.NET Quality Rollup Previews for Feb. 2018 are out

I count eleven of them, in the Catalog. KB 4074805, 6, 7 and 8.

I don’t yet see them on the KBNew list.

Of course there’s no reason to install them yet.

Patch Lady Posts 2018-02-13

So what happened?  Well a funny thing happened to a server.  Long story short, I decided that it was time for a fresh start and a new location courtesy of Woody.  This site will now be the home of the “Patch Lady” and my guidance to installing patches.  But with the new location we’re going to change things up a bit.  First off I’m going to focus not only on patching but guidance on security tweaks and adjustments you can do in both Windows 10 and Windows 7. I’ll be giving you my advice on finding a happy medium between what Microsoft THINKS we want and what we need (hint: we’re moving things to the cloud but the subscription model isn’t always the best solution).  I’ll give you ways to get the security goodness of Microsoft but in spoonfuls that are affordable and reasonable.

I promise to point out the things I really like about Windows 10 to assure you that I see my future on the Windows platform. But I’ll also promise to help guide you to where you can make Windows 10 to be still YOUR operating system, with the choices and rebooting when you want, and not when Microsoft wants you to make those choices.

I’ll be making some changes in the content along the way as well. First off I’ll be streamlining the Patch guidance, focusing less on the individual updates for Office 2013 and 2016 due to the fact that Office is pivoting to deploying EVERYTHING via click to run technology. So much so that Office 2019 will only be on click to run as noted on this blog.  I’ll have more on that in an upcoming post. But seeing Microsoft stress their click to run technology so much made me realize that for the vast majority of Microsoft users, you no longer see individual Office updates. You only see Windows updates, and then wonder why something changed in Office that you can’t quite figure out when it started having the issues or how to fix them.

Click to run is an updating methodology that updates in the background in one “blob”. Rather than individual updates you get the entire suite updated as a whole. Unless you take action, you are by default on the monthly channel – which is a bit of a misnomer – as lately the monthly channel has been updating more than once a month.  As a result the first thing I want you to do after reading the Patch Lady post is to adjust how you get your click to run Office 2016 deployment. I’ll want you to change to the semi-annual feature update channel rather than the monthly update channel. This will move you off the more buggy platform and on to a more stable version of Office.  For Office 2016 you can do this on any version of Office 2016 that you get via the subscription model, unlike Windows 10 mandate that you need the Pro version to control updating.

Rest assured, moving to the semi-annual channel does not make you more vulnerable to security issues. It merely moves you to a version that doesn’t get feature updates quite as quickly, less updates per month and a much more stable experience, especially in Outlook.

To move to this slower feature updating schedule perform the following commands as noted from this blog:

Launch Command Prompt as an administrator.

Navigate to “C:\Program Files\Common Files\Microsoft Shared\ClickToRun>”

Run the following command to change the desired channel, let’s say Monthly Channel “OfficeC2RClient.exe /changesetting Channel=Deferred”

Then type in:  OfficeC2RClient.exe /update user

Office 2016 will launch a window acting like it’s updating or reinstalling. Which it actually is, as it’s flipping to the slower semi-annual channel rather than the monthly one. To see if the change has taken effect, launch Word, click on File, Office account and review the information on that screen to see if it now has the wording “Semi-Annual Channel” rather than “Monthly”.  Note for consultants or administrators you can also use an xml tool if you are more comfortable with that process.

On another note, I’m starting to see more and more OEM computers shipped with Office Desktop apps that are causing issues once you go to install the Office 365 subscription. As noted in this Knowledgebase article, make sure you uninstall these temp installs for best experience.

Before I wrap up this first edition of the Patch Lady Guidance for the month of February, once again thank you Woody for my new home.  I’ll be looking forward to posting more often, being more responsive to bringing you information. I’m even thinking of maybe doing some special video recordings and link them here to better explain and give guidance when there are sticky patching situations to deal with. Bottom line, I’m looking forward to a new start in a new home.  I hope you are too!  Since this is a new start and a new format, let me know if you like the new format or think I should change things up a bit more?

Patch Lady Guidance – February 2018

The major issues I am tracking are predominantly in Windows 10 1709 release. There are two major issues that are impacting SOME but not ALL Windows 10 1709 users. The first has to do with the loss of USB devices after the install of KB4074588. The only workaround at this time is to uninstall the update. The second issue is more concerning: Some users have seen inaccessible boot device errors after the install of January and February updates. I personally have not seen this on any machine under my control leading me to theorize that the root cause may be the interaction of antivirus during updating. It is my theory based on the fact that all of my Windows 10 1709 machines use Windows Defender as their antivirus, and I’ve seen many antivirus vendors listed as being installed on impacted machines. It appears based on some smart folks in the forum that the acpi.sys driver gets uninstalled and not reinstalled during the updating process. The loss of this driver will trigger the boot error.  The only workaround is to use dism commands to uninstall the recently installed updates and then do a refresh of the operating system. Bottom line because I don’t have any clear cut root cause at this time, if you are running Windows 10 1709 and have third party antivirus, I would make sure you have a full backup of your system before updating.  [Which, let’s face it, is wise to do every month anyway!]  Finally, I’m seeing some folks having issues getting the patch to install at all. Given the above issues, that might not be such a bad thing after all.

Without further ado, here is my guidance for the month:

Breaking: Susan Bradley to contribute to the AskWoody site

Miss your “Patch Watch” fix? Me, too.

I’m absolutely bowled over that Susan Bradley has agreed to bring her Patch Watching to AskWoody. Her first post should appear shortly.

Here’s what Susan admits about herself:

Susan Bradley has been patching since before the Code Red/Nimda days and remembers exactly where she was when SQL slammer hit (i.e. trying to buy something on ebay and wondering why the Internet was so slow). She wrote the Patch Watch column for Brian Livingston’s Windows Secrets, and was one of the authors of Windows Server 2008 Security Resource kit.

In real life she’s the IT wrangler at her firm, Tamiyasu, Smith, Horn and Braun, where she manages a fleet of Windows Servers, an Exchange Server, desktops, a few Macs, several Windows mobile and iPhones and tries to keep patches up to date on all of them. In addition, she provides forensic computer investigations for the litigation consulting arm of the firm.

What she’s too modest to say… Susan is, to my mind anyway, the foremost authority on patching in organizations. She’s long been my #1 guru on Microsoft patches, full stop. And I’m delighted that she’ll be posting on these pages.

Susan and I don’t agree on everything — and that’s good! I tend to look at Microsoft patching through the bewildered users’ bloodshot eyes. Susan has a wider perspective, with constant exposure to SME and Enterprise patching problems in every corner of the globe.

Join me in welcoming Susan and her new Patch Lady Posts.

Intel releases more Meltdown/Spectre firmware fixes, while Microsoft unveils a new Surface Pro 3 firmware fix that doesn’t exist

You’d have to be incredibly trusting — of both Microsoft and Intel — to manually install any Surface firmware patch at this point. Particularly when you realize that not one single Meltdown or Spectre-related exploit is in the wild. Not one.

Computerworld Woody on Windows.

Anybody see the “Third Tuesday” Windows previews?

They’re usually out by now. Wonder if MS hit a snag?

Windows 10 1709 still isn’t ready for prime time — and the latest buggy cumulative update, KB 4074588, proves the point

I’m seeing a whole host of different problems with this month’s cumulative update for Win10 Fall Creators Update.

Computerworld Woody on Windows.

Revisited: How to update an old copy of Win7

Credit: David Stanley, Nanaimo, Canada

Kevin Beaumont just tweeted:

https://twitter.com/GossiTheDog/status/965908161101271040

Barry Dorrans replied with a reference to this advice from @SwiftOnSecurity in April 2016:

[REVISED] If updating fresh Win7, first download these, install, and reboot to make update install faster:

KB3102810
KB3138612
KB3145739

What struck me is how @SwiftOnSecurity’s advice (from April 2016) differs from our AskWoody advice (Feb. 2017, as amended) from @CanadianTech at AKB 3172605, basically:

3… download and install either one or two updates manually. In most cases only the first (KB3172605) of these is needed. If that produces a result that says the “update is not appropriate for your computer”, you need to first install the 2nd of these (KB3020369), then install the first (KB3172605).

Can anybody out there reconcile the differences? Which method is best?

I have a sneaky suspicion we’re going to see lots of Win7 (re-)installs this year.

What happened to Windows Secrets?

Just got an email from GW:

This has gone on so many days, that I thought I’d ask you (even though this is the Askwoody address): When I try to access the Windows Secrets Lounge, at https://windowssecrets.com/forums/ (and this has been going on for many days) I get “This site can’t be reached
windowssecrets.com refused to connect.”

a) Can you tell me why?

b) If it has truly disappeared, I think it would be nice to mention it on Askwoody. I’ve been gone for a few days, so it’s possible you did already mention it. Thanks for any clues, and hoping things are OK,

This caught me flat-footed. As you know, I haven’t written for Windows Secrets Newsletter for several years — since August 2015, in fact. I had no idea the site was down but, looking at it now, sure enough — there’s nothing there, there. I have no idea what happened to it.

WindowsSecrets.com began as BriansBuzz.com in February 2003. In July 2004, the service merged with WoodysWatch.com, and the combined site was renamed WindowsSecrets.com.

Brian Livingston was the editorial director of WindowsSecrets.com from July 2004 to August 2010. The company was sold to iNet in late 2010, and iNet was sold to a US-based conglomerate called Penton Media in January 2015.  In September 2016, the British firm Informa plc bought Penton for $1.56 billion. As far as I know, Informa still holds the purse strings.

As for WindowsSecrets.com… I haven’t a clue. I see that other Penton publications’ sites — notably WindowsITPro.com and WinSuperSite.com (Paul Thurrott’s original sites) — now  re-route to ITProToday, which is a name I haven’t heard before. As best I can tell, ITProToday doesn’t have a forum.

Anybody out there know anything definitive?

UPDATE: A few minutes ago, on Feb. 20, Windows Secrets Newsletter sent out a message that says:

Hello to subscribers

First, we’d like to apologize for the delay in reaching out. We had hoped that our service interruption would be only a day or two long, and we could resume publication last week. We were wrong.

Here’s why you haven’t gotten a newsletter and you can’t access the site: There was an unprecedented hardware failure across several systems. The IT department has been working to remedy the failure and restore the affected sites from backups. We don’t have a timeline for restoration – but we don’t want you to think we’ve completely disappeared.

You’ll receive double editions of the newsletter after the IT department has restored the site.

Again, our apologies for not reaching out sooner. We’ll keep you informed of future developments.

Interesting missive from a multi-billion-dollar company.

Keizer: Looks like the next Windows 10, version 1803, will arrive April 3 or 10

That matches with what I’ve heard – and have been hearing for quite some time.

Good overview of Insider and Skip Ahead, Gregg Keizer at Computerworld.

P.S. There’s still no official name for the version, far as I know. “Windows 10 Spring Creators Update” doesn’t work, because version 1703 was in the North American Spring, and it was a “Creators Update.” I still say “Win10 Spring forward after Fall back Creators Update” would work. What do you think?

AskWoody is going to Ludicrous Speed on Sunday night

Yeah, I’m tired of the delays, too.

The devs have just advised that we’re clear to move to our new, new server on Sunday night, US time. It’s hard to judge by the specs, but we should be able to support four times as many concurrent users, starting next week.

That’s the third server upgrade in the past year. Your donations (and unblocking ads!) made it so.

Microsoft using insecure HTTP links to distribute security patches through the Update Catalog

I didn’t believe it until I saw it. And you can, too.

Computerworld Woody on Windows.

Thx, Stefan Kanthak, Günter Born

Report of the Win10 1709 cumulative update KB 4074588 disabling USB devices

I’m seeing sporadic reports of this month’s Win10 version 1709 cumulative update, KB 4074588, causing problems with USB-attached devices.

Per trongod on the MSI forum:

I thought I would pass this information along. Tonight I had to reboot my laptop. After rebooting I lost my usb mouse and any device plugged into the USB ports. I went into my device manager and saw 3 devices that said drivers could not be found:

MSI EPF USB
USB Receiver
USB Receiver

I knew the night before a Windows 10 update was installed so I looked up the last update which was KB4074588. According to this site LAPTOPNINJA, it says the following:

Addresses issue where the certutil.exe -MergePfx feature couldn’t produce a merged EPF file for multiple V1 certificates.
Addresses issue where booting with Unified Write Filter (UWF) turned on may lead to stop error 0xE1 in embedded devices, particularly when using a USB HUB.

Since both of those particular updates had both EPF and USB involved, I uninstalled the update. After that everything was working again. Looks like Microsoft is breaking stuff again and I don’t see any updated chipset drivers on the MSI site since the original. I may have to see if I can find something more up to date, try those and then attempt the update again.

Poster brozkeff goes on to say:

I have the very same symptoms on a All-in-One HP PC with Win10, AMD A6 APU, Radeon R4 graphics and AMD USB 3.0 controller. Afer this update the USB devices stopped working once they were reconnected. Not resolved after reboot and full poweroff/poweron. The USB devices are somewhat recognized but appear in the Device manager as Other devices , missing drivers. Regular USB keyboard  appears as composite USB device, etc.

There are several other reports of odd USB device behavior after installing the KB. And, of course, there’s the usual spatter of reports about the KB failing to install.

Can anybody out there confirm? Any idea what might be at the core of the problem?