newsletter banner

ISSUE 19.07.F • 2022-02-14

In this issue

PATCH WATCH: A sweetheart of a patching month

FROM THE FORUMS: Our world is not very S.M.A.R.T. about SSDs

Additional articles in the PLUS issue

LANGALIST: New to “remote desktops?” Start here!

MICROSOFT 365: Saving money on your Microsoft 365 subscription

FREEWARE SPOTLIGHT: TrafficMonitor — Breaking The Language Barrier

Become a Plus Member today!
Get MS-DEFCON Text Alerts! Gift Certificates now available!

ADVERTISEMENT
FreshBooks

Invoice and Accounting Software for Small Businesses

The best cloud based small business accounting software. Send invoices, track time, manage receipts, expenses, and accept credit cards.

Free 30-day trial!


PATCH WATCH

A sweetheart of a patching month

Susan Bradley

By Susan Bradley

Is Microsoft trying to win back our love?

Microsoft may be giving us a Valentine’s Day patching reprieve: this month, we have no critical bugs being patched. Everyone, from home users to small-business users to large enterprises, can take a bit of a breather.

The Windows Update releases this month include 70 vulnerabilities, none of which has any known exploits. For businesses, there are no Exchange patches to worry about. I therefore consider this a bit of a “cleanup” month, especially for anyone who skipped the January updates that caused so many side effects and concerns.

Updates to .NET include security updates for 5.0.211, 5.0.405, and 6.0.102 — but not for older releases such as 4.8 and other earlier versions. However, you may still see these versions offered to your systems.

Skipped over January?

So far, the early reports are good that this month’s updates don’t have major side effects. In addition, they include the out-of-band fixes released at the end of January. If you opted to skip over January’s releases, it looks like February will be a much quieter month in terms of side effects.

Patching recommendations for consumer and home users

So far, I’m not seeing any major side effects for consumer patchers, but I still recommend that you keep updates paused. Although I haven’t seen any side effects with printing, there is — once again — a print spooler vulnerability being patched.

For anyone asking why print-spooler vulnerabilities are still being patched, it’s because this is old code that many security experts say should be completely rebuilt from scratch to truly get rid of the bugs. Unfortunately, printing is typically done by legacy systems. No one would want to throw out a perfectly working printer just to get new code for drivers or printer apps. It would be too disruptive.

The patches this month fix an elevation-of-privilege attack. Once again, the attacker would first need to gain access to your computer before being able to exploit a vulnerability. Nonetheless, it is always wise to be extra careful and paranoid when surfing and clicking.

Browser updating

One of the items I do want you to update as soon as possible is your Web browser. Ensure that it is updating independently of your operating system. Chrome 98.0.4758.80/81/82 for Windows and 98.0.4758.80 for Mac and Linux were recently released. Firefox also released a new version on February 8, fixing several security issues. Firefox now supports and displays the new style of scrollbars on Windows 11. For macOS, Firefox has improvements to system font loading that are designed to make opening and switching to new tabs faster on certain sites.

If you are running a Chromebook, you’ll be receiving an update, on the stable channel to the 98.0.4758.91 version. Ironically enough, the 98.0.4758.91 release includes a security fix for printing as well. Clearly, printing-security vulnerabilities continue to impact all platforms. Make sure that you keep Edge browser up to date, even if you don’t use it on your desktop.

Otherwise, I recommend pausing updates until we are sure there are no major issues.

Patching recommendations for business users

For those of you in business who are looking for a recap of side effects acknowledged by Microsoft, be aware that Microsoft publishes a dashboard listing all the supported operating systems and known issues. Note that this dashboard does not include items under investigation or items that aren’t widespread, but it is an important resource for learning about the problems that Microsoft acknowledges.

For those of you using Microsoft Access, be aware that there is a recently introduced bug that prevents Access from closing and leaves the lock file active, which may lead to errors even before shutting down Access. The issue is triggered by running VBA code that references Access objects. As noted in this Office support page, you need to “Enable Content” every time you open the database, or place the database into a trusted location. (See Microsoft’s article Decide whether to trust a database.) This has been fixed in the 2201 version.

Hyper-V side effects fixed

One of the most detrimental side effects in the January updates was a bug that caused Hyper-V virtual machines not to boot after the January updates were installed. This was fixed in a late-January out-of-band release. Fortunately, this fix is now included in the February security-only updates. See KB5010395.

Active directory issues fixed by out-of-band .NET

In a domain that depends on Microsoft Active directory, you can trust, or have private relationships with, another domain. This is called a “forest trust” and is typically seen in a large firm. Many apps built with .NET use the framework to acquire or set Active Directory Forest Trust information.

A bug causes this process to fail, to close the app, or to generate an error from the app or from Windows. The fix for this must be manually installed and is dependent on which version of Windows Server you have running. You can review the list of impacted Server operating systems and the .NET versions you will need to manually download and install.

Windows 11 still a work in progress

Every month, Microsoft keeps tweaking and fixing Windows 11, and this month is no exception. Even though it hasn’t put back thumbnails or moved the start menu to the left by default, you can find out what has been done by reading through the transcript of a video discussing all the things fixed this month.

As Microsoft states in the text:

As part of our ongoing work to make taskbar improvements, we updated an issue that affects the auto-hide feature of the taskbar, which might prevent the taskbar from reliably appearing when you hover over the primary or secondary display. We updated an issue that might display icons for apps that you’ve closed as if the apps are still running. We updated an issue that makes the volume icon on the taskbar appear as if it’s muted even though it’s not. And we updated an issue that might prevent icons from appearing on the taskbar of a secondary display.

It’s no wonder that most businesses are still saying that they are going to wait at least six months to a year before deploying Windows 11. If your machines are managed by Intune, they will not be offered Windows 11. But if your computers are in a peer-to-peer network, are managed by Microsoft Update for their patch needs, and qualify for Windows 11, you will see it offered.

Many people have reported to me that Windows 11 had been installed, even though they had not explicitly granted permission to Microsoft to do so. I recommend that you use either the Registry key or group policy method to proactively block Windows 11 if you are not controlling your machines with Windows Software Update Services or Intune.

Sneak peek! In our 2022 reader survey, 25% of those currently running Windows 10 said they would upgrade to Windows 11 in 2022!

References

MS-DEFCON 2

Talk Bubbles Join the conversation! Your questions, comments, and feedback
about this topic are always welcome in our forums!

Susan Bradley is the publisher of the AskWoody newsletters.


FROM THE FORUMS

Our world is not very S.M.A.R.T. about SSDs

Talk Bubbles

Ben Myers’ article in last week’s newsletter prompted a lively discussion in the forums. Many readers chimed in with their own experiences and advice. Ben participated actively, both to answer reader questions and to add some points not covered in the article. It’s worth a look.

If you missed it, jump into the archives to read Hard drives — still pretty S.M.A.R.T. (AskWoody 2021-12-27), Ben’s opener in this two-part series.

Do you have a story about SSDs? Join the conversation!


ADVERTISEMENT
10% Off Printer Ink & Toner (excludes OEMs)

Stories in this week’s AskWoody Plus Newsletter
Become a Plus member today!

LANGALIST

Fred Langa

New to “remote desktops?” Start here!

By Fred Langa

Previous columns discussed several remote desktops — software that lets you access and use a distant PC just as if you were sitting at its keyboard.

Google’s Chrome Remote Desktop was the main focus because it’s much easier to configure and use than Windows’ built-in Remote Desktop Connection. However, if you’ve never used any remote-access tool before, some of the concepts and set-up steps may seem confusing at first.

So, here’s additional information and a step-by-step guide to get you up and running with Chrome Remote Desktop!

MICROSOFT 365

Peter Deegan

Saving money on your Microsoft 365 subscription

By Peter Deegan

Using the tips in this article, you can pay less for new subscriptions and renewals.

Let’s start with Microsoft’s official, full prices for the two main consumer plans for Microsoft 365. Both have the same features for a different number of separate users.

FREEWARE SPOTLIGHT

Deanna McElveen

TrafficMonitor — Breaking The Language Barrier

By Deanna McElveen

Sipping coffee and browsing the latest GitHub projects with Google Translate.

That’s my idea of fun on any given morning or evening. If I did my searching with my American blinders on, I would miss 80% of the great, open-source software the world’s developers have to offer.

I happened to stumble across a talented Chinese developer, who goes by the GitHub handle of “zhongyang219,” and the open source project TrafficMonitor. It’s a small applet that runs in the System Tray and displays your current network transfer speed plus CPU and memory usage.

You’re welcome to share! Do you know someone who would benefit from the information in this newsletter? Feel free to forward it to them. And encourage them to subscribe via our online signup form — it’s completely free!


RoboForm box

Enjoying the AskWoody newsletter?

Become a PLUS member and get it all!

Don’t miss any of our great content about Windows, Microsoft, Office, 365, PCs, hardware, software, privacy, security, safety, useful and safe freeware, and Susan Bradley’s popular and sought-after patch advice. PLUS, these exclusive benefits:

  • Every article, delivered to your inbox
  • MS-DEFCON Alerts, delivered to your inbox
  • Access to MS-DEFCON text alerts delivered to your phone
  • Total access to the archive of nearly two decades of newsletters
  • No ads
  • Identification as a Plus member in our popular forums

We’re supported by donations — choose any amount for a one-year membership.

Join Today button


The AskWoody Newsletters are published by AskWoody Tech LLC, Fresno, CA USA.

Your subscription:

Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody, AskWoody.com, Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody Tech LLC. All other marks are the trademarks or service marks of their respective owners.

Copyright ©2022 AskWoody Tech LLC. All rights reserved.