Help: FreeNewsletter@askwoody.com

ADVERTISEMENT

WinX Media Management Bundle 80% Off Cyber Monday Deal + Win Amazon Card How could a video enthusiast lack such handy and almighty multimedia tools? DVD ripper: rip DVD to MP4 in 5 minutes, flawlessly Video converter: convert/download/edit/resize videos DVD copy pro: 1:1 clone DVD to DVD/ISO/VIDEO_TS MediaTrans: Transfer media files between iPhone & PC 5KPlayer: play, AirPlay & DLNA stream video/music on PC Get the almighty bundle with the lowest price ($39.95 Only). Don’t let go of this once-a-year chance!

FROM THE EDITOR

We hope everyone in the U.S. had a safe and enjoyable Thanksgiving holiday. This AskWoody Free Newsletter is smaller than usual, due to the holiday. And our twice-monthly Patch Watch column is normally delivered only to paid subscribers. But here’s a small gift to all readers of the free edition.

Thanks for your interest in AskWoody. The site and Plus newsletter are completely donor funded. We encourage you to become a Plus member by contributing what you can.

PATCH WATCH

By Susan Bradley

By now, you should be getting over the side effects of too much turkey and pie.

Getting over some Windows upgrading issues might not be as easy.

It appears that there’s a sizable number of Win10 1909 users who are blocked from moving up to Versions 2004 or 20H2. Last week, I discussed one blocker: Conexant audio drivers. We still don’t have information on when or how this issue will be resolved.

Some 1909 users are taking a more assertive approach: disabling the Conexant drivers and forcing the upgrade, a process that installs Windows’ generic audio drivers. The downside? You’ll have audio but will lose any of the enhanced sound features included in the Conexant software.

For now, the best bet is to be patient and wait for a formal fix. For most Windows users, there’s no compelling need to migrate up from Version 1909.

Some of these Win10 2004/20H2 blocks get exceptionally specific. For example, Microsoft’s list of known issues for its latest Win10 releases notes possible stop errors when plugging in external, Thunderbolt-connected NVMe solid-state drives. The fault could result in a blue screen and the error message “DRIVER_VERIFIER_DMA_VIOLATION (e6) An illegal DMA operation was attempted by a driver being verified.” Afflicted Win10 devices are those with at least one Thunderbolt port and a current version of the stornvme.sys driver file.

Some faults are more annoying than dangerous. For example, a few systems, newly upgraded to 20H2, constantly issue “ESENT Warning Event ID 642” warnings in application event logs. So far, the only documentation for this issue is a cryptic note in a Windows Insider Blog post that states, “Based on feedback, we’re turning off ESENT Warning Event ID 642.”

The warnings refer to the Extensible Storage Engine (ESE) service and its related ESENT.DLL, included in all releases of Windows since Version 2000. ESE is used by a number of Windows components such as Windows Update and various applications. Again, the Event 642 entries show up in application event logs (Figure 1), and the issue first occurred in Win10 2004. I don’t consider this a true error. However, this event log “chattiness” is impacting performance on some PCs.

Figure 1. Application event log with repeated ESENT warnings

This might sound like a silly question. Surely, most third-party anti-malware tools are automatically updated? Yes, they are — for the release of Win10 you’re currently running. That doesn’t mean they’ll automatically support a newer version of Windows immediately after an upgrade.

Here’s proof: There are reports in the Microsoft Community forum of system freezes after migrating to 2004 or 20H2. My advice: If you’re running into issues after an upgrade, and you’re using a non-Microsoft AV product, remove the third-party app and use the built-in Windows Defender for a while. (You might find that it’s all you need.)

If the problems disappear, and you still want another brand of AV utility, try a fresh copy. Sometimes a quick AV uninstall/re-install is an easy cure for a balky PC.

That trick applies to other software as well. After a major upgrade, check that all installed apps and drivers are fully up to date.

I’ve said this before, but it bears repeating: I’m not convinced microcode updates are needed on consumer/home computers. As I reported in the previous Patch Watch, the November microcode patches target versions of Intel Avoton, Sandy Bridge, and Valley View/Baytrail processors. If your system has one of these CPUs, Windows Update should detect it and offer one of the updates listed below in the Windows 10 patch list section.

In the past, Microsoft has released microcode updates to block various security threats such as Spectre 1, 2, 3, 3a, 4; L1TF; MDS; and Retpoline. But I ended up uninstalling those patches because they slowed down my machines. This time around (November), none of my current systems has the targeted chipsets, so I didn’t see any microcode fixes in Windows Update. If I had, I would’ve hidden or uninstalled them.

I think a better plan is to look for BIOS updates on your PC’s support site. Years ago, BIOS updating was a bit scary. But in recent years, I’ve found the process to be relatively easy and problem-free.

On November 19, Microsoft released preview updates for Windows 10 and .NET Framework. It also posted the notification: “Important: Because of minimal operations during the holidays and the upcoming Western new year, there won’t be a preview release (known as a “C” release) for the month of December 2020.”

Windows 10 preview updates include:

.NET Framework preview updates:

Along with the previews, Microsoft released a batch of special patches that won’t show up in Windows update. They’re primarily for domain controllers and are designed to fix Kerberos issues.

November’s .NET Framework updates did not include any new security fixes. But if you accidentally installed any of the following, don’t worry; I haven’t run across any side effects.

Here’s the recap of this month’s patches. See my cumulative account of patches on the AskWoody Master Patch List page.)

What to do: Ensure you’ve backed up your system and then install the following updates. Most of the outstanding problems with Versions 20H2 and 2004 have reasonable workarounds or are of interest to IT pros managing back-end services.

Reminder! Win10 1703 is no longer supported. So there are, and will be, no new patches for this version.

Servicing-stack updates

(There are no servicing-stack updates this month for Versions 1803, 1709, or 1607.)

Cumulative updates

Intel Microcode updates

(There are no November servicing-stack updates.)

The November CtR updates include:

(Some CtR Office users defer updates by temporarily disabling the updating process.)

November’s security updates patch one or more remote code execution vulnerabilities.

Office 2016

Office 2013 SP1

Office 2010 SP2

Office non-security enhancements and fixes

Office 2016

Office 2013 SP1

Office 2010 SP1

As always, be safe.

In real life, Susan Bradley is a Microsoft Security MVP and IT wrangler at a California accounting firm, where she manages a fleet of servers, virtual machines, workstations, iPhones, and other digital devices. She also does forensic investigations of computer systems for the firm.

Best of the Lounge

As more and more of our data moves into the cloud, many users rightly wonder just who has access to that information.

When Lounger doriel‘s company moved to Microsoft’s cloud-centric suite, malicious emails became rampant. What better place to cry foul than the AskWoody forum? Members offered their theories on privacy in a Microsoft world — and also provided some practical tips.

If you’re not already a Lounge member, use the quick registration form to sign up for free.

You’re welcome to share! Do you know someone who would benefit from the information in this newsletter? Feel free to forward it to them. And encourage them to subscribe via our online signup form — it's completely free!