Creating customized recovery images for Win8

Windows 8’s easy-to-use and built-in backup, restore, and rebuild tools go far beyond those found in previous versions of Windows.

When using Win8’s Refresh option, the advanced Recimg tool can preserve your current Win8 setup — including desktop apps that Refresh would, by default, remove.

This is the fourth installment in a series detailing Windows 8’s backup-and-recover system. The previous Top Stories include:

July 11, “Understanding Windows 8’s File History”
Aug. 15, “A ‘no-reformat reinstall’ for Windows 8,” which discusses Win8’s Refresh command
Sept. 12, “A clean-slate reinstall for Windows 8,” a description of Win8’s clean-slate tool, Reset.

Unfortunately, in its default application, Refresh has a major drawback. Although it doesn’t change your user files, native (Metro/Modern) Win8 apps, or applications you obtained via the Windows Store, Refresh does remove traditional Windows desktop apps that you installed from other websites or from optical media. (See the explanation on a Microsoft Windows 8 Support page.)

You can, however, avoid this Refresh limitation by creating and using a custom system image. It automatically rebuilds Win8 to the specific configuration you want — standard desktop apps included.

A custom system image still gives you the benefits of the default Refresh. Win8’s core files will be completely rebuilt, and your user accounts, data, passwords, and personal files will be left intact.

Best of all, it’s incredibly simple to make a custom system image. The only tool you need — recimg.exe — is already built into your copy of Windows 8!

Recimg.exe (or Recimg for short) gets its name from a contraction of the phrase “record image,” a command-line tool. Microsoft offers instructions on using the command in support article 2748351. But those instructions leave out important details — and that’s where this article will help.

In the following steps, you’ll see how to prep your system for the best Recimg results, and you’ll learn how to use the tool and its various options. You’ll also get some extra tips and tweaks that can make the process of creating a custom system image go faster and more smoothly, including a solution to the most common problem that can interfere with Recimg’s operation.

Before you begin, some basic prep work

Because Recimg will create a custom system image based on your current Win8 setup, it stands to reason that you’ll want Windows to be as nearly perfect as it can be: complete, up to date, and error-free.

So before you begin, spend a few minutes performing some basic system maintenance:

Update all your software. Manually run Windows Update and ensure you’re running the latest versions of all third-party software. An automated update tool such as Secunia PSI (free/paid; site) can simplify and speed up this process. For more auto-update tools, see the July 26, 2012, Top Story, “Software that updates your other software.”
Run a reputable Registry cleaner to help ensure that your Registry doesn’t contain errors such as references to absent software or altered system locations. Piriform’s CCleaner (free/paid; site) is a popular tool, but there are many others — some excellent, some more trouble than help.
Tip #1: Cleanup tools can also remove junk and trash files — generally a good thing. But Recimg doesn’t collect and preserve junk files, so junk-file cleanup is not a necessary prerequisite for running the imaging tool.
Verify your disk’s health using Windows’ built-in tools — either the command-line chkdsk or the GUI-based Error-checking/Check now. If you need a refresher on these apps, see the “Check the hard drive’s physical/logical health” subsection of the Jan. 10 Top Story, “Let your PC start the new year right!”

With those three basic tasks done, you’re ready to create your custom system image.

Tip #2: Recimg is CPU- and disk-intensive; it can take several hours to run to completion. If needed, you can keep using your PC because Recimg uses Windows’ shadow copy function (more info) to process files — even if they’re open, in use, or locked.

Keep in mind, however, that because Recimg makes heavy demands of your system, it will cause a noticeable slowdown.

To reduce potential frustration, and to allow Recimg to complete its task in the shortest-possible time, I suggest that you run it only when your PC would otherwise be idle and unused.

In the same vein, you can further quicken Recimg’s operations by shutting down or disabling as many background tasks as possible. For example, before running the tool, disable or postpone any scheduled backups, data syncs, malware scans, defragmentation operations, and so on.

Building your first custom system image

Using Recimg to create a custom system image is amazingly simple. Here are the steps:

To start, bring up an administrator-level command prompt by whatever method you prefer. In Windows 8, the easiest way is to simply press the Windows key + X (WinX) and then select Command Prompt (Admin). A standard admin-level command window will open.
At the command prompt, type:
recimg /createimage {folder path}

Note: Replace {folder path} with the path/folder name where you want the custom system image stored. For example, you might use C:\RefreshImage as the path and folder name. (If the folder doesn’t exist, Recimg will create one.) So the entire command would be:

recimg /createimage C:\RefreshImage

Tip #3: System images can be quite large, typically 15–25GB. Make sure the destination drive has sufficient room.

Tip #4: To speed Recimg’s processing, create the system image on your fastest hard drive, even if you don’t want to keep it there permanently. (System images can be moved after they’ve been created; more on this in a moment.)
With the command, path, and folder name entered, press Enter. Recimg will go to work in three stages: initializing, creating a snapshot of the current setup, and then writing the image to the specified location, as shown in Figure 1.

The custom system-image file is always called CustomRefresh.wim. (The extension .wim stands for Windows Imaging Medium — see the MS TechNet explanation.)

Figure 1. A typical Recimg progress screen. Here, the tool is beginning to write an image to C:\RefreshImage.

When the custom image is fully written (typically after several hours), Recimg will register the new CustomRefresh.wim file as your system’s active system image. Windows 8 will automatically use the newly created image whenever you run Refresh on your system. (For complete information on refreshing Win8, see the Aug. 15 Top Story, “A ‘no-reformat reinstall’ for Windows 8.”)

You can run Recimg as often as you like. If you specify the same folder over and over, only the last CustomRefresh.wim will be retained. But you also can specify a different destination folder each time in order to build a library of custom system-image configurations.

You also can move CustomRefresh.wim files from wherever they were created to any other suitably capacious location — either to save space or for long-term archiving.

If you move a CustomRefresh.wim file, or if you have multiple image files you’ve created over time, use Recimg to tell Windows 8 which file should be used as the current, active system image.

Open an administrator’s command window and type

recimg /setcurrent {folder}

where {folder} is the path to and name of the CustomRefresh.wim file you wish to use as the current source of Refresh files.

Other Recimg options include:

recimg /showcurrent — displays the folder that holds the currently active image. It’s useful if you lose track of which CustomRefresh.wim Win8 is using.
recimg /deregister — enter this command if, for some reason, you want or need to return to Win8’s default system image. Refresh will use the image originally provided by the PC’s manufacturer — or, if no OEM file is available, the files on your original installation medium.
(Using the /setcurrent command described above, you can always return to one of your custom system-image files.)
recimg /help — displays a list of all available Recimg commands, plus some simple help text.

Solving the most common Recimg problem

Win8’s custom system image–creation tool can occasionally be confused by virtual volumes (logical hard drives or partitions) and/or by symlinks (symbolic links; MSDN explanation).

For example, popular cryptographic software such as TrueCrypt, Boxcryptor, and others commonly create their own private volumes to hold encrypted data.

If there are any irregularities with the way those volumes are mounted or dismounted, Recimg might stop early in its initialization process and display error messages such as The recovery image cannot be written or The system cannot find the file specified. The most common error code associated with this problem is the cryptic 0x80070003.

The solution: Temporarily uninstall whatever software created the volume or symlink and then run recimg.exe. Reinstall the problematic software after the custom system image has been created. (Obviously, the problem app won’t be restored along with your other apps, if you use Win8’s Refresh.)

Win8’s multi-tiered backup/recovery options

As you’ve seen from this series, Windows 8 offers a wider range of built-in backup and recovery options than any previous version of the OS does. In summary:

File History provides automatic, nearly constant, always-on backups of your user data and files.
Reset lets you rapidly restore your PC to its original, fresh-from-the-box setup.
Refresh provides a quick-and-easy, nondestructive reinstall of Win8’s core files — without disturbing your user files. And when combined with a custom system image, it won’t remove apps that were not included with Windows or not purchased from the Windows Store.

Whatever your feelings about Win8’s interface, you have to agree: it’s good to have all that protection built into the base operating system!

Table of contents

Lounge member globalist’s experience with the VLC media player began badly — twice. Because it came with so much junkware, he didn’t trust it.

But before giving up on it entirely, he asked about its reputation in the Other Applications forum. Wherein he was reminded of the important difference between official sites and others.

The following links are this week’s most interesting Lounge threads, including several new questions for which you might have answers:

Office Applications
General Productivity	Microsoft Office viewers: Are they needed?
Word Processing	Word 2010 table formatting using VBA macros
Spreadsheets	Parsing data from XML file in folders and subfolders
Databases	One Print button for different reports
Visual Basic for Apps	Outlook message tag using VBA
Microsoft Outlook	Outlook Connector no longer works in Office 2010 in Australia
Windows
General Windows	Removing Win8 and installing Win7: Oops!
Windows 8	Which version for my amount of RAM?
Windows 7	Problem with Win7 permissions
Windows Vista	Black screen says it’s in Power Save Mode
Windows XP	Windows XP: Outlook Express email message Web-link failure
Windows Servers	Host website on server
Internet/Connectivity
Internet Explorer	Internet Explorer in Windows 8 Professional
Third-Party Browsers	Firefox 24: Restore Session error
Networking	Permission denied
Social Media	Two Facebook accounts; forgot password for one
Software Development
Web Design & Development	IFRAME question
Other Technologies
Security & Scams	PC security
Maintenance	System images from two PCs and OSes
Hardware	How bad are hard drive’s bad sectors?
Other Applications	The word on VLC

starred posts: particularly useful

If you’re not already a Lounge member, use the quick registration form to sign up for free. The ability to post comments and take advantage of other Lounge features is available only to registered members.

If you’re already registered, you can jump right in to today’s discussions in the Lounge.

Table of contents

If you’re willing to accept the risk, you can easily disable the sign-in step for any version of Windows — including Windows 8.

Plus: Disk compression’s effects on performance, solving copy problems in Win8, and identifying the source of email delays.

One click disables Windows’ password protection

Reader Al Charters asks:

“I’m the only one who uses my Windows 8 computer. Can I eliminate the sign-in password requirement? If so, please explain how.”

Sure, Al; it’s easy to do. And the following steps work with all current versions of Windows. Here’s how:

Open an administrator-level command prompt. Perhaps the easiest way in Win8 is to press Win + X and then select Command Prompt (Admin) from the popup menu.
When the command prompt window opens, type control userpasswords2 and press Enter.
A User Accounts dialog box, shown in Figure 1, will open. Uncheck the box marked Users must enter a user name and password to use this computer and click OK.
Figure 1. In all versions of Windows, unchecking the box highlighted in yellow disables username and password sign-in.
A confirmation dialog box will open. Select the default admin-level account (if there is more than one account) and then enter the account’s password in the indicated locations.
Reboot.

That’s all it takes!

A word of warning, however: Disabling system sign-in obviously makes a PC far less secure. Anyone with access to your PC could have complete access to your system — all your data and possibly your online accounts.

For that reason, in almost all cases it’s not a good idea to disable the sign-in process.

But if you’re truly the only person with access to your PC, and if you understand and accept the risks, the steps above will easily let you bypass sign-in on any current version of Windows.

Does disk compression kill performance?

After reading the Sept. 12 LangaList Plus item, “Two ways to solve a space crunch on SSDs,” Dunc Petrie wondered about the extra processing that overhead disk compression imposes.

“Fred, you discussed using disk compression as a means of increasing capacity on a [solid-state drive (SSD)] that’s running out of space.
“Just wondering what the hit would be on system speed. After all, if you choose an SSD to get the most throughput, slowing it down with compression (if that’s the case) seems to defeat the reason for upgrading to an SSD in the first place.”

Yes, there is extra computational overhead in compressing and decompressing files. In fact, back in the early 1990s, when disk compression was first used on Windows PCs, it got a well-deserved reputation for dragging down system performance. But at that time, desktops used single-core CPUs with a typical clock speed of around 25MHz. Disk compression puts a noticeable burden on the CPU.

Today’s multicore, GHz-class PCs are literally thousands of times more powerful than those early systems. So though disk compression still takes CPU time, in routine desktop computing its performance hit is typically imperceptible. To me, using a compressed disk feels the same as using an uncompressed one.

That said, if you try it and don’t like the results, you can simply disable disk compression. As long as the decompressed data still fits on your hard drive, your files — and system performance — will return to their precompression state.

(Note: In Explorer, Windows might highlight the names of compressed files and folders in blue text. You can change that feature in the Tools/Folder options/View/Advanced setting. Look for Show encrypted or compressed NTFS files in color.)

Keeping that one caution in mind, there’s little to lose in trying disk compression. I’ll bet that the only effect you notice is painlessly gaining a lot more disk space!

Copying data from CD to Windows 8 fails

Kevin Shannon ran into a snag when trying to migrate his work flow from Vista to Win8.

“I have a series of CDs containing indexes, and the discs require constant swapping to access all the related data.
In Vista, I copied an image of each CD to my C: drive, thus eliminating the need for the CDs. To do that, I right-clicked the CD drive in My Computer and used the Copy command.

But when I try this method in Windows 8, nothing happens. Can this be done in Win8?”

Sure, there’s nothing about Win8 that should interfere with simple copy operations of that kind. If copy fails, check the following variables in Win8 — or any Windows version, for that matter.

Make sure you’re in an administrator account. This can help avoid some issues with permissions.
Ensure that the optical drive mechanism is working properly; try accessing or playing known-good CDs or DVDs.
Check that your source CDs are undamaged and not copy protected, and that you have access-and-read permissions to the files you want to copy.
Make sure your intended paste-to destination is not read-only or otherwise write-protected; also check that it’s large enough to contain all the files you want to copy.

It’s also possible that some habit from your Vista days is causing trouble. (Nothing you describe points to that, but clearly, something’s going wrong.)

To help eliminate any possibility of user error, try a copy task using the slower, long-form method — at least until your copy problem is cleared up.

For example, instead of clicking on the CD drive to select its contents, open the CD in File Explorer and manually select the files (or use File Explorer’s Select/Select all function, located on the Ribbon toolbar.)

After the correct files are selected, use File Explorer’s Copy function (from the ribbon) rather than right-clicking and selecting copy or using Ctrl + C. Likewise, when you’ve navigated to the intended destination for your files, use File Explorer’s Paste function (again, on the ribbon) rather than using a right-click paste or Ctrl + V.

I can think of no intrinsic reason why your copy operation should fail. If your hardware is OK, you’re in an administrator account, the CD is fully accessible and undamaged, and you’re using valid copy-and-paste commands to send the files to a suitable destination, you should be able to do exactly the same copy operations in Win8 as you did in Vista.

When your email acts more like snail mail

Bill Bush wants to find out why his email sometimes experiences delivery delays of up to six hours!

“I am having email trouble. For example, the last Windows Secrets newsletter did not arrive until 7:58 a.m. on Thursday, but the email headers showed it was mailed at 12:14 a.m. I used to receive emails with just a one-to-five-minute delay. Ideas?”

A six-hour delay is extraordinarily long, and suggests that a mail server — perhaps at your Internet-service provider (ISP) — temporarily stored your email due to some problem such as system overload, hardware failure, or scheduled maintenance. When the problem was resolved, your mail was delivered.

Note that many ISPs make claims such as “99 percent uptime guaranteed!” — which sounds great but actually allows the service provider a surprising amount of wiggle room.

Do the math. There are 8,760 hours in a standard calendar year (365 days), so a mail system could be offline for 80 hours per year — e.g., dead in the water for half a week! — and still legitimately claim 99 percent uptime.

To be fair, some service delays and outages are just part of life online. Hardware does sometimes fail, servers sometimes need to go offline for routine maintenance, backhoes and construction crews sometimes accidentally rip up major data cables, and so on.

There are no common, end-user solutions to problems like those. (You could, I suppose, have a second Internet account with a different ISP.) If the delays are infrequent and/or happen typically at slack times (such as the middle of the night), they’re probably not worth worrying about. Stuff happens.

On the other hand, if you’re experiencing frequent delays or they happen during prime time, some detective work might help reveal where the delays are happening.

For example, check out the March 21, 2002, LangaList Plus article, “Slick and free 3-D visual-trace route tool,” for information on tracert.ext — a free command-line app built into all versions of Windows — and a similar third-party tool.

You can use tracert to trace the route Internet data packets take as they travel between your PC and any given server (such as the mailing service that delivers the Windows Secrets newsletters). Tracert shows you how long each segment — or hop — of the journey takes. This lets you see where delays and time-out failures occur.

Microsoft documents Tracert in Support article 162326, “How to use the Tracert command-line utility to troubleshoot TCP/IP problems in Windows.”

If the utility shows that a specific location (such as your ISP’s mail server) is routinely causing undue delays or data-packet delivery failures, you’ll have a valid reason to complain directly to that service’s sales/support department — or a good excuse to take your business elsewhere!

Table of contents

The options for storing and archiving data have never been more numerous or diverse — or confusing.

Just when you thought that cloud storage was the next big thing, a new generation of external drives and wireless devices are adding Internet file sharing and support for mobile devices.

Storage for multiple digital devices

Once upon a time, archival storage for our data was relatively easy. You simply attached an external drive to your personal computer and set up backup software. Video and digital images greatly increased the amount of data we had to store and back up, but that was no real problem: with hard-drive capacity going up exponentially and prices plummeting, we simply bought a bigger external hard drive.

Then came cloud storage, and things became more complicated. Storing our data on a remote server is safer from hardware failure than on a local drive, but there are also those monthly fees and potentially slow access over the Internet.

Now it’s no longer the data on one or two PCs we have to archive, but images, music, videos, and so on, all kept on our growing number of mobile devices — smart phones, tablets, and hybrid laptop computers. We’re also sharing our data among these devices and with others as never before.

A Sept. 11 IDC report states:

“The International Data Corporation (IDC) Worldwide Quarterly Smart Connected Device Tracker expects tablet shipments to surpass total PC shipments (desktop plus portable PCs) in the fourth quarter of 2013. PC shipments are still expected to be greater than tablet shipments for the full year, but IDC forecasts tablet shipments will surpass total PC shipments on an annual basis by the end of 2015.”

Cloud services such as iCloud and Dropbox now support some mobile devices, but that still leaves the problem — or complications — of whether your data should be archived in the cloud or locally.

Seeing an opportunity, hard-drive manufacturers are now providing yet another option: local-cloud storage. Although that might sound like an oxymoron, these devices — such as Western Digital’s new My Cloud — seem to provide the ultimate solution. They offer network, USB, Wi-Fi, and Internet access, all in one small and relatively inexpensive box.

I’ll review the WD My Cloud below, but first, a bit more on the state of cloud services.

Cloud data: Competition based on integrated apps

A Wikipedia comparison chart identifies more than 55 cloud storage sites — and that number is undoubtedly growing. For consumers, this plethora of online storage can be difficult to sort through. Each site tries to differentiate itself from the pack by touting its value-added services, larger amounts of free storage, improved connectivity speed, or support for cellphones and tablets.

Some cloud services — namely Google Drive and Microsoft’s SkyDrive — focus on integration with business applications and remote document collaboration. Other sites are primarily used for backup, file and photo sharing, and/or digital storage lockers for mobile devices with limited storage capacities. (Most users of a 16GB iPhone soon wish they had more storage.)

One cloud-storage service that seems to have taken the kitchen-sink approach is Box (site), whose subscribers include Fortune 500 corporations, small businesses, and individuals.

Box integrates dozens of apps — project management, accounting, you name it (see Figure 1) — on sundry platforms: Windows, Mac, Android, iOS, BlackBerry, etc.

Figure 1. Box offers a broad selection of apps for mobile devices and productivity software.

My go-to app is the free Box Edit, which lets me work with content located on Box by using programs residing on my computer — all without leaving my browser. Box also hosts a network of partner developers to further enhance what could have been just another backup and file-synching service.

The true cost of online storage — transfer speeds: Cloud storage might be more secure from hardware failure and unforeseen disasters than local storage, but it has one very significant Achilles’ heel: the arbitrary, comparatively glacial file-transfer speeds over the Internet.

Transfer speeds are, of course, dependent on variables such as the bandwidth of your Internet connection, the current workload of the cloud server you’re connected to, the local device you’re working on, the size and number of files being moved or synched, and so on. Backing up your PC to the cloud is convenient and safe, but doing a full restore can take days.

Still, cloud storage is no passing fad. According to an IHS press release (reprinted by Bloomberg), services such as Dropbox and Google Drive will double their subscription base from 625 million this year to 1.3 billion in 2017. With much of our data in the cloud, what happens if, for one reason or another, you can’t connect to your provider’s server to retrieve your documents or photos? Or when accessing needed files just takes too long?

Store data to the cloud — in your house

Combining the connectivity advantages of the cloud with the access speeds of local storage is the concept behind Western Digital’s just-released My Cloud external drive (more info; see Figure 2). An external hard drive with storage capacities of 2TB, 3TB, and 4TB, the device provides connectivity to multiple computers and mobile devices — and it can be accessed from anywhere you have an Internet connection. It’s effectively a cloud server sitting on your desk.

That’s such an interesting idea, I took the 2TB My Cloud for a test run — and was impressed.

Figure 2. Western Digital's My Cloud combines LAN, Wi-Fi, USB3.0 — and Internet connectivity.

The initial setup took maybe two minutes. You start by attaching the My Cloud box to a router (Ethernet cable included) and plug in the AC power adapter, as directed by the thin, comic book–style instructions. You’re then directed to download the drive’s setup and desktop-management software from a Western Digital site. Or you can connect to the drive’s onboard management tools via a browser (as you do with routers).

The PC-based My Cloud app was equally easy except for one gotcha: it requires Java — an application known for its potential security vulnerabilities, as Firefox 24.0, Chrome 30.0, and IE 9 so urgently warned me. Fortunately, the My Cloud apps for iOS and Android mobile devices don’t need Java and worked just fine without it.

Figure 3. My Cloud warns users of possible security alerts when using its setup/management software on PCs.

Figure 4. Windows' warning that the Java-based My Cloud software could be a security risk

The time needed to learn My Cloud’s tools is kept to a minimum with judicious use of popup screens that briefly describe the function of each button and icon.

Flexible file management: In Windows Explorer, the My Cloud drive appears under Networks; you drag and drop files and folders in and out, just as you do with any other storage device. However, now all files on My Cloud are available to almost any other device via Wi-Fi or the Internet — even when local desktop PCs are powered off. I can, for example, send a batch of iPhone photos to the My Cloud drive via Western Digital’s iOS app or via an Android app.

Because this “cloud” is local and directly attached to my home network, I can make it as secure as I need to. I can set up user accounts with passwords to allow others to access specific folders and files. I can also transfer files from the My Cloud box to true cloud-storage services such as Dropbox. All these capabilities are handed through the simple My Cloud management dashboard, shown in Figure 5.

Figure 5. The My Cloud dashboard gives drive statistics and lets you configure security, sharing, Internet access, user accounts, and more.

Excellent connectivity: The My Cloud box has gigabit Ethernet and a dual-core processor to enhance transfer speeds. It seems to work: when I simultaneously streamed the movie Mamma Mia from the drive to my iPad and my Nexus 7, the movie played without a hiccup on both.

A USB 3.0 port lets you connect other devices, such as digital cameras, directly to My Cloud. You can also use it to expand My Cloud’s capacity by connecting another external hard drive. The My Cloud SafePoint tool lets you copy a snapshot of your data to another external drive.

Given its cost, My Cloud is an ingenious solution that frees me from monthly fees, bandwidth limitations, and the remote possibility of cyber attacks (or government intrusion) on my data stored on someone else’s remote server. (A hacker might gain access to the My Cloud drive, but only with access to the password you set up. That’s another reason to make sure you have strong passwords.) And I no longer worry that my cloud-based accounts might be offline for a few minutes, hours, or even days. The price of the My Cloud drive is U.S. $150 for 2TB, $180 for 3TB, and $250 for 4TB.

Other ways to expand storage on mobile devices

It’s a bit ironic that the portable devices we depend on have the least amount of storage capacity. Most smartphones and tablets come with 16GB to 64GB of memory, but you’re left with significantly less when you subtract space needed for the OS and applications. Unfortunately, we tend to immediately load them up with the most space-gobbling types of data: videos, music, and photos.

Even though devices such as Western Digital’s My Cloud are one solution, there are other approaches to solving the limited capacity of mobile devices. For example, here’s a trio of portable streaming systems, all with built-in Wi-Fi capable of streaming to multiple users simultaneously.

Seagate offers its compact, portable, $175 Wireless Plus (info; see Figure 6), a 1TB external hard drive that includes a USB 3.0 port and integrated Wi-Fi. You can quickly load it up via the USB port with movies, e-books, photos, etc. and then stream them to smartphones, tablets, laptops, and some TVs via Wi-Fi — without a power adapter or PC attached. The drive weighs just nine ounces and is has a reported 10-hour battery life.

Figure 6. Seagate's Wireless Plus sets up its own mini-Wi-Fi network.
Verbatim uses different means to the same end with its $70 MediaShare Wireless (site; see Figure 7). This 4.3-ounce gadget has no onboard storage — it simply streams media via its built-in Wi-Fi. With a single USB 2.0 port and an SD-card slot, it attaches to external hard drives, flash drives, cameras, and other devices and streams their data. In other words, unlike the Seagate Wireless Plus, you are not restricted to streaming from just one drive. Apps for iOS and Android devices handle file management and streaming chores.

Figure 7. The Verbatim MediaShare Wireless (the black box on the left) gives wireless-streaming capabilities to USB devices.
Sanho Corp.’s $100 iUSBport Mini (site; see Figure 8) operates on the same principle as Verbatim’s MediaShare Wireless but takes a more travel-ready tack. Weighing under two ounces and about the size of a Tic-Tac box, the iUSBport Mini includes a USB 2.0 port, MicroSD card slot, and built-in wireless.

It’s reportedly capable of streaming up to three simultaneous 1080p HD movies, music, or photos to three different devices. It can also handle two-way file transfers with up to eight users. Alas, its mini-battery lasts only up to three hours — but it does recharge itself via any USB port.

The gadget can connect with Android and iOS devices through dedicated apps or via browsers.

Figure 8. The tiny iUSBport Mini gives USB devices and mini-SD cards Wi-Fi connectivity.

None of these devices is a threat to cloud-storage services. But they do offer new and interesting ways of accessing and storing our rapidly expanding glut of data.

Table of contents

Microsoft finally releases a much-needed patch for a zero-day threat to Internet Explorer.

If it weren’t for problems with .NET Framework and Windows kernel updates, October’s Patch Tuesday would be relatively uneventful.

MS13-080 (2879017)

Microsoft finally patches a zero-day threat

On Sept. 17, Microsoft released Security Advisory 2887505, which warned of an unpatched memory-corruption vulnerability in IE. As detailed in an Oct. 1 Threatpost blog, a relatively small number of attack campaigns have been launched against Asian sites. Security researchers thought that Microsoft might release an out-of-cycle fix, but instead the company released KB 2879017 on the usual Patch Tuesday schedule — about three weeks after the vulnerability was publicly announced.

As reported in the Sept. 19 Patch Watch update, Microsoft did post a temporary fixit with Security Advisory 2887505. If you installed the fixit, you don’t have to uninstall it before adding KB 2879017 — the official patch.

The update is rated critical for all supported desktop versions of Internet Explorer — including IE 11 in Windows 8.1. Along with the vulnerability reported in the Sept. 17 MS Security Advisory, the update covers nine related vulnerabilities, including one or more that were exclusive to Korean- and Japanese-language versions of Windows XP.

What to do: Install KB 2879017 (MS13-080) as soon as offered.

Adobe Flash and Acrobat housekeeping

Typically, we see Adobe Flash security updates on Patch Tuesday. But Release 11.9.900.117 includes only performance fixes, so there’s no reason to update immediately. When you do, get it from its Adobe download page. Some third-party sites have bogus Flash download links that are malicious. And watch out for the potentially unwanted application offers, such as Chrome, that are included with the Flash installer.

On the other hand, Patch Tuesday updates to Adobe Reader and Acrobat are security-related, as reported in an Oct. 8 Adobe Security bulletin. Note: If you have an Adobe account, be sure to change your password. As has been widely reported, the company recently suffered a staggering breach of its network that could compromise customer information. For more, see Adobe’s Customer Security alert and a KrebsOnSecurity post. (Brian Krebs alerted Adobe to the break-in.)

What to do: The update to Flash is optional; the patches to Reader and Acrobat are not.

MS13-081 (2870008)

Windows kernel patches affect USB drivers

As regular Patch Watch readers know, I’m always cautious about installing Windows kernel updates. (I discussed in detail the reasons why in the Oct. 3 On Security story, “The kernel: Delving into Windows’ core.”)

This Patch Tuesday includes multiple kernel updates that impact all current versions of Windows — from XP to Windows 8. Windows 8.1 is not affected. The updates are rated either important or critical, depending on the particular patch.

The patches in MS13-81 primarily fix vulnerabilities in Windows’ handling of OpenType and TrueType fonts, but they also affect Windows’ USB drivers. That makes it especially important to wait on this update, so we can see whether there are any unwanted side effects.

On Windows XP, expect the following updates:

2847311
2862335
2883150

Windows XP users might also see:

2862330
2868038
2884256

On Vista and Windows 7, expect to see:

2847311
2855844
2862330
2862335
2864202
2868038
2876284
2883150
2884256

Windows 8 systems should see:

2847311
2862330
2862335
2863725
2864202
2868038
2883150
2884256

There are already documented issues with these updates — such as “After you install security update 2868038, your audio playback device may be reset to use the system speaker.” And according to Microsoft Community posts, KB 2862330 fails to install on some systems. It would not be surprising if other problems cropped up.

What to do: To be safe, hold back on installing all kernel updates in MS13-081 until the end of the month.

MS13-083 (2864058)

Common Control library a risk to Web servers

KB 2864058 is especially important to server admins running ASP.NET applications. (ASP.NET [more info] is used to produce dynamic Web pages.) But workstations, too, might have ASP.NET-based apps installed — unbeknownst to their users. For that reason, this critical update impacts most versions of Windows. The exceptions are Windows XP SP3 and Windows 8.1.

The patch fixes a vulnerability in the way Windows’ Common Control library (comctl32.dll; more info) allocates memory. Using this exploit, Windows users can become infected if they open a malicious RTF file with Word or WordPad.

What to do: Attacks using this vulnerability could be seen soon. Install KB 2864058 (MS13-083) when offered.

MS13-082 (2878890)

A lengthy round of .NET Framework updates

By now, you should know the drill with .NET updates: wait to see whether there are any problematic side effects.

I’ve already run across a detection problem on Windows XP. After I installed KBs 2858302, 2861188, 2861697, 2861189, and 2863239 and then rebooted, a very old .NET 3.5 SP1 update — KB 951847 — appeared in Windows Update. (I opened a support case with MS, so the issue might already have been resolved by the time you read this.)

That’s just one example of why it’s better to delay installing .NET updates. These patches are rated either important or critical, depending on the version of Windows.

Windows XP systems might see:

2858302 for .NET 4
2861188 for .NET 4
2861189 for .NET 3.0
2861697 for .NET 3.5 SP1
2863239 for .NET 2.0

Vista systems might see:

2858302 for .NET 4
2861188 for .NET 4
2861190 for .NET 3.5
2861193 for .NET 4.5
2861208 for .NET 4.5
2861697 for .NET 4
2863253 for .NET 2.0

Windows 7 systems might see:

2858302 for .NET 4
2861191 for .NET 3.5.1
2861698 for .NET 3.5.1
2861208 for .NET 4.5
2863240 for .NET 3.5.1

What to do: Pass on the updates in MS13-082 for now.

MS13-085 (2885080)

Excel vulnerable to malicious Office files

MS13-085 includes numerous updates for Excel. The patches fix two vulnerabilities in Excel, Versions 2007 through 2013, as well as Excel Viewer, the Office Compatibility Pack, and Office for Mac 2011 (KB 2889496).

As is common with Office updates, you might see updates for multiple versions of Excel, such as Versions 2007 and 2010. Because the various versions have common code, you need to install all updates offered.

Look for the following:

2760585 for Office 2007 SP3
2760591 for Office 2007 SP3
2817623 for Office 2013
2826023 for Office 2010 SP1
2826033 for Excel 2010 SP1
2826035 for Office 2010 SP1
2827238 for Excel 2013
2827324 for Excel 2007 SP3
2827326 for Office Compatibility Pack SP3
2827328 for Excel Viewer

What to do: Install any of the above Excel patches offered in Windows Update. See MS13-085 for more information and links to individual patch downloads. There might be attacks using these vulnerabilities relatively soon. As a general rule, it’s good practice to never open email attachments from unknown senders — and, in some cases, from senders you do know.

MS13-086 (2826020, 2827329, 2827330)

Fixing a memory-corruption exploit in Word

A newly revealed flaw in Word 2003, Word 2007, and Office Compatibility Pack SP3 could allow an attacker to take control of a PC via a malicious Word document. The updates in MS13-086 are rated important: as with the Excel updates, you might see offerings for versions of Word you don’t have installed. Install them anyway.

What to do: Install KBs 2826020, 2827329, and/or 2827330 (MS13-086) when offered.

MS13-087 (2890788)

Information disclosure in Silverlight

The last workstation security update is for Silverlight 5 (to Version 5.1.20913.0) — Microsoft’s Flash alternative. KB 2890788 is rated important and fixes a threat of user-information disclosure if the user visits a malicious website.

However, this vulnerability could be used as part of a multistage attack which could give the attacker access to system memory addresses and contents.

What to do: Install KB 2890788 (MS13-087) when offered.

MS13-084 (2885089)

Important update for Microsoft SharePoint

Two vulnerabilities in Microsoft’s shared webfile-storage platform could allow attacks via malicious Office files. The patches in MS13-084 impact SharePoint Servers 2007, 2010, and 2013. They apply to server software, SharePoint Services, and MS Web Applications.

For admins running Small Business Server 2008, see my blog post on a potential detection problem with KB 2596741. This problem is still under investigation.

What to do: Server admins should install the updates, rated important, in MS13-084 when they can.

2852386

A gem hidden in a pile of nonsecurity updates

As usual, Microsoft is offering numerous nonsecurity updates in October’s Patch Tuesday release, as listed in a Microsoft Office Sustained Engineering blog.

When you’re done installing the latest security patches, you’ll want to take a look at one nonsecurity update. KB 2852386 adds the ability to delete outdated Windows updates in Windows 7. An Ask Premier Field Engineering Platforms blog post has more info.

And look for an upcoming Windows Secrets article on keeping Windows 7 machines in tip-top shape.

Microsoft is also preparing Windows 7 for Internet Explorer 11 with KB 2882822 and KB 2888049. Given our history with IE 10 for Win7, I recommend skipping these two updates until I revisit them.

What to do: With the exception of KB 2852386, delay installing all nonsecurity updates for at least a couple of weeks.

Regularly updated problem-patch chart

This table provides the status of recent Windows and Microsoft application security updates. Patches listed below as safe to install will typically be removed from the table about a month after they appear. For Microsoft’s list of recently released patches, go to the MS Security TechCenter page.

See our “Windows Secrets master Patch Watch chart” post for a more extensive list of recent updates.

Patch	Released	Description	Status
2813430	06-11	SSL-certification hardening; optional for admins	Skip
2817630	09-10	Outlook 2013 update	Skip
2870008	10-08	Windows kernel-mode drivers; see MS13-081 for complete list	Wait
2878890	10-08	.NET Framework; see MS13-082 for complete list	Wait
2885089	10-08	MS SharePoint Server; see MS13-084 for complete list	Wait
2687455	07-23	Office 2010 SP2	Optional
2756473	09-10	Outlook preview-pane issue	Install
2794707	09-10	Outlook 2010	Install
2825621	09-10	FrontPage 2003 SP3	Install
2825999	09-10	Outlook 2007 SP3	Install
2834052	09-10	SharePoint Server; see MS13-067 for complete list	Install
2845537	09-10	MS Word; see MS13-072 for complete list	Install
2848637	09-10	Access; see MS13-074 for complete list	Install
2853587	09-10	Active Directory	Install
2858300	09-10	Excel; see MS13-073 for complete list	Install
2864063	09-10	Windows Theme File	Install
2870699	09-10	Internet Explorer cumulative update	Install
2872339	09-10	Windows Service Control Manager	Install
2876217	09-10	Object Linking and Embedding for Visio files	Install
2876315	09-10	Kernel-mode driver	Install
2864058	10-08	Windows Common Control library	Install
2879017	10-08	Internet Explorer cumulative update	Install
2885080	10-08	MS Excel; see MS13-085 for complete list	Install
2885084	10-08	MS Word; KBs 2826020, 2827329, and 2827330	Install
2890788	10-08	Silverlight	Install

Status recommendations: Skip — patch not needed; Hold — do not install until its problems are resolved; Wait — hold off temporarily while the patch is tested; Optional — not critical, use if wanted; Install — OK to apply.

Table of contents

Publisher: AskWoody LLC (woody@askwoody.com); editor: Tracey Capen (editor@askwoody.com).

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody, Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody LLC. All other marks are the trademarks or service marks of their respective owners.

Your email subscription:

Subscription help: customersupport@askwoody.com

Plus Membership

Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.

AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.

Welcome to our unique respite from the madness.

It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

Creating customized recovery images for Win8

Plus Membership

Search Newsletters

Search Forums

View the Forum

Search for Topics

Recent Topics

Recent blog posts

My Profile

Key Links

Remembering Woody

Creating customized recovery images for Win8

In this issue