Understanding Windows 8’s File History

Understanding Windows 8's File History

File History is a radical departure from all previous Windows backup systems.

Here’s what you need to know about File History: why it’s so different, its requirements, its advanced settings — and some useful tweaks!

The trouble with traditional backups

Until relatively recently, the best backup tools for Windows came from third parties — not Microsoft. But that’s changing. Although Windows XP included a basic backup applet and Vista had a better one, it was not until Windows 7 that Microsoft shipped a complete, built-in backup and recovery system with its desktop operating system. (For more on Win7’s backup system, see the May 12, 2011, Top Story, “Build a complete Windows 7 safety net.”)

And there’s also still a myriad of top-quality, free and commercial, third-party backup tools available.

Unfortunately, a wealth of backup options hasn’t convinced most Windows users to make regular backups. For many, the process is still too much hassle.

Windows 8’s goal: No-effort system backups

For Windows 8, Microsoft rethought the concepts of PC backups and created File History, a highly automated, set-and-forget archiving system. The goal was to make backing up a PC so easy and unobtrusive that most Windows users would actually do it.

Former president of Microsoft’s Windows division Steven Sinofsky described the File History design goals in a July 10, 2012, “Building Windows 8” blog.

“In Windows 8, Microsoft is actively trying to accomplish the following:

1. Make data protection so easy that any Windows user can turn it on and feel confident that their personal files are protected.
2. Eliminate the complexity of setting up and using backup.
3. Turn backup into an automatic, silent service that does the hard work of protecting user files in the background without any user interaction.
4. Offer a very simple, engaging restore experience that makes finding, previewing and restoring versions of personal files much easier.”

In the same blog, Sinofsky describes File History as follows. (I’ve emphasized some key words and phrases.)

“File History is a backup application that continuously protects your personal files stored in Libraries, Desktop, Favorites, and Contacts folders. It periodically (by default every hour) scans the file system for changes and copies changed files to another location. Every time any of your personal files has changed, its copy will be stored on a dedicated, external storage device selected by you. Over time, File History builds a complete history of changes made to any personal file.”

In practice, File History does meet most of Sinofsky’s stated goals: it works, and it’s undeniably easy to use. Its all-but-invisible, automatic backups will be a boon to the majority of users who never before bothered to make backups.

But for those of us who are used to making, saving, and using traditional backups, File History requires some serious re-thinking. For example, as Sinofsky stated, File History processes only the files in “Libraries, Desktop, Favorites, and Contacts.” So unless you tweak it, File History might fail to back up some files that you want archived.

File History also does not write backups to CDs or DVDs; it requires some form of external storage device (such as a USB drive or networked drive) to store its nearly continuous backups.

Those are big changes.

The best way to understand these changes is to see File History in action. In the rest of this article, I’ll walk you through the process of setting up Win8’s File History, including all its optional settings. Along the way, I’ll point out the strengths, weaknesses, gotchas — and suggest a few tweaks!

Required: A separate, secondary hard drive

As mentioned earlier, File History requires use of an external or secondary drive to store its backups. (There’s one exception to this rule, which I’ll cover later.)

This two-drive approach is obviously a good thing. A drive failure won’t take out both your original files and your backups. But it also means that unless your system has a second, physical hard drive available (such as a USB drive or a networked drive), you won’t be able to properly set up File History.

So that’s the first step. Before enabling File History, ensure that your Win8 system recognizes a second drive (not just a second partition on the main drive) that is healthy and has sufficient capacity for multiple backups. Ideally, the drive is used only for backups and has a large amount of storage space.

Once that’s done, you’re ready to roll.

A few clicks sets up File History’s default mode

There are multiple ways to open the File History applet, but the simplest is to open Control Panel by whatever means you prefer (such as the Win+X menu) and click System and Security/File History.

When File History first opens, it looks for and lists suitable locations for your backup files, as shown in Figure 1.

If File History can’t identify a suitable local drive, it will prompt you to either add one or use a networked drive.

Alternatively, you can use the Select drive option (on the left side of the File History dialog box as shown in Figure 1) to manually choose a different location for your backup files. (For more information, see the Win8 Support article, “Set up a drive for File History.”)

Once you’ve selected a File History–compatible drive, click the Turn on button at the lower-right corner of the dialog box, and you’re done. It’s really that easy to get File History up and running in its default mode! (See Figure 3.)

Customizing your File History configuration

File History’s default settings might not suit you (they don’t suit me). So let’s take a look at the available options, advanced features, and alterations.

Include additional folders: As noted above, File History, by default, backs up only your libraries, desktop, favorites, and contacts — plus your local SkyDrive folder, if you have one. That, to my mind, is File History’s biggest drawback.

You can, however, force File History to back up any folder — including Program folders — by adding those folders to an existing or new library.

If you need a quick refresher on Windows’ Libraries, see the Microsoft Support article, “Working with libraries,” or the Windows Libraries tutorial. Or check out the March 10, 2011, Top Story, “Make the most of Windows 7’s Libraries.” (All three articles are for Win7, but Win8’s libraries work the same way.)

The MSDN blog, “Backup your files using File History,” contains additional instructions on how to include nonstandard folders in File History’s backups. (Scroll down to the “Backup Other Folders” section.)

Exclude specific folders: If you have some folders that you don’t want backed up, simply exclude them from File History by clicking the Exclude folders option (immediately below the aforementioned Select drive option). A new dialog will open, as shown in Figure 4.

Click the Add button and browse to the folders you wish to exclude.

Advanced Settings: The Advanced settings link (left side of the main File History dialog box) gives access to controls over how and when File History backs up your data. For example, the Save copies of files setting determines how often File History runs (see Figure 5). The default setting is once an hour, but you can choose run intervals from 10 minutes to 24 hours. I suggest you start with the default interval, and then adjust up or down as needed.

As noted, File History typically requires a second drive or networked drive to store backup files. If that drive isn’t available — say, you’re on the go and you’ve disconnected your USB drive — File History will use a temporary offline cache located on your C: drive.

The Size of offline cache setting controls how much of your C: drive will be used to store temporary backups if the normal backup drive isn’t available. The cache is normally set to 5 percent of the C: drive’s space. But you can increase the cache size to as much as 20 percent (see Figure 6).

With the Keep saved versions setting (see Figure 7), you can control how long Windows retains your backups — from one month to an optimistic “Forever.”

A related Clean up versions setting lets you manually delete backups you no longer need (see Figures 8 and 9).

The two remaining advanced settings are relatively minor. The HomeGroup link makes it easy for several different PCs to share the same homegroup-networked drive for storing backup files. The Event logs link lets you examine File History’s operational records to ensure it’s working correctly — or to troubleshoot problems, if it isn’t.

Recovering files and folders with File History

Tucked down in lower-left corner of File History’s main dialog box (see Figure 1) are two additional links: Recovery and Windows 7 File Recovery.

The Recovery link opens the Advanced recovery tools (see Figure 10), where you (among other things) configure and open System Restore. Another tool — Create a recovery drive — lets you create a bootable USB recovery drive. It’s nicely explained in the Win8 Support article, “Create a USB recovery drive.”

The Open System Restore and Configure System Restore items are largely self-explanatory, but for more info, see the Win8 Support article, “How to restore, refresh, or reset your PC.”

The final link in File History’s main dialog is Windows 7 File Recovery, which links to the full copy of the Win7 backup system that’s included inside Win8. (See the March 28 LangaList Plus article, “Win8’s built-in, hidden, image/backup tool.”)

Important note: Win8’s Windows 7 File Recovery works for now, but don’t count on using this feature in the future. An MSDN article states that Win8’s Windows 7 File Recovery “is being deprecated and will not be updated.” In fact, it’s absent from the current beta Windows 8.1 Preview. Clearly, traditional backups are not part of Windows’ future!

Using File History to restore files and folders

Just as it’s easy to get File History started, it’s also easy to recover your data from File History, as demonstrated in a one-minute, MS Support video. Also, I wrote about File History recovery options in the April 11 LangaList Plus column, “Assessing Win8 File History — and its weaknesses.”

Here’s the short-form how-to: Click the Restore Personal Files option from the left side of the main File History dialog box. A new window opens showing the most recently backed up files and folders (see Figure 11).

Note the arrows on the bottom of the window. The blue arrows let you scroll through backup sets by date and time — older backups to the left, newer ones to the right. The round green button will restore any file or folder you’ve selected.

You navigate within your backup sets much as you would in File Explorer — simply select a library or folder to see whatever’s inside. The File History applet will even let you preview the contents of any backed-up document. Click the document and it opens, right within the File History applet.

When you’ve found and selected the file or folder you wish to restore, click the round green button; File History will then guide you through the process of restoring the selected item to the location of your choice.

The bottom line — and the future

I’ve been using File History for several months now, and have found it to be unobtrusive and reliable. I also like its nearly continuous operation; new and altered files are automatically backed up, often within minutes of their creation. It’s hard to imagine a much safer system.

But having so many backups can actually make it harder to locate and select one specific file, or a specific version of a file. As with Win8’s main interface itself, File History’s Restore interface requires a lot of inefficient horizontal scrolling, which can be a pain in the arm to use. With luck, a simpler alternative will emerge.

And it might — Win8x is clearly a work in progress.

Tracking down the cause of an unwanted popup

When Windows or apps suddenly start working oddly, two techniques can reveal — and often remedy — the problem.

Plus: How to verify your system’s 32- or 64-bittedness, Internet Explorer 10 versus the competition, and how “Ease of Access” sometimes makes things harder.

Mystery popup menu suddenly appears

Two of reader Fred Sepanek’s PCs have begun exhibiting a new behavior, in the form of an unwanted navigation menu.

• “I consider myself an advanced user, but a new problem has me stumped. As you can see in the attached screenshot [see Figure 1], a popup menu now appears in the top-left corner of my monitor.

  

  Figure 1. Reader Fred Sepanek's screen capture, showing a nonstandard popup menu.

  “I don’t know what caused the popup to appear, and I’ve been unable to find any information about it on Google. Any ideas would be most appreciated.”

Fred, that’s not like any standard Windows menu I’ve seen. It’s almost surely the work of some third-party app or utility. Here are two ways to track it down.

1. Installation date: If you remember roughly when the mystery menus began appearing, start with Windows 7’s Programs and Features tool. It should show any software that was installed around that time. (Vista and Win8 will also show when software was installed — alas, XP doesn’t.)

Open the Uninstall or change a program applet and select the Installed On column header (see Figure 2) to sort or reverse-sort your software by installation date. Look for any unfamiliar programs, but keep in mind that even free mainstream software will often try to install potentially unwanted accessory apps.

2. Selective startup: If date-sleuthing doesn’t work, try Windows’ built-in Selective startup tool, which works on all current versions of the OS.

Selective startup lets you manually launch software that would otherwise run automatically when Windows starts. You sequentially disable one startup item at a time, followed by a reboot after each change. When the unwanted popup menu no longer appears, the software you last disabled is probably the culprit.

Here’s Microsoft’s information on selective startup for all current Windows versions:

• Windows 7: “Using System Configuration”
• XP: “To isolate problems using Selective Startup options”
• Vista: “Run Selective Startup using System Configuration”
• Win8: Selective Startup information for Win8 doesn’t appear to be online yet. However, it can be found in Win8’s help system. Open Help and Support and enter the exact phrase “What is System Configuration?” (include the quotes) into its search box. Click What is System Configuration? in the search results, then look for and open the To start Windows in Selective Startup mode link.

Once you’ve identified the offending software by either installation date or Selective Startup, uninstall it, delete it, or leave it disabled — your popup-menu troubles should be over.

How to verify your system’s bittedness

Bill Janosik installed a whopping 24GB of RAM in his PC. Unfortunately, 80 percent of it is missing in action.

• “How can you use the entire RAM you’ve installed? My system is equipped with 24GB of memory, but Windows states that it can use only 3.24GB. How can I make use of the remaining 20GB? Or can it be used?”

You must be running 32-bit Windows, Bill; also perhaps 32-bit hardware. Either way, all 32-bit hardware and software has a fundamental limit on usable RAM — around 4GB.

I’ll give you the short-form explanation in a moment; you’ll find fuller discussions of RAM limitations in the Jan. 15, 2009, LangaList Plus column, “Determine your PC’s true memory ceiling,” and the MSDN article, “Memory limits for Windows releases.”

In short, a 32-bit computer can track binary memory addresses up to 32 bits long. Because each bit is represented by either 0 or 1, a 32-bit computer can track 2 to the 32nd power memory addresses. That works out to around 4.2 billion — or 4GB — memory addresses.

So it doesn’t matter how much physical RAM you have installed in your PC’s slots — 5GB, 10GB, 24GB, etc. — a system with 32-bit hardware or software can access only around 4GB of that amount.

Also, some of that 4GB is used by the operating system and other low-level software. So the typical 32-bit system is left with about 3.2GB to 3.4GB of RAM for your use.

To access more RAM, you need to get out from under the 32-bit ceiling — you have to run 64-bit hardware and software. The calculated memory limit for an all 64-bit system is 2 to the 64th power — or 16 billion gigabytes — an amount none of us is likely ever to need or encounter.

So, Bill, to get full use of your 24GB of RAM, you’ll have to find and remove the 32-bit bottlenecks in your current system. You’ll have to upgrade your hardware, software, or both to 64-bit versions.

Here’s how to identify hardware and Windows bittedness:

• Start with your owner’s manuals or other documentation that might state the bittedness of your current hardware and/or software.
• Next, look up the information provided by Windows. (The details will vary slightly by OS version.)

  Windows 8: Click Control Panel/System and Security/System. Figure 3 shows typical system information displayed by the operating system.

  

  Figure 3. Windows 8 tells you explicitly whether your hardware and OS are 32- or 64-bit.

  Vista/Windows 7: Again, click Control Panel/System and Security/System. As Figure 4 shows, the System Type in Vista and Win7 tells you whether Windows is 32-or-64 bit. However, there’s no specific bittedness information about the hardware. You’ll have to use the Processor information to look up your CPU’s specifications.

  

  Figure 4. Vista and Win7 provide system bittedness plus some processor details.

  Windows XP: Click Control Panel/Performance and Maintenance/System. Under System, the 64-bit version of XP will be listed as “Microsoft Windows XP Professional x64 Edition.” The 32-bit version omits mention of “x64” (see Figure 5).

  As with Win7 and Vista, you have to use the information under Computer to look up your CPU’s hardware specs.

  

  Figure 5. If x64 Edition doesn't appear in XP's System heading, it's a 32-bit version (32-bit XP system shown).

  Once you find and replace the 32-bit hardware and/or software that’s currently limiting you, Bill, you’ll be able to use that huge amount of RAM you have!

  Internet Explorer 10 ready for prime time?

  Harold Zeisset’s question is straightforward; the answer — not so much.

  • “Is IE 10 safe to use on Windows 7 in a 64-bit PC?”

  In terms of providing basic online security, I believe IE 10 can go toe-to-toe with any of the other major browsers — Chrome, Firefox, Opera, etc. All the current versions of the major browsers sport an impressive array of built-in security and privacy features that make them vastly superior to the browsers of just a few years ago.

  But IE 10 is fairly new and could cause problems with some configurations. (There were early reports of conflicts with some websites and hybrid graphics cards.) That’s a major concern for someone who manages numerous systems, which is why Susan Bradley hasn’t yet given IE 10 the all-clear in her Patch Watch column.

  On the other hand, if you’re adding IE 10 to one or two personal systems, the risks are small and manageable. Try IE 10; if you don’t like it, simply uninstall it. There are several ways to roll back to IE 9: uninstalling IE 10 with Windows’ Programs and Features tool; using a recent system-restore point or system image; or via a slightly convoluted, manual-uninstall method explained in a Microsoft Answers blog.

  You’ll find IE 10’s security and privacy features spelled out in the Microsoft Safety & Security Center article, “Security in Internet Explorer 10,” and in the TechNet topic, “Internet Explorer 10 FAQ for IT Pros.”

  Here’s some tips for maximum safety with IE 10 or any other browser:

  • Make sure the browser’s built-in security features are enabled.
  • Keep the browser and your operating system updated.
  • Run a reputable, always-on anti-malware tool, and keep it updated.
  • Run a local software firewall (such as the one built into Windows, or a third-party alternative) plus a firewall in the upstream router or modem.
  • Be careful what you click, and watch where your clicks are taking you. Porn sites and pirate software/media libraries are known malware-delivery sites, but mainstream sites commonly do so, too.

  With the above, IE 10 — and all other major browsers — can be quite acceptably safe.

  When “Ease of Access” makes things harder

  Writing from Amsterdam, John Butler-Gould tells how he tracked down the source of strange mouse behavior.

  • “With pleasure — and some headaches — I use Win8 Pro x64 on a PC with plenty of system resources.

    “But on the Desktop, my mouse has an annoying behavior whenever I try to view pop-up or fly-out menus on the taskbar, in Skype, and so on.

    “More specifically, when I click a menu item, its submenus list appears and then instantly disappears.

    “Here’s my workaround:

    “Go to Control Panel/Ease of Access and, in the Ease of Access Center section, select Change how your mouse works. Now make sure that Activate a window by hovering over it with the mouse is unchecked (disabled).

    “It all worked fine from then on.”

  Windows has many assistive technologies built in or available (see the Microsoft Accessibility site). These technologies change the Windows interface to better suit the needs of people with low vision, limited arm movement, or other issues that make it hard to use the standard interface.

  These assistive settings can be a boon to people who need them. But they do change — sometimes significantly — Windows’ on-screen behavior. If one or more of Windows’ assistive tools becomes unintentionally enabled, your PC can suddenly act in unexpected or unwanted ways.

  As John’s experience shows, when the Windows interface starts acting strangely, it’s worthwhile taking a quick look at the Ease of Access Center settings.

  Along with the options in Control Panel/Ease of Access Center, Windows 8 has some additional settings in a separate Ease of Access control found under PC Settings.

  In XP, look under Control Panel/Accessibility Options.

  For full info on adjusting and using the accessibility features and options in Windows, Office, and Internet Explorer, see Microsoft’s Accessibility Tutorial site.

  Thanks, John!

  Reader John Butler-Gould will receive a gift certificate for a book, CD, or DVD of his choice for sending the tip we printed above. Send us your tips via the Windows Secrets contact page.

   

  Table of contents

Flying on water: Not your father's sailing race

It’s time for the America’s Cup, sailboat racing taken to the outer limits. This year, San Francisco hosts the Louis Vuitton/America’s Cup venue, as fabulous a setting as you could ask for. Gone are the days of classic monohulls battling it out in matched races. Like it or not, extreme catamarans have taken over, screaming across the waves on blade-like hulls and impossibly small hydrofoils. Just watching gives you an adrenaline rush. Play the video

Frying can happen any time you blink

Lounge member amcpherson moved his computer from one room to another, then discovered that his keyboard and a mouse had not survived the move.

He now has a working keyboard and mouse, but — as he noted in the Hardware forum — it’s clear that the right (or wrong) power supply really matters!

The following links are this week’s most interesting Lounge threads, including several new questions for which you might have answers:

Office Applications
General Productivity	Spam filtering: MIT study says you can’t do it
Word Processing	Preparing Word for sharing
Spreadsheets	Need help with batch printing
Databases	Determining whether Google Chrome webpage loaded
Microsoft Outlook	Cursor jumps around when email is being composed
Non-Outlook E-mail	Windows Live Mail: Can’t delete account
Other MS Apps	Value-stream mapping software
Windows
General Windows	Microsoft readies massive Windows update (XP through Win8)
Windows 8	Can’t make Win8 computer visible on network
Windows 7	Win 7 Pro x64 works after Shut down, but enters Recovery on Restart
Windows Vista	Organize button hangs when file is selected in Explorer window
Windows XP	Will removing user account increase disk drive’s free space?
Internet/Connectivity
Internet Explorer	Script errors
Third-Party Browsers	Unable to sign in to bank site
Networking	Troubles reconnecting to Wi-Fi network
Other Technologies
Security & Scams	Removing Qvo6.com
Hardware	USB hub kills two mice, keyboard?
Other Applications	Help me find lost utility

starred posts: particularly useful

If you’re not already a Lounge member, use the quick registration form to sign up for free. The ability to post comments and take advantage of other Lounge features is available only to registered members.

If you’re already registered, you can jump right in to today’s discussions in the Lounge.

Media files prove a threat to Windows

Windows updates are falling into an all too predictable pattern: critical fixes for Internet Explorer and Adobe Flash, a couple of kernel patches, and numerous .NET Framework updates.

This Patch Tuesday also includes various critical patches for Windows media components and Windows Defender.

MS13-055 (2846071)

Starting with the usual subjects — IE and Flash

It just wouldn’t be a Patch Tuesday without another batch of Internet Explorer fixes. Patching 17 newly reported vulnerabilities, KB 2846071 is rated critical for IE Versions 6 through 10.

As I’ve said numerous times before, you must keep IE updated, even if you typically use another browser. Internet Explorer isn’t just a browser; it’s a key part of the Windows operating system.

Keeping Adobe Flash updated is almost as critical as keeping IE current. Adobe’s Patch Tuesday release is Flash 11.8.800.94, as noted in Security bulletin APSB13-17.

What to do: There are already reports of attacks on IE 8, and it’s expected that more will follow soon. Install KB 2846071 (MS13-055) immediately. Then head over to Adobe’s download site and pick up the latest Flash. (Before clicking that “Download now” button, uncheck those potentially unwanted free software offers.)

MS13-053 (2850851)

A kernel fix for a TrueType Font handling

KB 2850851 is another Windows kernel-mode driver update. But though it’s rated critical, I’m giving my usual recommendation to not install it for at least a couple of weeks. Kernel updates occasionally have conflicts with third-party apps — especially, it seems, antivirus products. Before you add the patch, ensure your AV apps are fully up to date.

The bug this update fixes caused a minor spat among security researchers. As reported in The Verge (story), Google employee Tavis Ormandy, who first reported the vulnerability, claimed that Microsoft was difficult to work with. Another researcher at security firm Sophos disputed that claim.

What to do: Give KB 2850851 (MS13-053) a pass for now. I’ll return to it in the next Patch Watch at the end of this month.

MS13-052

Another crush of .NET Framework updates

Ugh! Lots of .NET updates out this Patch Tuesday. The pain just never ends. Although there is some risk of attack via malicious websites, I recommend reserving these updates until the end of the month. That should be enough time to reveal any new .NET installation issues. Most client Windows users will need to install several (six on one of my systems) of the following .NET patches.

• KB 2836942 for .NET 3.5.1 on Win7 SP1
• KB 2833951 for .NET 1.1 SP1 on XP and Vista
• KB 2833940 and KB 2844285 for .NET 2.0 SP2 on XP
• KB 2840629 for .NET 3.5 SP1 on XP and Vista
• KB 2835393 and KB 2840628 for .NET 4 on XP, Vista, and Win7
• KB 2833941 for .NET 1.1 SP1 on XP and Vista
• KB 2832411 for .NET 3.0 SP2 on XP
• KB 2832407 for .NET 4 on Windows XP and Vista
• KB 2832414, KB 2833946, KB 2840631, and KB 2844286 for .NET 3.5.1 on Win7 SP1
• KB 2833957 and KB 2840642 for .NET 4.5 on Vista SP2 and Win7 SP1

If you’re running Windows 8, expect to see .NET 4.5 packages and possibly .NET 3.5 updates offered. Also, if you have Microsoft’s Silverlight installed, expect to see KB 2847559.

What to do: The usual .NET drill — put these updates on hold until the end of the month. I’ll discuss them in the next Patch Watch.

MS13-054

GDI+ patch impacts Office

GDI+, Windows programming interface, is used to parse graphics and fonts. It’s been patched before and, I’m sure, will be patched again. Any updating required never comes as a single patch. So it’s no surprise that MS13-054 includes numerous patches — for all versions of Windows as well as most editions of Office. You might also see updates for specific apps such as MS Lync and Visual Studio .NET 2003 SP1. Office 2013 is not affected.

The related Windows updates — KBs 2834886, 2835361, and 2835364 — are all rated critical. Office updates KB 2687276, KB 2687309, and KB 2817480 are all rated important.

For this GDI+ exploit to succeed, victims must open malicious TrueType Font files.

What to do: Install any of the updates listed in MS13-054 if offered.

MS13-056 (2845187)

A precautionary patch for DirectShow

DirectShow is a component within Windows that allows applications to playback or capture video and audio. Rated critical for all current versions of Windows except Windows RT, KB 2845187 fixes a privately reported vulnerability in DirectShow. An attacker could use a malicious GIF file to take over a PC.

Privately reported vulnerabilities are typically threats discovered by security researchers and reported to Microsoft. The exploit is usually not widely known and not in the wild, and Microsoft has the opportunity to fix the vulnerability before it becomes an actual threat.

In this case, the vulnerability is not so private — attacks are expected within the next few weeks. Also, not just MS apps, but installed third-party software could be used in an exploit.

What to do: Install KB 2845187 (MS13-056) when offered.

MS13-057 (2803821, 2834903, 2834904, 2834905, 2845142)

Yet more Windows media vulnerabilities

Media vulnerabilities seem to be popular this month. MS13-057 contains several patches for the Windows Media Format runtime, a Windows component required for running Windows Media audio and videos. The updates are critical for all workstation versions of Windows (including Windows Media Center systems) except Windows RT. Attackers could use malicious media files to take over systems. This is, however, a somewhat complex exploit, so the threat is relatively low — for now.

Windows XP users could see several updates for this threat.

What to do: See MS13-057 for the complete list of updates. Install KBs 2803821, 2834903, 2834904, 2834905, and/or 2845142 soon.

MS13-058 (2847927)

Windows Defender needs defending

It’s especially bad news when an antivirus application has its own vulnerabilities. KB 2847927 fixes a flaw in Windows Defender that could give an attacker with valid sign-in credentials additional rights to a system. Fortunately, the update — rated important — applies only to machines running Windows 7 SP1 (and Windows Server 2008 R2 x64 SP1).

What to do: Attackers sometimes use antivirus apps to gain a toe hold into systems. And even if you have a third-party AV app installed, Defender still resides within Windows 7. Install KB 2847927 (MS13-058) when offered.

2855336

A necessary fix for domain-attached Win8 systems

Typically, I recommend holding off a week or two before installing nonsecurity updates. It keeps any problems created by these patches separate from critical security fixes. But there are exceptions: KB 2855336, for example, fixes a headache for small-business administrators who are running Windows 2012 Server Essentials and supporting Win8 clients.

Windows 8 users need the Pro version if they want to connect to a business domain. But using the Win8 Pro Pack to upgrade a basic Windows 8 system excludes numerous required user groups — including the Remote Desktop users group. That leaves the upgraded system unable to properly connect to Windows Server 2012 Essentials. (See KB 2850661 for more details.)

What to do: Install KB 2855336 when offered — even if you don’t join a domain at this time.

Regularly updated problem-patch chart

This table provides the status of recent Windows and Microsoft application security updates. Patches listed below as safe to install will typically be removed from the table about a month after they appear. For Microsoft’s list of recently released patches, go to the MS Security TechCenter page.

See our “Windows Secrets’ master Patch Watch chart” post for a more extensive list of recent updates.

Patch	Released	Description	Status
2823324	04-09	Recalled kernel update; replaced by KB 2840149	Skip
2813430	06-11	SSL-certification hardening; optional for admins	Skip
2670838	02-26	Internet Explorer 10 prep	Wait
2845690	06-11	Windows kernel-mode driver	Wait
2850851	07-09	Windows kernel-mode driver	Wait
2861561	07-09	.NET Framework; see MS13-052 for complete list	Wait
2840149	04-23	Kernel update	Install
2596595	05-14	MS Visio; also KB 2810062, KB 2810068	Install
2804576	05-14	.NET; see MS13-040	Install
2810046	05-14	MS Office 2003 SP3/Word	Install
2810047	05-14	MS Office/Publisher; also KB 2597971	Install
2813707	05-14	Windows Essentials 2012/Live Writer	Install
2820197	05-14	Third-party kill bits	Install
2827750	05-14	MS Lync 2010; also KBs 2827751–2827754	Install
2829254	05-14	HTTP.sys on Windows 8 and RT	Install
2829361	05-14	Windows kernel; also KB 2830290	Install
2829530	05-14	IE cumulative update	Install
2847204	05-14	Internet Explorer 8 and 9	Install
2817421	06-11	Office 2003 SP3; also KB 2848689 for Office for Mac 2011	Install
2838727	06-11	IE cumulative update	Install
2839229	06-11	Windows kernel	Install
2839894	06-11	Windows print spooler	Install
2845187	07-09	DirectShow	Install
2846071	07-09	Internet Explorer	Install
2847883	07-09	Windows Media Format; see MS13-057 for complete list	Install
2848295	07-09	GDI+; see MS13-054 for complete list	Install
2855336	07-09	Windows Defender for Win7 SP1	Install

Status recommendations: Skip — patch not needed; Hold — do not install until its problems are resolved; Wait — hold off temporarily while the patch is tested; Optional — not critical, use if wanted; Install — OK to apply.