Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • The Big Bug rollup: Many problems, few solutions, with bugs in the July Patch Tuesday crop

    Posted on July 12th, 2018 at 07:46 woody Comment on the AskWoody Lounge

    I can’t believe how many bugs we’re seeing in this month’s patches.

    Oh. Wait a sec. Yeah, I can believe it.

    If you’re applying Windows/Office updates as soon as they come out, you clearly don’t understand the situation.

    Computerworld Woody on Windows.

  • Patch Lady Posts 2018-02-13

    Posted on February 21st, 2018 at 18:58 woody Comment on the AskWoody Lounge

    So what happened?  Well a funny thing happened to a server.  Long story short, I decided that it was time for a fresh start and a new location courtesy of Woody.  This site will now be the home of the “Patch Lady” and my guidance to installing patches.  But with the new location we’re going to change things up a bit.  First off I’m going to focus not only on patching but guidance on security tweaks and adjustments you can do in both Windows 10 and Windows 7. I’ll be giving you my advice on finding a happy medium between what Microsoft THINKS we want and what we need (hint: we’re moving things to the cloud but the subscription model isn’t always the best solution).  I’ll give you ways to get the security goodness of Microsoft but in spoonfuls that are affordable and reasonable.

    I promise to point out the things I really like about Windows 10 to assure you that I see my future on the Windows platform. But I’ll also promise to help guide you to where you can make Windows 10 to be still YOUR operating system, with the choices and rebooting when you want, and not when Microsoft wants you to make those choices.

    I’ll be making some changes in the content along the way as well. First off I’ll be streamlining the Patch guidance, focusing less on the individual updates for Office 2013 and 2016 due to the fact that Office is pivoting to deploying EVERYTHING via click to run technology. So much so that Office 2019 will only be on click to run as noted on this blog.  I’ll have more on that in an upcoming post. But seeing Microsoft stress their click to run technology so much made me realize that for the vast majority of Microsoft users, you no longer see individual Office updates. You only see Windows updates, and then wonder why something changed in Office that you can’t quite figure out when it started having the issues or how to fix them.

    Click to run is an updating methodology that updates in the background in one “blob”. Rather than individual updates you get the entire suite updated as a whole. Unless you take action, you are by default on the monthly channel – which is a bit of a misnomer – as lately the monthly channel has been updating more than once a month.  As a result the first thing I want you to do after reading the Patch Lady post is to adjust how you get your click to run Office 2016 deployment. I’ll want you to change to the semi-annual feature update channel rather than the monthly update channel. This will move you off the more buggy platform and on to a more stable version of Office.  For Office 2016 you can do this on any version of Office 2016 that you get via the subscription model, unlike Windows 10 mandate that you need the Pro version to control updating.

    Rest assured, moving to the semi-annual channel does not make you more vulnerable to security issues. It merely moves you to a version that doesn’t get feature updates quite as quickly, less updates per month and a much more stable experience, especially in Outlook.

    To move to this slower feature updating schedule perform the following commands as noted from this blog:

    Launch Command Prompt as an administrator.

    Navigate to “C:\Program Files\Common Files\Microsoft Shared\ClickToRun>”

    Run the following command to change the desired channel, let’s say Monthly Channel “OfficeC2RClient.exe /changesetting Channel=Deferred”

    Then type in:  OfficeC2RClient.exe /update user

    Office 2016 will launch a window acting like it’s updating or reinstalling. Which it actually is, as it’s flipping to the slower semi-annual channel rather than the monthly one. To see if the change has taken effect, launch Word, click on File, Office account and review the information on that screen to see if it now has the wording “Semi-Annual Channel” rather than “Monthly”.  Note for consultants or administrators you can also use an xml tool if you are more comfortable with that process.

    On another note, I’m starting to see more and more OEM computers shipped with Office Desktop apps that are causing issues once you go to install the Office 365 subscription. As noted in this Knowledgebase article, make sure you uninstall these temp installs for best experience.

    Before I wrap up this first edition of the Patch Lady Guidance for the month of February, once again thank you Woody for my new home.  I’ll be looking forward to posting more often, being more responsive to bringing you information. I’m even thinking of maybe doing some special video recordings and link them here to better explain and give guidance when there are sticky patching situations to deal with. Bottom line, I’m looking forward to a new start in a new home.  I hope you are too!  Since this is a new start and a new format, let me know if you like the new format or think I should change things up a bit more?

     

    Patch Lady Guidance – February 2018

    The major issues I am tracking are predominantly in Windows 10 1709 release. There are two major issues that are impacting SOME but not ALL Windows 10 1709 users. The first has to do with the loss of USB devices after the install of KB4074588. The only workaround at this time is to uninstall the update. The second issue is more concerning: Some users have seen inaccessible boot device errors after the install of January and February updates. I personally have not seen this on any machine under my control leading me to theorize that the root cause may be the interaction of antivirus during updating. It is my theory based on the fact that all of my Windows 10 1709 machines use Windows Defender as their antivirus, and I’ve seen many antivirus vendors listed as being installed on impacted machines. It appears based on some smart folks in the forum that the acpi.sys driver gets uninstalled and not reinstalled during the updating process. The loss of this driver will trigger the boot error.  The only workaround is to use dism commands to uninstall the recently installed updates and then do a refresh of the operating system. Bottom line because I don’t have any clear cut root cause at this time, if you are running Windows 10 1709 and have third party antivirus, I would make sure you have a full backup of your system before updating.  [Which, let’s face it, is wise to do every month anyway!]  Finally, I’m seeing some folks having issues getting the patch to install at all. Given the above issues, that might not be such a bad thing after all.

    Without further ado, here is my guidance for the month:

     

    Patch Knowledge Base Article Operating system Safe to install? Issues being tracked Fixing or patching
    KB4074588 Windows 10 1709 Hold wait for further guidance Tracking issues with USB side effects on SOME Windows 10 machines.  See this link for details.  Tracking inaccessible boot device as a side effect for SOME computers.  See this link for details. Patching security vulnerabilities for remote code attacks. Fixes an issue where some users may have experienced issues logging into some websites when using third-party account credentials in Microsoft Edge. Released Spectre-Meltdown updates to 32 bit platform.
    KB4074592 Windows 10 1703 Okay to install Not tracking any major issues Security update for remote code vulnerabilities. Released Spectre-Meltdown updates to 32 bit platform.
    KB4074594 Windows 8.1 Okay to install Not tracking any major issues Security update for remote code vulnerabilities.  Addressed a script-related issue that caused Internet Explorer to stop working in some cases.
    KB4074598 Windows 7 Okay to install Not tracking any major issues Security update for remote code vulnerabilities. Fixes issue with launching a new page in Internet Explorer.
    KB2952664 Windows 7 Optional update – do not need to install Not tracking any side effects – however this update is optional Telemetry update – does not install any code to update to Windows 10
    KB4076492

     

    .NET optional quality updates for Windows 7, 8.1:  3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 Optional update – do not need to install Not tracking any side effects – however this update is optional These updates only provide non security fixes. They are not new security updates. Thus it’s not mandatory to install any of these.
    KB4076493

     

    .NET optional for Server 2012 for 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows Server 2012 Optional update – do not need to install Not tracking any side effects – however this update is optional These updates only provide non security fixes. They are not new security updates. Thus it’s not mandatory to install any of these.
    KB4076494

     

    .NET optional 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 8.1, RT 8.1, and Server 2012 R2 Optional update – do not need to install Not tracking any side effects – however this update is optional These updates only provide non security fixes. They are not new security updates. Thus it’s not mandatory to install any of these.
    KB4076495 .NET optional for 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 Optional update – do not need to install Not tracking any side effects – however this update is optional These updates only provide non security fixes. They are not new security updates. Thus it’s not mandatory to install any of these.
    Office 2016 click to run release as of February 13, 2018 Monthly channel version 1801, Build 9001.2171 Office 2016 Security update for remote code vulnerabilities. Tracking issues in Outlook see this page. Unable to save attachments to network see this page.
    Office 2016 click to run release as of February 13, 2018 Semi-Annual Channel  version  1708, Build 8431.2215 Office 2016 *The version I want you to be on* Security update for remote code vulnerabilities. Tracking issues in Outlook see this page. Unable to save attachments to network see this page.
    Office 2013 click to run version 15.0.5007.1000 Office 2013 Security update for remote code vulnerabilities. Tracking issues in Outlook regarding missing meeting information see this page.
    KB3114874

     

    Office 2010 Okay to install – Security update Not tracking any major issues Security update for remote code vulnerabilities. Triggered by specially crafted files.
    KB4011707

     

    Office 2010 Okay to install – Security update Not tracking any major issues Security update for remote code vulnerabilities. Triggered by specially crafted files.
    KB4011711

     

    Outlook 2010 Okay to install – Security update Not tracking any major issues Security update for remote code vulnerabilities. Triggered by specially crafted files.
    KB4011187

     

    PowerPoint 2010 Okay to install – Non security update Not tracking any major issues Fixes slow opening of PowerPoint after the install of Windows 10 1709
    KB4011191 PowerPoint Viewer 2010 Okay to install – Non security update Not tracking any major issues Fixes slow opening of PowerPoint after the install of Windows 10 1709
    KB4011715

     

    Office 2007 Okay to install – Non security update Not tracking any major issues Security update for remote code vulnerabilities./No side effects being tracked at this time.
    KB4011200 Outlook 2007 Okay to install – Security update Not tracking any major issues Security update for remote code vulnerabilities./No side effects being tracked at this time.
    KB4011703 Word Viewer Okay to install – Security update Not tracking any major issues

     

     

    Security update for remote code vulnerabilities./No side effects being tracked at this time.

     

  • February patches bring key Outlook fixes and a rebirth of KB 2952664

    Posted on February 14th, 2018 at 11:41 woody Comment on the AskWoody Lounge

    Unless you use an installed version of Outlook, there’s no reason to patch just yet. Even if you have a bought-n-paid-for version of Outlook, patching is iffy.

    Computerworld Woody on Windows.

  • KB 4023057 is back again. Again.

    Posted on February 9th, 2018 at 04:05 woody Comment on the AskWoody Lounge

    While sifting through the latest KB article change list, I noticed that our old friend KB 4023057 is back.

    Now titled Update to Windows 10 Versions 1507, 1511, 1607, and 1703 for update reliability: February 8, 2018, the KB number should ring some bells.

    Our own @abbodi86 said this about the last onslaught, in October:

    It’s a tool called “Remediation Shell” which remedies “fixes” update-related components to facilitate the upgrade from one version of Win10 to another.

    Registry settings, services status, USO and Windows Update SIH (Silent Install Helper), scheduled tasks, disk space, launch Windows10UpgraderApp.exe if installed (included with 1607 cumulative update since June)

    I haven’t heard anything new about this latest and greatest version, so I assume that @abbodi86’s description still pertains.

    In short, it’s innocuous. Don’t go out of your way to install it, but don’t fear the reaper, either.

    UPDATE: Günter Born notes that KB 2952664 for Win7 and KB 2976978 for Win8.1 (both unchecked and optional) were also released yesterday. Born’s take on the Win7 and 8.1 versions is different from mine:

    These updates have been good for problems in the past and also had to be withdrawn by Microsoft in some cases. There were machines that hung themselves, where the fan was running at full speed, or where websites or the machine was freezing for short periods of time (see here). Herehere and here are older threads mentions install errors with these updates. Here someone mentions boot issues in November 2017. Weighting all this risks against the benefits of a ‘diagnosis update’, I recommend to hide these updates.

    I’m convinced.

  • Office non-security patches appear with the reprise of KB 2952664 and 2976978

    Posted on November 8th, 2017 at 07:45 woody Comment on the AskWoody Lounge

    The usual bunch of Office non-security patches appeared yesterday, with a couple of surprises. Publisher 2007, which is long past end-of-life, got a patch. In addition we saw the re-launch of two widely despised Win7 and 8.1 “compatibility appraiser” updates

    Computerworld Woody on Windows.

  • MS re-re-..release (again) of KB 2952664 and KB 2976978

    Posted on June 6th, 2017 at 16:09 PKCano Comment on the AskWoody Lounge

    We’re seeing a recurrence of the two snooping patches KB2952664 for Win7 and KB2976978 for Win8.1. The last time they showed up, was on March 7th, but now they’re back……

    MS re-re-..release of KB2952664 and KB2976978

    Microsoft describes them as a “Compatibility update for keeping Windows up-to-date.”

    This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate the compatibility status of the Windows ecosystem, and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update.

    They are appearing as unchecked Optional now, which means they won’t be installed unless you check the corresponding box in Windows Update.
    Their status may change next week to Recommended and, for some, they may show up as checked Important on Patch Tuesday.

  • Microsoft pulls KB 2952664 and KB 2976978, likely in anticipation of today’s Patch Tuesday

    Posted on March 14th, 2017 at 06:10 woody Comment on the AskWoody Lounge

    Günter Born has details on Borncity.

    Long and short of it, the two notorious Win7/8.1 snooping patches, KB 2952664 and KB 2976978, which were re-re-… released last week, have been pulled.

    I fully expect to see them back later today as part of the St Patrick’s Patch Tuesday festivities. When the re-appear, they may well be marked as “Recommended” – which means you may get them installed if you aren’t careful.

    There’s a big crop of patches waiting in the wings. Now’s a good time to make sure you’re at MS-DEFCON 2, automatic updates are turned off, and your system’s braced for winter weather.

  • MS-DEFCON 2: Make sure auto updates is turned off, as MS re-re-…-releases KB 2952664 and KB 2976978

    Posted on March 7th, 2017 at 13:22 woody Comment on the AskWoody Lounge

    We’re seeing a replay of February’s Patch Tuesday run –

    Microsoft re-releases snooping patches KB 2952664, KB 2976978

    … except this time it isn’t Patch Tuesday. No idea what’s been changed in those two proto-snooping patches. No idea why they’re being re-re-…-released on the first Tuesday of the month. But they are coming out as Optional, which means they won’t get installed unless you check the corresponding box in Windows Update.

    Anyway, best to get locked down. We’re at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

    Oh and, yes, it looks like Windows Update is working again, after taking a month off.

    Full story in InfoWorld Woody on Windows