Two April patches, KB3146706 and KB3147071, break AppLocker when used for whitelisting on an Admin account

From AB-

An interesting Win10 Key Combo to escape from a frozen computer

From our own Ax Kramer –

I had a program put up an error dialog box which locked up my new Win10 laptop computer. Completely frozen.  No mouse, no touch pad response, no exit, no nothing

I tried control/alternate/delete to bring up task manager. Got it, but still no response from keyboard, pad, or mouse, so I could not halt the program, or choose any other option. Even tried turning off the computer and restarting. Backs to the desktop…. same frozen computer.

Tried the escape key. It did not work. But I found that Control/Escape (ctrl/esc) gave me an option, “Close All Windows”. I hit Enter and the error dialog box disappeared! No more frozen computer.

Of course I had to try this again so I re-ran the program, getting the same error dialog box and frozen computer. Hit the key combo “ctrl/esc” and without even asking, Win10 closed out the two open windows and took me back to a functioning desktop. Now I can even type up and send emails.

What are the differences between KB2952664, KB3150513 and the naughty KB3035583?

A very interesting synopsis from our very own ch100:

What are the differences between KB2952664, KB3150513, and the naughty “Get Windows 10” patch KB3035583?

KB2952664 (and its equivalents for other OSes and versions) is the baseline pre-requisite for all the others providing the telemetry baseline. It is mostly useful for the upgrading to Windows 10, but not only as it provides telemetry capabilities in a wider sense.

KB3150513 is not offered unless the previous one is installed and adds further functionality in relation to making Windows 10 upgrade more reliable. It has specific functionality in relation to applications compatibility and this is why is offered as a different KB number.

KB3035583 is purely adware/nagware, the bad guy which is neutralised by the Group Policies configured to do that or by Josh’s GWX Control Panel, or Steve Gibson’s tool, or Noel’s procedure.

What I find relevant is that the first 2 patches are offered to medium/large businesses running Enterprise Version or Enterprise/Pro + WSUS, while the last one KB3035583 is never offered to those businesses. They are the most important customers for Microsoft’s bottom line.

Which makes me think that, unless overly concerned about the telemetry issues, the other patches are not so damaging or annoying and may actually provide some benefit in certain instances. The larger businesses seem not to pay much attention to the telemetry issues and follow the official line from Microsoft. If anything, the communication back to Microsoft is blocked for network traffic and OS performance reasons and rarely for the content of it. The larger businesses are not typically offered an upgrade in place and are still offered KB2952664 and KB3150513 and maybe there are more to come.

There is certainly no benefit at all in installing KB3035583 unless and only if interested in doing in-place upgrade to Windows 10.

Even so, I upgraded long before all those patches mentioned here were released and my upgrade still completed successfully and I did it more than once. The three patches are just risk mitigation patches, not mandatory if upgrading from sources other than Windows Update, like the official ISO image. And it is actually a lot more reliable to use the ISO than Windows Update.

Microsoft won’t support Windows Live Mail with MS-sourced email addresses… but Google will

If you have an @outlook.com or @hotmail or @live or @msn.com address, you have to give up Windows Live Mail by June 30. @gmail, OTOH, will work fine

InfoWorld Woody on Windows

The KB 3035583 patch is NOT overriding Windows 10 registry settings

There are reports all over the web that the new KB 3035583 – the detested “Get Windows 10” patch — is violating Microsoft’s terms of engagement, and blowing away the registry settings that are supposed to keep Windows 10 off your machine.

In my experiments, that just wasn’t true. Microsoft seems to be following its own rules.

InfoWorld Woody on Windows

Microsoft offers the final (?) word on ESD for WSUS, take 3: KB 3159706 replaces botched KB 3148812

But will it work?

Server 2012 R2 propped up.

InfoWorld Woody on Windows

Confirmed: Win10 free upgrade ends July 29, as does the much-maligned “Get Windows 10” campaign

Then again, we’re talking about Microsoft marketing here.

InfoWorld Woody on Windows

Windows 10 upgrade will cost $119 or more after July 29 – or will it?

By now you’ve probably read Corporate VP Yusuf Mehdi’s Windows Experience blog announcing Windows 10 Now on 300 Million Active Devices – Free Upgrade Offer to End Soon. Long story short, Mehdi says that Windows 10 is now running on 300 million active devices monthly (including the Xbox One and Windows Phone). He also says, “after July 29th, you’ll be able to continue to get Windows 10 on a new device, or purchase a full version of Windows 10 Home for $119.”

The blog also includes a marvelously entertaining performance by Microsoft’s Bryan Roper (former blues pianist and current fedora ambassador) that lists “Top 10 reasons to upgrade to Windows 10 now.”

The precise wording of Mehdi’s announcement leaves much to the imagination. Why, for example, did he only discuss purchase of Win10 Home, specifically, and leave Win10 Pro out of the conversation?

Mary Jo Foley at ZDNet asked a Microsoft rep, point blank, if this means the free upgrade is over. Here’s Microsoft’s response:

“The free upgrade offer has been a big success, leading to the fastest adoption of Windows ever, with Windows 10 on more than 300 million active Windows devices. The free upgrade promotion is currently slated to end on July 29 and we encourage all of our customers to take advantage of it while it is still active.”

Sounds mighty up-in-the-air to me….

IE 11 will not download files

Okay, I’m stumped. JF wrote to me with a problem:

I’m a tech, and I recently have had several computers with the same problem – Internet Explorer couldn’t download or looked like it was downloading and then crashed (“couldn’t download file”, “Internet Explorer has stopped”).  Either adware or malware makes configuration changes that persist, even after they are removed. This is particularly troublesome with Internet Explorer, since there is no real way to uninstall and re-install, and the reset option doesn’t always do the trick…

The only response I get from the computer when attempting to download and save or run a file, e.g. an .mpg (will automatically run when double clicked using Windows Media Player, but will not save the file), pdf, or any other file is “The file couldn’t be downloaded”. This message happens either immediately, or the download progress bar shows the active download up to 99%, then it stops and I receive the message. As I stated, this only is happening with IE, not Chrome.
 
I am at a loss and would really like to get to the bottom of this, and it seems there are many out there who need the same.

He’s run Malwarebytes. I suggested that he run the Farbar Recovery Scan tool. He sent me a lengthy report, but still no luck.

Anybody out there have an idea?

Recommended BitLocker patch KB 3133977 causes some ASUS motherboards to freeze

Looks like ASUS set a bit in BIOS that engages Secure Boot – when they shouldn’t have. Combine that with KB 3133977, and you get a bricked system.

InfoWorld Woody on Windows

Microsoft releases another undocumented Windows 10-enabling patch, KB 3150513

It took a Polish poster on Microsoft Answers to explain that it’s an update to the Win10 compatibility appraiser.

InfoWorld Woody on Windows

WSUS on Windows Server 2012 R2 appears to be badly broken

Left hand, meet right hand.

Thanks to Cliff Hogan, who’s awake while we all sleep.

InfoWorld Woody on Windows

UPDATE: Following on a tip from Rod Trent, over at WindowsITPro, Microsoft has reported on the issue and marked it closed: