Newsletter Archives

  • Avira says it has fixed the slowdown problem associated with the April Win7/8.1 patches; Microsoft still hasn’t acknowledged it

    Avira has updated its very short response to the six dirty patches/five broken AVs problem. Their KB 1976 now says:

    We have looked into the issue that you described, where the system slows down after a Windows update, and have found a way to fix it.

    We have recently released an update that should fix this issue. Your Avira Product will be automatically updated, and you don’t have to do anything else in the product.

    Oddly, the Avira article goes on to list three conflicting patches:

    • Windows 10: KB4493509
    • Windows 7: KB4493472, KB4493448

    whereas Microsoft lists Avira conflicts as part of the known issues for nine different patches — all of the Win7 and Server 2008 R2 / Win8.1 and Server 2012 R2 / Server 2012 Monthly Rollup and Security-only patches (those are the original six), along with the Monthly Rollup Previews, now, for each of those versions.

    Microsoft still says:

    Microsoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed. We are presently investigating this issue with Avira and will provide an update when available.

    Also remarkably, Avira singled out the original March Win10 1809 cumulative update KB 4493509, where Microsoft has never acknowledged that bug. Even the fancy new Windows 10 Release Information Status page is mum.

    Not sure whom to believe? Yeah, me neither.

    Thx Bogdan Popa, Softpedia.

  • MS-DEFCON 4: It’s time to get Windows and Office patched

    There’s only one patch you should studiously avoid this month — Win7’s KB 4493132, the “Get Windows 10” nag patch.

    Other than that, the sailing’s clear.

    Perhaps surprisingly, I’m moving my Win10 production machines to version 1809. Not because of the feature improvements, which are minimal at best, but because it adds six months to the amount of time I can delay 1903.

    Step-by-step details in Computerworld Woody on Windows.

  • Where we stand with the March 2019 patches

    Looks pretty good, but there are some oddities.

    Details in Computerworld Woody on Windows.

  • Dell’s Encryption Console gets clobbered by this month’s Patch Tuesday Win10, 8.1, 7 patches

    Yesterday, Dell confirmed that

    Dell Encryption’s Local Management Console may fail to display information and the activation status may read “_UNMNGD_” after installing the March 2019 Cumulative Update. This affects all current versions of Microsoft Windows and Dell Encryption.

    Dell says the problem crops up after installing the Patch Tuesday Cumulative Updates for Win10 1809, 1803, 1709, 1703, or Server 2016, or the Monthly Rollups or Security-Only patches for Win7 or 8.1.

    Clean sweep.

    The solution?

    Update to Dell Encryption 10.2.1 or later, which can be found at:

    To resolve this issue on versions prior to Dell Encryption 10.2.1, remove the March 2019 Cumulative Update.

    (“Cumulative Update” in this case means the first monthly Cumulative Update for Win10, or the Monthly Rollup or Security-Only patch for Win7 or 8.1. Not sure what to do if you’ve already installed the second monthly Cumulative Update for Win10 1803, 1709 or Server 2016.)

    Win10 installations with earlier versions of Dell Encryption also have to manually block the update from re-appearing using wushowhide.

    Thx @Kirsty

  • Proof of concept code published for one of this month’s Win7 zero-days

    Catalin Cimpanu reports on ZDNet that the Chinese giant Qihoo 360 Core has published proof of concept code for the Win7 zero day identified as CVE-2019-0808. That’s the zero-day that prompted Google to patch Chrome last week, with a dire warning that you needed to get Chrome caught up on patches.

    That isn’t good news for Win7 users.

    I’ll be watching closely to see if the new proof of concept code makes its way into a credible threat for you Win7 customers.

    Stay tuned.

  • New bug reported with all of this month’s Windows patches

    In the past hour or so, Microsoft has acknowledged a new bug in the latest cumulative update of every version of Windows 10, and in the Monthly Rollups for Win7 and 8.1. (Security-only patches for Win7 and 8.1 appear to be unaffected.


    After installing this security update, Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.


    Right-click the URL link to open it in a new window or tab.

    Microsoft is working on a resolution and will provide an update in an upcoming release.

    I don’t have any details as yet, but it sounds like avoiding IE is your best bet.

    Thx, Patch Lady!


  • Details emerging on the March 2019 Patch Tuesday trove

    By and large this month’s patches — so far — aren’t much to be concerned about, unless you’re worried about attacks from nation states.

    Chrome has already been patched on your machine (trust me), so the major Win7 attack vector is sealed.

    The Win10 1809 patch fixes the “crazy” performance hit on some games, but it has a strange bug that knocks out audio in weird circumstances. That bug was introduced by the 1809 patch on March 1.

    There’s confusion over two different Win7 patches that are needed to implement SHA-2 security in July, but @DrBonzo and @PKCano have figured it out.

    And Office doesn’t get much respect. Or disruption.

    Of course, you shouldn’t install any of it until we hear from the cannon fodder. We’re still at MS-DEFCON 2.

    Details in Computerworld Woody on Windows.

  • March 2019 Patch Tuesday patches

    They’re starting to roll in.

    Martin Brinkmann has a full roundup on

    • Windows 7: 21 vulnerabilities of which 3 are rated critical and 18 are rated important.
    • Windows 8.1: 20 vulnerabilities of which 3 are rated critical and 17 are rated important.
    • Windows 10 version 1703:  24 vulnerabilities of which 2 are critical and 22 are important
    • Windows 10 version 1709: 28 vulnerabilities of which 2 are critical and 26 are important
    • Windows 10 version 1803: 33 vulnerabilities of which 6 are critical and 27 are important
    • Windows 10 version 1809: 33 vulnerabilities of which 6 are critical and 27 are important

    The Microsoft Update Catalog lists 124 individual patches.

    Dustin Childs has his usual thorough review on the ZDI blog:

    security patches for 64 CVEs [ = separately identified security holes ] along with four advisories… Four of these bugs are listed as public and two are listed as being under active attack at the time of release.

    The two that are under active attack (which is to say, the two 0days) are both rated “Important” which, as many of you know, means they aren’t really all that important. They’re “elevation of privilege” attacks — a miscreant has to be in your system already before they can leverage one of these two attacks to move themselves up to admin level.

    The list of Win10 patches is up on Reddit.

    Win10 1809 – It looks like the “crazy” performance drop in games, including Destiny 2, has been fixed.

    There’s a Servicing Stack Update for Windows 7 that’s related to the SHA-2 “critical update” we’ve been expecting since November. No idea if this is the whole fix, or if it’s just a part of enabling SHA-2 encryption for Win7 patches. As noted in the earlier article, you need to get this Servicing Stack Update in order to install any Win7 patches after July. Thx @EP, @Crysta.

    6 new Office security patches, to add to the 28 non-security patches from earlier this month. Two new versions of Office Click-toRun: 15.0.5119.1000 for Office 2013; 14.0.7230.5000 for Office 2010.

    I don’t see anything screaming to be patched at this moment. More as the day wears on.

  • MS-DEFCON 2: Make sure your machine’s set to block automatic updates

    With Patch Tuesday coming tomorrow, there are all sorts of threatening scenarios at work.

    Worst case: Microsoft declares that Win10 version 1903 is ready for distribution. We used to call that “Currrent Branch” and then “Semi-Annual Channel.” Now, I’m not sure what it’s called. Perhaps RTM? I still like the term “Guinea Pig edition.”

    Anyway, now’s the time to make sure you’ve gummed up the automatic update works. Full instructions in Computerworld Woody on Windows.

  • March 2019 non-Security Office Updates have been released

    The March 2019 non-Security Office updates have been released Tuesday, March 5, 2019. They are not included in the DEFCON4 approval for the February 2019 patches. Unless you have a specific need to install them, you should wait until Susan Bradley (Patch Lady) approves them and any problems have been reported.

    Remember, Susan’s patching sequence and  recommendations are based on a business environment that has IT support and may have time constraints on the updating process. Consumer patching should be more cautious due to limited technical and mechanical resources. The latter is the reason for the AskWoody DEFCON system.

    Office 2010

    Update for Microsoft Access 2010 (KB4018363)
    Update for Microsoft Office 2010 (KB4461626)
    Update for Microsoft Office 2010 (KB2589339)
    Update for Microsoft Outlook 2010 (KB4462229)

    Office 2013

    Update for Microsoft Office 2013 (KB4462201)
    Update for Microsoft Office 2013 (KB4092455)
    Update for Microsoft Outlook 2013 (KB4462206)
    Update for Microsoft Visio 2013 (KB4461484)

    Office 2016

    Update for Microsoft Access 2016 (KB4462192)
    Update for Microsoft Excel 2016 (KB4462212)
    Update for Microsoft Office 2016 (KB4461439)
    Update for Microsoft Office 2016 (KB4462214)
    Update for Microsoft Office 2016 (KB4462195)
    Update for Microsoft Office 2016 (KB4462118)
    Update for Microsoft Office 2016 (KB4032231)
    Update for Microsoft Office 2016 Language Interface Pack (KB4462194)
    Update for Microsoft Outlook 2016 (KB4462196)
    Update for Microsoft PowerPoint 2016 (KB4462191)
    Update for Microsoft Project 2016 (KB4462198)
    Update for Skype for Business 2016 (KB4462190)
    Update for Microsoft Word 2016 (KB4462193)

    There were no non-security listings for Office 2007 (which is out of support).
    Updates are for the .msi version (persistent). Office 365 and C2R are not included.
    Security updates for all supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday).