newsletter banner

ISSUE 20.42.F • 2023-10-16 • Text Alerts!Gift Certificates
You’re reading the FREE newsletter

Susan Bradley

You’ll immediately gain access to the longer, better version of the newsletter when you make a donation and become a Plus Member. You’ll receive all the articles shown in the table of contents below, plus access to all our premium content for the next 12 months. And you’ll have access to our complete newsletter archive!

Upgrade to Plus membership today and enjoy all the Plus benefits!

In this issue

PATCH WATCH: Copilot is here, sort of

Additional articles in the PLUS issue

PUBLIC DEFENDER: Can Microsoft Advertising just keep your money?

LEGAL BRIEF: Tax simplification

WINDOWS: Apps vs. applications

We help teams move faster

The first project management platform built for users by users.


Copilot is here, sort of

Susan Bradley

By Susan Bradley

The October security updates include Copilot.

As I have alerted you before, if you have Windows 11 22H2 and live in North America or certain South American and Asian countries, Microsoft will be “dribbling” the “Chat for the operating system” update.

Never fear — you can disable this “feature.” I didn’t say remove or block, but rather disable.

In the European Union (EU), Copilot for Windows will probably be installed — but you won’t have the shortcut to it enabled, due to some EU digital rules. Expect Microsoft to make the changes necessary to bring it into compliance, at which point it will be enabled.

I’ve documented several ways to remove the short cut from your systems, but be aware that until you actually install the patch, the Group Policy option may not be available in your version of Windows 11 22H2. You may want to opt to use the registry key method, even if you have Windows 11 Pro. In the meantime, I urge you to check out the Windows Insider Webcast, which goes into details of Windows Copilot.

For those of you with Windows 11 21H2 still installed on your Home and Pro versions, remember this is the last patching that platform will see. (Windows 11 21H2 Enterprise and Education editions are supported to October 8, 2024.) Because 23H2 is right around the corner, use InControl to keep yourself on 22H2.

And, as I’ve also mentioned before, remember that Copilot will not be delivered to Windows 10.

Microsoft has issued a mea culpa of sorts regarding the Microsoft Backup application that works only with a consumer-based Microsoft account, because it is being shipped to every version of Windows 10 22H2. It should never have been installed in a network (managed) workstation setting, so the apology indicates that a means for IT pros to uninstall the app is forthcoming. I’m keeping my fingers crossed that the solution will be usable on home machines. We will see.

In the meantime, make sure you are on Windows 10 22H2 all the way until 2025. I am a firm believer that a computer works best on the operating system it was sold with, so if you bought it during the time of the Windows 10 release (and even if it supports Windows 11), move only if you have a need to upgrade to Windows 11. Windows 10 will be very stable and very quiet for the next two years. Enjoy the peace and quiet.

What Outlook do you have?

While Windows has been busy dribbling out Copilot, Microsoft’s Office team has been dribbling out a new Outlook, dubbed “Outlook (new).” Do not confuse this with Windows Mail, Outlook for the Web, or Outlook for the desktop. To say that this is confusing is an understatement. On one of my PCs, I have three icons in my Start menu without knowing exactly which one does what. (See Figure 1.)

Which Outlook?
Figure 1. Which Outlook is which?

The good news is you can Registry key it away. Or, if your version of Office is such that you can opt in to the Semi-Annual Enterprise Channel, you can ensure it stays safely off your machine until January 2024.

Normally, technology sites are about encouraging folks to try Beta or Insider versions and enable new features by using some hidden Registry key. As someone who uses Outlook on my desktop with several specialized COM-based add-ins, I’m wincing at the documentation stating that there are no plans to support COM/VSTO (Visual Studio Tools for Office) add-ins but instead to “enrich the Web Add-in platform.” It remains to be seen how well this goes over with Enterprises who, on a regular basis, have third-party tools that connect in to Outlook.

In a business setting, you can get rid of the button inside the Outlook desktop that allows you to try Outlook (new) by using the registry key method posted to the answers forum. You can also use various tools here to block as well. Note that this does not block the Web shortcut from being deployed. If you have launched Outlook (new), you can still use the old Outlook. Note that if the Microsoft instructions do not work, you can do a repair install of Office, and it will reinstall your desktop version.

Moving forward in the forum: If you have an issue with “Outlook,” don’t be surprised if we ask, “Which one?” Also look forward to Peter Deegan’s take on Outlook (new) two weeks from now.

Patching recommendations for consumer and home users

Perhaps the most interesting patching-related event is that Office released no security updates this month. This doesn’t mean that Microsoft isn’t fixing or removing things. For example, if you have Outlook Desktop starting with Version 2311 Build 16929.15000, you’ll now need to look out the window to check on the weather. Weather is no longer displayed on the Calendar in Outlook.

When Microsoft announces that it is removing a long-standing app such as WordPad, I always wonder why. Is it that that the company recognizes it’s no longer secure and has done a risk analysis? Right after Microsoft announced that WordPad would be deprecated in September, it was patched for a security issue in October. CVE-2023-36563 discloses a vulnerability in which a malicious link could launch WordPad and leak NTLM credentials. I don’t see this as much of a risk in standalone and peer-to-peer networks; but in a business setting, anything that allows attackers to harvest credentials must be taken seriously.

As always, ensure that your browsers are up to date on all devices, including any Linux distro. I am now tracking the DuckDuckGo browser and will report about it in an upcoming newsletter.

I don’t anticipate seeing any major issues in this month’s releases because most of the attacks and patching are targeted to business users. That said, I still don’t recommend updating at this time. Keep your eye on the Master Patch List for updates.

For those of you with a new iPhone 15, install updates as soon as they are offered. Apple is in bug-squashing mode at this time. For older phones, upgrade to version 16.7.1 for both iOS iPad OS.

Patching recommendations for business users

Before getting into the interesting patches of the month, I want to emphasize that this is the last month of updates for Server 2012 and 2012 R2. You can opt for 0Patch or plan on upgrading and migration. See resources at this page on our site.

I’m focusing on Windows, but be aware that our next bug actually impacted other operating systems as well. CVE-2023-44487, a Distributed Denial of Service (DDoS) attack against HTTP/2, impacts Internet Information Services (IIS) in Windows as well as Apache Web servers. Cloudflare has a write-up on the massive denial of service attacks it has seen. Microsoft has specifically recommended one of two registry keys to limit RST_STREAMS per minute, depending on your needs. Bottom line: You must test to see what works for your Web servers or whether you have other mitigations in place. You can even disable the HTTP/2 protocol as per this security guide.

Be aware that the registry keys noted for Server 2022 (KB5031364) are different from what is noted in the KBs for Server 2019 (KB5031361) and Server 2016 (KB5031362). Specifically, the default value of Http2MaxClientResetsPerMinute is 400 on a Server 2022 whereas on 2019 and 2016 the value is 500. In addition, Server 2022 has a new registry key:

  • Http2MaxClientResetsGoaway

Have your Web gurus look over what is best for you.

The only other exploited bug this month is a Skype for Business Server vulnerability, an elevation of privilege attack. Given that many of us no longer run our own Skype for Business servers, this won’t be a huge concern. Of bigger concern to those who are still patching on-premises Exchange servers is yet another Exchange patch, released in October. If you’ve had some performance issues, you’ll want to check out the Exchange blog for more details.

New Teams client in public preview

The new Teams client is currently in preview and will be rolling out as well. If you are using Teams for the Web, you’ll start to see this hit the Chrome/Edge deployments starting in mid-November. You’ll want to review your situation and ensure you are ready for the update for Teams.

If you are using the slower patching channel (my recommendation) for Microsoft 365, and you are on the Semi-Annual Enterprise Channel, “new” teams won’t come to that version until January 2024 and won’t be the default until March 2024.

Message queuing bugs run rampant

There are 20 Message Queuing patches, and a remote unauthenticated attacker could launch code and run attacks accordingly. Therefore, if you have port 1801 open at your perimeter, this could be a wormable attack. But of course, no one has 1801 port open — right? Right? If you are unsure, a quick and easy way to check is to go to ShieldsUP!, click Proceed. Then, in the SheildsUP!! Services section, enter 1801 and click User Specified Custom Port Probe. You should find it stealth or closed.

If you’ve noticed above, we are dealing not only with watching out for security-patch side effects but also the impact of changes to our default applications being rolled out through Microsoft’s beloved dribbles or phased-in process. Change is disruptive and impacts productivity. I’ll be making sure I alert you to upcoming phase-ins as well as the traditional issues caused by patching. As with anything, always make sure you have a plan to roll back from an update — or, these days, from a dribbled change that you or your users don’t want. Being sure you can roll back from any change ensures that you also know how to deal with ransomware’s impact.

When the world turns tense and uncertain, attackers take advantage of circumstances to use the digital weapons at their fingertips. In the recent Microsoft Digital Defense Report 2023, Microsoft noted:

Nation‑state actors were not alone in stepping up their abuse of the digital ecosystem. Well‑resourced cybercriminal syndicates also continue to grow and evolve, leveraging the cybercrime-as-a-service ecosystem we highlighted last year. Ransomware‑as‑a-service and phishing-as-a-service are key threats to businesses and cybercriminals have conducted business email compromise and other cybercrimes, largely undeterred by the increasing commitment of global law enforcement resources.

They go on to point out that the bulk of attacks would be protected with multifactor authentication, along with ensuring that you are up to date on operating system, firmware, and applications. As always, I want you to install updates, but not until the bugs and side effects are identified and understood.



Talk Bubbles Join the conversation! Your questions, comments, and feedback
about this topic are always welcome in our forums!

Susan Bradley is the publisher of the AskWoody newsletters.


Here are the other stories in this week’s Plus Newsletter


Brian Livingston

Can Microsoft Advertising just keep your money?

By Brian Livingston

Scores of legitimate business owners report that they were rejected by Microsoft for “egregious behavior” shortly after applying for an account to advertise in the Bing search engine.

If Microsoft doesn’t want to accept more advertising revenue, well, fine. But the new account holders say Microsoft failed to promptly refund hundreds of dollars that the potential new advertisers had deposited to fund their initial ad buys.


Max Stul Oppenheimver

Tax simplification

By Max Stul Oppenheimer, Esq.

The Inflation Reduction Act gave the U.S. Treasury Department billions of dollars to create a world-class customer experience for taxpayers.

Let’s put aside the question “Do we want a world-class customer experience, or do we deserve something better — maybe an Amazon-class customer experience?” Because I’m not really sure how customer-friendly the typical world tax system is. I mean, half the world’s population is in India and China.

Maybe they’re great — I just don’t know.


Lance Whitney

Apps vs. applications

By Ed Tittel

In Windows 10 and 11, there are two parallel architectures for building executables.

Let’s call the older and more familiar architecture “applications.” It uses traditional, more conventional development tools and frameworks and results in programs that typically run as .exe files.

The newer alternative was introduced with the debut of Windows 8 in 2012 as “Metro-style apps,” using tiles in the Windows Start menu with a variety of executable formats based on what is called .appx technology.

Know anyone who would benefit from this information? Please share!
Forward the email and encourage them to sign up via the online form — our public newsletter is free!

Enjoying the newsletter?

Become a PLUS member and get it all!

RoboForm box

Don’t miss any of our great content about Windows, Microsoft, Office, 365, PCs, hardware, software, privacy, security, safety, useful and safe freeware, important news, analysis, and Susan Bradley’s popular and sought-after patch advice.

PLUS, these exclusive benefits:

  • Every article, delivered to your inbox
  • Four bonus issues per year, with original content
  • MS-DEFCON Alerts, delivered to your inbox
  • MS-DEFCON Alerts available via TEXT message
  • Special Plus Alerts, delivered to your inbox
  • Access to the complete archive of nearly two decades of newsletters
  • Identification as a Plus member in our popular forums
  • No ads

We’re supported by donations — choose any amount of $6 or more for a one-year membership.

Join Today buttonGift Certificate button

The AskWoody Newsletters are published by AskWoody Tech LLC, Fresno, CA USA.

Your subscription:

Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody,, Windows Secrets Newsletter,, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody Tech LLC. All other marks are the trademarks or service marks of their respective owners.

Copyright ©2023 AskWoody Tech LLC. All rights reserved.