|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
MS acknowledges blue screen bug when installing the Aug or Sept cumulative update on Win10 version 2004 Lenovo machines
Mayank Parmar at Windows Latest has the rundown on Microsoft’s latest confession:
In a new support document that was quietly published over the weekend, Microsoft has warned that it has observed a number of other critical errors caused by KB4568831 or newer, which also includes the September 2020 patch…
The problem appears to have been caused by a compatibility issue between Windows 10’s cumulative update, UEFI settings, and Lenovo’s Vantage app. With a cumulative update, Microsoft made a change that restricts how processes can access PCI device configuration and feature in UEFI could trigger this behaviour, which causes a Blue Screen.
KB 4568831 is the Win10 version 2004 “optional, non-security, C/D/E Week” preview patch released in late July.
Yes, the bug’s been around for six weeks. No, it hasn’t been fixed. But there is a manual workaround, discussed in Parmar’s article.
Tell me again how version 2004 is ready for prime time.
-
Yes, you do need to patch sooner or later
You know how I say that there’s no reason to patch as soon as the patches come out — but you need to patch sooner or later?
Those of you running Windows Server as a domain controller just showed the rest of us how important that “sooner or later” can be.
Microsoft patched CVE-2020-1472 last month. The security hole was (and still is) described as “2 – Exploitation Less Likely,” thus not of immediate concern. It wasn’t publicly disclosed or exploited at the time (it wasn’t a zero-day). If you followed along with the MS-DEFCON system (which, admittedly, isn’t designed for admins with Windows Server domain controllers) you would’ve installed the patch late last month or early this month.
Good for you.
Yesterday,the Dutch security company Secura B.V. released a full report of the security hole – and it’s a doozy. Catalin Cimpanu at ZDNet has a thorough description:
According to Secura experts, the bug, which they named Zerologon, takes advantage of a weak cryptographic algorithm used in the Netlogon authentication process.
This bug allows an attacker to manipulate Netlogon authentication procedures and:
- impersonate the identity of any computer on a network when trying to authenticate against the domain controller
- disable security features in the Netlogon authentication process
- change a computer’s password on the domain controller’s Active Directory (a database of all computers joined to a domain, and their passwords)
There are limitations to how a Zerologon attack can be used. For starters, it cannot be used to take over Windows Servers from outside the network. An attacker first needs a foothold inside a network.
However, when this condition is met, it’s literally game over for the attacked company.
It’s a bad one. But you got your Server patched a couple of weeks ago, yes?
It’s rare to have a security hole erupt this quickly – although it does happen. We still haven’t seen widespread attacks. But it’s only a matter of time.
-
MS-DEFCON 4: Install the August updates, but avoid the Optional and non-security patches
Now that we have the second cumulative update for Win10 version 2004, I feel confident in recommending that you install the August patches.
Nope, Win10 version 2004 isn’t ready for prime time yet, but if the latest bumper crop of bug fixes work out OK – with few if any reported problems – we may be closer to having a stable version to jump to.
Step-by-step details in Computerworld Woody on Windows.
-
Microsoft releases the “optional, non-security, C/D/E Week” patch for Win10 version 2004
Microsoft just dropped the last “optional, non-security” August patch for a still-breathing Win10 version.
Yep, the “optional, non-security, C/D/E Week” patch, KB 4571744, is now available via Windows Update – if you click the Download and install link.
And look. At. All. The. Changes. I do believe that’s the longest list of changes in a Windows update that I’ve ever seen.
Here’s the one I was waiting for:
Addresses an issue that causes the Optimize Drives dialog to incorrectly report that previously optimized drives need to be optimized again.
Microsoft’s way late in the game for Preview patches – Patch Tuesday is five days away – but at least we’re going to get a little bit of out-of-the-box testing.
Of course you don’t want it. Of course.
-
Where we stand with the August patches
Lenovo warns about Win10 version 2004 patch problems; Win8.1 plays catch up – but clobbers Cisco Anyconnect; the 50th reincarnation of an old “blast away the barnacles” Windows upgrade patch; and reported problems with printing in Win7 with the extra-cost Extended Servicing Updates.
It’s a wild world out there – but Win10 version 2004 is starting to stabilize. Operative term: Starting.
Details in Computerworld Woody on Windows.
-
Windows Latest: A fix for the broken Win10 version 2004 Drive Optimizer (Defrag) tool is being tested
Just in from Mayank Parmar at Windows Latest:
According to the changelog of Build 19042.487, this issue has now been resolved in Windows 10 20H2*. After beta testing the patch with Insiders, Microsoft plans to roll out the same update to those with Windows 10… version 2004 later this week or before September 1.
So it looks like we may see an “optional, non-security, C/D Week” patch for Win10 version 2004 (no surprise there) that fixes the defrag/Drive Optimizer bug. (The bug shows an incorrect date for the last defrag run.)
*In case you haven’t been following the latest obfuscating changes in Win10 numbering conventions, Win10 version 20H2 is the next version of Win10 – the one that follows Win10 version 2004. Version 2004 is still having teething problems, like this one.
-
Another grab bag of bugs in the Patch Tuesday crop
As happens every month, there’s a laundry list of bugs that accompanied this month’s Patch Tuesday Win10 patches: Can’t install, Blue and Green Screens, system slowdowns and the like. Mayank Parmar at Windows Latest takes us through the litany:
It appears that Windows 10’s August 2020 cumulative updates could be crashing some computers (mostly Lenovo ThinkPad hardware) when Hyper-V, Intel virtualization or Windows Sandbox features are enabled. Lenovo users have also flagged issues with Windows 10 August security patch and turning off virtualization feature resolves the problem for them.
Are you hitting any problems?
-
Another round of “optional, non-security, C/D Week” patches for Win10 1909, 1903, 1809
We just got another set of “optional, non-security, C/D Week” patches for Win10 versions 1903 and 1909 (KB 4566116) and 1809 (KB 4571748). There’s a long, long list of changes.
Of course you don’t want to install them – unless you’re concerned about time zone information for Yukon
ProvinceTerritory (see comments).As usual, the “optional, non-security, C/D Week” patch for Win10 version 2004 is still baking.
In theory, the update appears as an “Optional updates available” update and if you want to get it, you need to specifically click Download and install. In practice, I still haven’t seen the notification – but it looks like the patch will be available even if you aren’t in the Windows Insider Preview ring.
I don’t see it on my machines. Can you see it?
-
Krebs: This month’s code signing zeroday, CVE-2020-1464, has been around for two years
This month we had two zero-days fixed in the Patch Tuesday crop. Several folks in the press screamed that the sky is falling and you have to get patched right now.
Seems that the truth is a bit more prosaic. As truth frequently is.
First we discovered that one of the zero-days, CVE-2020-1380, relies on Internet Explorer and it’s been used on an undisclosed South Korean company, in conjunction with other security holes. By itself, this zero-day doesn’t mean much.
Now comes word from Brian Krebs that the other zero-day, CVE-2020-1464, was reported to Microsoft two years ago. It’s not exactly front-burner stuff:
Asked to comment on why it waited two years to patch a flaw that was actively being exploited to compromise the security of Windows computers, Microsoft dodged the question, saying Windows users who have applied the latest security updates are protected from this attack.
Moral of the story: It’s very, very rare that you need to patch immediately. Wait and see what problems crop up before you install the latest fare from Microsoft.
-
Minor problems with this week’s Win10 versions 1903/1909 and 2004 cumulative updates
Mayank Parmar reports on Windows Latest:
When installing Windows 10 KB4565351 (v1903/1909) and KB4566782 (v2004), users are saying that they are being greeted with unhelpful error messages, including 0x800f0988, 0x800f081f, and 0x800f08a.
The most-reported error code is 0x800f081f and it could be related to missing files in the WinSXS folder that stores different copies of DLL and system files.
[The Win10 version 1903/1909 cumulative update] is also breaking audio for some users and there are reports of Blue Screen of Death with “SYSTEM THREAD UNHANDLED EXCEPTION” error on Feedback Hub.
I haven’t seen a lot of reports of those problems, but they’re irritating nonetheless.
See Parmar’s article for descriptions and workaround.
-
Details from Kaspersky on this month’s IE 0day, CVE-2020-1380
Boris Larin at Kaspersky has published details on one of the two “OMG! It’s a ZERO-DAY!” security holes plugged yesterday, CVE-2020-1380 – “Scripting Engine Memory Corruption Vulnerability”
Looks like it’s Internet Explorer-only, JavaScript based, and used in an attack “on a South Korean company.”
That’s pretty standard fare for Patch Tuesday zero-days. Yep, you have to patch eventually. Yep, if you’re defending state secrets you need to be aware of it. But for most of us it’s no big deal.
-
Report that this month’s Win10 version 2004 cumulative update, KB 4566782, is throwing error 0x800f0988
Looks like the error also occurred in the preview, released July 31.
From artins90 on Reddit:
The update KB4566782 is not working 0x800f0988:
Exec: Failed to pre-stage package: Microsoft-Windows-WindowsMediaPlayer-Troubleshooters-Package~31bf3856ad364e35~amd64~~10.0.19041.1,
component identity: amd64_adobe-flash-for-windows_31bf3856ad364e35_10.0.19041.1_none_e190f18a08ed1a44,
file: Flash.ocx, sandbox: \?\C:\WINDOWS\CbsTemp\30830624_112917922\Windows10.0-KB4566782-x64.cab,
file format: 0 [HRESULT = 0x800f0988 – PSFX_E_INVALID_DELTA_COMBINATION]Anybody else see the same problem?
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Photos App running in background
by 3 hours, 9 minutes ago
-
IPV6 Issue Win10 22H2 August Update
by 7 hours, 55 minutes ago
-
Windows 11 Insider Preview build 23550 released to DEV
by 9 hours, 30 minutes ago
-
Windows 11 Build 22621.2361 (22H2) released to Release Preview
by 9 hours, 31 minutes ago
-
Lately I’ve been getting qr code spam attacks
by 13 hours, 6 minutes ago
-
ghacks Wants Edge – FF Browser Update to View – hack/redirect
by 7 hours, 44 minutes ago
-
iOS 17 : If your new iPhone gets stuck on the Apple logo when you transfer…
by 20 hours, 50 minutes ago
-
Apple zero days out – September 2023
by 15 hours, 37 minutes ago
-
No shortcuts to files on Taskbar in Win11
by 12 hours, 28 minutes ago
-
“New” Google Sites vs Network Solutions: domain resolution
by 7 hours, 44 minutes ago
-
Topic: Privacy Report on Modern Cars
by 1 day, 1 hour ago
-
Microsoft’s massive Windows 11 update, featuring Copilot AI, begins rolling out
by 22 hours, 21 minutes ago
-
MailStore Home updates
by 1 day, 22 hours ago
-
T-Mobile users say they see other people’s account information
by 2 days, 9 hours ago
-
Retirement of Exchange Web Services in Exchange Online
by 2 days, 22 hours ago
-
What Remote Desktop credentials do I use to access a MS Account computer
by 1 day, 11 hours ago
-
Office 2003 Compatibility with One Drive in Windows 11
by 3 days, 9 hours ago
-
Has KB5030219 been pulled for Windows 11 Pro for Workstations?
by 11 hours, 54 minutes ago
-
By default encryption on Apple
by 3 days, 2 hours ago
-
KB5029331 Macrium/Reflect
by 3 days, 4 hours ago
-
Windows 10 Build 19045.3513 (22H2) to Release Preview Channel
by 3 days, 15 hours ago
-
Microsoft worker accidentally exposes 38TB of sensitive data in GitHub blunder
by 3 days ago
-
Change CPU/Mainboard without reinstallation of OS and Apps – Win10
by 3 days, 5 hours ago
-
Mouse slows to crawl if Edge in focus
by 4 days, 10 hours ago
-
Windows and Surface chief Panos Panay is leaving Microsoft
by 3 days, 23 hours ago
-
Essential Office Portable
by 4 days, 12 hours ago
-
Essential Office: Disable Spell Check
by 4 days, 12 hours ago
-
Apple 2030
by 2 days, 10 hours ago
-
Wi-Fi 7? Why not!
by 3 hours, 15 minutes ago
-
Second city — the AI view from Washington
by 4 days, 21 hours ago
