the CtR platform:

  • Microsoft 365 Apps — 13029.203440 — 8/11/2020 — Current Channel/Monthly 2007
  • Microsoft 365 Apps — 3001.205200 — 8/11/2020 — Monthly Enterprise — 2006
  • Microsoft 365 Apps — 12827.206560 — 8/11/2020 — Monthly Enterprise — 2005
  • Microsoft 365 Apps — 12527.209880 — 8/11/2020 — Semi-Annual Preview — 2002
  • Microsoft 365 Apps — 12527.209880 — 8/11/2020 — Semi-Annual — 2002
  • Microsoft 365 Apps — 11929.209340 — 8/11/2020 — Semi-Annual — 1908
  • Microsoft 365 Apps — 11328.206440 — 8/11/2020 — Semi-Annual — 1902
  • Microsoft 365 Apps on Win7 — 12527.209880 — 8/11/2020
  • Office 2019 Retail — 13029.20 — 8/11/2020 — 2007
  • Office 2016 Retail — 13029.20 — 8/11/2020 — 2007
  • Office 2019 Volume License — 10364.20 — 8/11/2020 —1808

If you have a Microsoft 365 subscription, you can switch from the monthly “Current Channel” update cycle to the slower “Semi-Annual Channel.” To do so, use Mark Berry’s instructions. (That includes GoDaddy versions.)

But those who bought the retail edition of Office 2016 don’t have a choice: your only option is a single update each month. Fortunately, it doesn’t have the near-constant churn of the MS 365 Current Channel/Monthly process.

My apologies for the confusion.

Deferring updates

Using the Windows Update Pause button is convenient and easy, but it does have an unfortunate side effect. If you click “Resume updates,” Windows will kick off its “Check for updates” action. (A reminder that “check” actually means “install.”) That in turn will automatically install preview patches such as those for .NET Framework.

Fortunately, there’s a better way to defer updates in Pro versions of Win10: the “Windows Update for Business” local group policy settings. They let you manage the installation of “quality” (aka “cumulative”) updates without triggering the addition of optional, preview updates. Here’s how to set it:

  • In the Windows search box, enter “gpedit.” Select Edit group policy when it appears.
  • In the Local Group Policy Editor window, click through Computer Configuration/Administrative Templates/Windows Components.
  • Under Windows Components, open the Windows Update folder. Under Settings, open the Windows Update for Business folder. In that window, click Enabled.
  • Next, click to open Select when Quality Updates are received. In the Options box, enter 15 for the number of days to delay receiving quality updates after they’re released. (See Figure 1.)

    Number of defferal days
    Figure 1. Quality updates set to be delayed for over two weeks

    This will push off quality updates for just over two weeks after the second “Patch Tuesday” (when releases such as .NET previews appear), giving us time to test the patches and ensure there are no side effects.

  • Next, in the Windows Update for Business folder, double-click Select the target Feature Update version. Click Enabled and then, in the Options section, enter your current version number (i.e., 1809, 1903, or 1909) into the entry box. Microsoft will not offer Version 2004 as long as this setting lists an earlier release of Win10.

    Target Feature Update version
    Figure 2. This setting will keep Win10 2020 at bay.

Again, you need Win10 Pro to make these changes in the Group Policy Editor. If you have Win10 Home running on your system, you’re out of luck.

Getting the kinks out of Windows 2004. We have another good reason to put off the newest Windows. I’m currently tracking the Windows defragger bug that’s impacting SSDs. According to a Bleeping Computer post, the flaw causes excessive defragmentation and trimming of solid-state drives.

At this time, Windows 2004 is being offered on my Surface Go device and home-built PC — but not on my Lenovo ThinkPad. With the likelihood of more bugs to come, I’m keeping 2004 at bay for a while longer on all my personal and business systems.

August Patching

Side effects: So far, August updates appear to be fairly well behaved. The only issue we’re tracking is an Error 0x800f0988 message during installation. But it appears to be rare — and it’s not new. AskWoody forum members report that this warning has appeared in previous Win10 versions. Unfortunately, the fix might not be easy.

New Win7 vulnerabilities: Each month, I post this list of newly revealed Win7 vulnerabilities to remind users that the OS is becoming increasingly dangerous to use — especially for business applications. Moreover, if you’ve subscribed to Extended Security Updates (ESU), you need to keep in mind that the program is a temporary fix.

(The list below reflects the growing number of vulnerabilities revealed in Windows 10 as well. See my cumulative account of patches on the AskWoody Master Patch List page.)

Reminder: Anyone with Win7 Pro can still buy an ESU subscription from Amy Babinchak by filling in the Harbor Computer Services form. (It’s another reason to upgrade from Win10 Home to Pro.)

Here are the latest threats patched in August:

Denial of Service:

  • None!

Elevation of privilege: These exploits could let malicious hackers acquire admin rights on targeted machines, often with the unwitting help of users.

Information disclosure: Used by attackers to steal information stored in a computer’s memory.

Spoofing: This form of attack tricks a system into bypassing security features.

Remote code execution: The most common and dangerous form of Windows exploits, they let an attacker take complete control of a system, typically with the assistance of social engineering.

Remember: Don’t put your personal information and/or business at risk. If you must use Win7, get an ESU subscription (more info). Or at the very least, use the 0patch service.

Patching summary

I recommend installing the new Chromium-based Edge browser. It’s a vast improvement over the old Edge.

- What to do: However you prefer to defer Windows and Office updates, put them off for at least a couple of weeks. Again, these patches look fairly clean, but only a bit of time will tell whether they have hidden issues. Win7 users with ESU subscriptions should ensure that the required servicing-stack updates are in place. As always, you can find a rundown of past patches on our online Master Patch List.

Windows 10

Servicing-stack updates

Cumulative updates

  • 4566782 for Version 2004
  • 4565351 for Version 1903 and 1909
  • 4565349 for Version 1809 and Server 2019
  • 4571709 for Version 1803 (Enterprise and Education editions only)
  • 4571741 for Version 1709 (Enterprise and Education editions only)
  • 4571689 for Version 1703 (Long-Term Servicing Channels)
  • 4571694 for Version 1607 (Long-Term Servicing Channels) and Server 2016

.NET Framework for Windows 10

  • 4569745 for Versions 2004
  • 4569751 for Versions 1903 and 1909
  • 4570505 for Version 1809 and Server 2019
  • 4569749 for Version 1803 (Enterprise and Education editions only)
  • 4569748 for Version 1709 (Enterprise and Education editions only)
  • 4569746 for Version 1607 (Long-Term Servicing Channels) and Server 2016
Windows 8.1/Server 2012 R2

(There is no Win8.1 servicing-stack update this month.)

  • 4571703 – Monthly rollup
  • 4571723 – Security-only
  • 4571687 – Internet Explorer 11 (install with the security-only update)
  • 4570508 – Monthly .NET rollup
  • 4570502 – Monthly .NET security-only
Windows 7/Server 2008 R2 SP1

Be sure you have July servicing-stack update KB 4565354 installed (you can get it at its Microsoft Update Catalog download page). Otherwise, August’s patches won’t show up. You’ll also need to have August’s servicing-stack update KB 4570673 in place in order to receive September fixes. (It should show up after installing the August updates.

Install this patch — again! Although I prefer the official ESU keys over 0patch for keeping Win7 safe, Microsoft has made its service far from easy for ordinary folks. If you’re not behind a Windows Software Update Services (WSUS) patching tool, it can be difficult to keep track of the full updating process.

For example, Microsoft has re-released KB 4575903, a mandatory update for managing ESU keys. But this time it’s not offered in Windows update — just through WSUS or manually downloaded from the Microsoft Update Catalog. So, again, if you’ve not getting patches via WSUS, grab the file from the catalog and install it on your Win7 systems.

The regular August patches include:

  • 4571729 – Monthly rollup
  • 4571719 – Security-only
  • 4570673 – Servicing-stack update
  • 4571687 – Internet Explorer 11 (install with the security-only update)
  • 4570506 – Monthly .NET rollup
  • 4570500 – Monthly .NET security-only
Server 2012
  • 4571736 – Monthly rollup
  • 4571702 – Security-only
  • 4571687 – Internet Explorer 11 (install with the security-only patch)
  • 4570507 – Monthly .NET rollup
  • 4570501 – Monthly .NET security-only
Windows Server 2008 SP2
  • 4572374 – Servicing-stack update
  • 4571730 – Monthly rollup
  • 4571746 – Security-only
  • 4565479 – Internet Explorer 11 (install with the security-only patch)
  • 4570509 – Monthly .NET rollup
  • 4570503 – Monthly .NET security-only
Office security and non-security updates

August’s security updates patch one or more remote-code-execution vulnerabilities.

Office 2016

Office 2013 SP1

Office 2010 SP2

Defer the following Office non-security enhancements and fixes on production systems until further notice.

Office 2016

  • 4484418 – Office; graphical content deleted from emails
  • 4484464 – Skype for Business; remote user not updated on transfers
  • 4484477 – Project; various issues

Office 2013 SP1

  • None for August

Office 2010 SP1

  • 4484454 – Office; adds a business bar
  • 4092435 – PowerPoint; language translations

These days, more than ever, stay safe out there.

Questions or comments? Feedback on this article is always welcome in the AskWoody Lounge!

In real life, Susan Bradley is a Microsoft Security MVP and IT wrangler at a California accounting firm, where she manages a fleet of servers, virtual machines, workstations, iPhones, and other digital devices. She also does forensic investigations of computer systems for the firm.


Best Utilities

Freeware Spotlight — SwitchPowerScheme

Deanna McElveenBy Deanna McElveen

If it were up to me, Windows’ desktop context menu — the right-click pop-up menu — would take up two full screens!

Then I’d have quick access to everything with just a mouse-click! … And that would give birth to a whole new generation of utilities to shrink Deanna’s context menu back to a manageable size.

That wishful thinking probably explains my excitement at discovering Sordum.org’s SwitchPowerScheme.

Have you ever been working on your laptop at home and suddenly had the urge for a quick (three-hour? yikes!) game of Minecraft? No? Oh, me neither! 😏 But if you did, wouldn’t a way to instantly switch to your portable’s high-performance mode be handy? Some method that did not require going into the machine’s power settings?

Maybe you’re working on a letter, and you have just one more paragraph to write — but your portable’s battery is down to a 7-percent charge, and you need to shift into power-saver mode quickly.

Perhaps you’re heading out the door on vacation, and you suddenly remember you might want to access your home-bound machine remotely. A way to instantly prevent the system from dropping into hibernation would be nice.

SwitchPowerScheme is the solution to those scenarios and many more. It makes changing power modes fast and easy. Go grab the ZIP file from its OlderGeeks.com page. Yes, it’s portable and free, of course. Just unzip the downloaded file and double-click either the 32-bit or 64-bit EXE.

The first window you see (Figure 1) has your current power plan preselected.

SwitchPowerScheme main menu
Figure 1. In this example, my system is in high-performance mode.

From that window, you can quickly switch to another power setting. Just choose one from the list and click Apply Power Plan.

But let’s go one step better by adding the utility to the desktop context menus. Just click the Menu button and select “Add to Context Menu” (see Figure 2).

Add to Context Menu option
Figure 2. Adding SwitchPowerScheme to the desktop’s right-click menus

And now, when we right-click our desktop … we see Power Options and available power settings! (See Figure 3.) Clicking Power Options from the list pops up Windows Control Panel’s power-settings screens, giving you more choices and settings. (The Power Options link can also be accessed from the utility’s Menu button.)

Power Options in the desktop context menu
Figure 3. The Windows Desktop context menu is a handy place for quickly selecting power settings.

That’s pretty much it — SwitchPowerScheme is extremely simple and useful, besides being completely portable. Add it to your utilities flash drive so it’s always at hand.

Happy Computing!

Questions or comments? Feedback on this article is always welcome in the AskWoody Lounge!

Deanna and Randy McElveen are celebrating over 20 years in the computer business, ten years running OlderGeeks.com, and more than 26 years of putting up with each other. Their computer store is in a small town in the Missouri Ozarks. Believing that happy customers are always the best advertisement, they hope to do it for another 20 years.


Publisher: AskWoody LLC (woody@askwoody.com); editor: Tracey Capen (editor@askwoody.com).

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody, Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody LLC. All other marks are the trademarks or service marks of their respective owners.

Your subscription:


Copyright © 2020 AskWoody LLC, All rights reserved.