News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • A March security patch, for CVE-2020-0796, gets a publicly available proof of concept

    Posted on June 5th, 2020 at 13:42 woody Comment on the AskWoody Lounge

    If you haven’t yet installed the March or April or May security patches, time to get cookin’.

    Ionut Ilascu at Bleeping Computer just reported on a publicly available exploit for the SMB security hole.

    Working exploit code that achieves remote code execution on Windows 10 machines is now publicly available for CVE-2020-0796, a critical vulnerability in Microsoft Server Message Block (SMB 3.1.1)… Known by various names (SMBGhost, CoronaBlue, NexternalBlue, BluesDay), the security flaw can be leveraged by an unauthenticated attacker to spread malware from one vulnerable system to another without user interaction.

    I don’t see anything out in the wild yet, but it’s only a matter of time.

    Yes, you do need to patch sooner or later.

  • MS-DEFCON 3: Get the March 2020 patches installed

    Posted on April 1st, 2020 at 09:32 woody Comment on the AskWoody Lounge

    It’s been a strange patching month, with a Patch Tuesday, a Patch Thursday, the usual buggy “optional, non-security C/D Week” patch, a bonus fix for a bug introduced in late February’s patch, and a warning (with no patch) about yet another bad-font fallibility.

    There are several known bugs, but they all have reasonably well-known workarounds.

    Anyway, now’s a good time to make sure you have the March patches installed. Full instructions in Computerworld Woody on Windows.

  • Microsoft posts a fix for the VPN-related dropped internet connection bug

    Posted on March 30th, 2020 at 16:22 woody Comment on the AskWoody Lounge

    That was quick.

    Four days ago, Microsoft posted an acknowledgment of an unusual bug that’s contained in every Windows patch since the “optional, non-security, C/D Week” patch for February.

    AskWoody poster @jayinalaska describes it thusly:

    Yesterday, I installed the Pulse Secure application on my work PC so I could VPN into a sensitive work network. As soon as I make a connection in the Pulse Secure application, I get the “Limited network” (no internet) warning. I can verify the warning is accurate. During one VPN session, I had Google Drive open in a browser at the same time and was warned I didn’t have a connection any more. As soon as I disconnect from the VPN, the network comes back to normal.

    Here’s the announcement:

    Out-of-band optional update is available for internet connectivity issues on devices with manual or auto-configured proxies including VPNs

    An out-of-band optional update is now available on the Microsoft Update Catalog to address a known issue whereby devices using a proxy, especially those using a virtual private network (VPN), might show limited or no internet connection status.

    We recommend you only install this optional update if you are affected by this issue. For more information, see the known issues section for your version of Windows 10 or see the links below.

    You can find all 20 of the patches in the Microsoft Update Catalog.

  • Win10 optional updates placed on hold

    Posted on March 30th, 2020 at 01:05 Tracey Capen Comment on the AskWoody Lounge


    By Susan Bradley

    As the world hunkers down in response to the COVID crisis, so does Microsoft.

    On March 24, the company announced it would pause optional non-security patches (C/D-week updates), starting in May. I assume the April releases are already mostly baked.

    The primary purpose of C/D-week updates — aka “previews” — is to let enterprises test non-security fixes before the formal releases go out — typically, two or three weeks later.

    Microsoft will reportedly continue to ship the official monthly cumulative updates, but with this announcement, the company is clearly putting its focus on critical security patching. In effect, Microsoft is acknowledging that both it and its customers already have a lot on their plates.

    Read the full story in AskWoody Plus Newsletter 17.12.0 (2020-03-30).

  • Yet another bug in this month’s Windows patches: Proxy bug knocks out some internet connections

    Posted on March 27th, 2020 at 10:40 woody Comment on the AskWoody Lounge

    There’s a reason why I wait before recommending that you install patches, yes?

    News came yesterday afternoon that every.single.Windows.patch released since the “optional, non-security, C/D Week” patch at the end of February introduces a newly acknowledge bug:

    Devices using a proxy might show limited or no internet connection status

    Devices using a manual or auto-configured proxy, especially with a virtual private network (VPN), might show limited or no internet connection status in the Network Connectivity Status Indicator (NCSI) in the notification area.  This might happen when connected or disconnected to a VPN or after changing state between the two. Devices with this issue, might also have issues reaching the internet using applications that use WinHTTP or WinInet. Examples of apps that might be affected on devices in this state are as follows but not limited to Microsoft Teams, Microsoft Office, Office365, Outlook, Internet Explorer 11, and some version of Microsoft Edge.

    According to Microsoft, this bug was introduced in the “optional, non-security, C/D Week” patch for February. If you’re running Win10 1903 or 1909, that’s KB 4535996.

    English translation: If you’ve installed any of the Windows updates since last February’s switch to MS-DEFCON 3, you’ve been bitten.

    There have been three bad patches: The usual Patch Tuesday cumulative update, KB 4540673 for Win10 1903 and 1909; the emergency, notoriously buggy cumulative update KB 4551762 that was supposed to fix the SMBv3 bug; and KB 4541335, which is the next-to- penultimate “optional, non-security C/D Week” patch for Win10 1903 and 1909. [Correction: We’ll have optional, non-security, C/D Week patches in both April and May. Oh boy.]

    If you’re using some other version of Windows, the KB numbers will be different.

    Microsoft says “We are working on a resolution and are targeting a Microsoft Catalog only release of an out-of-band update to resolve this issue by early April.” English translation: If you were trusting enough to install any Windows patches since Feb’s switch to MS-DEFCON 3, and you hit a problem connecting to the internet, try rolling back the patch.Or “You might be able to mitigate the issue by restarting your device.”

    The problem is odd enough that I haven’t seen it in action. But if your internet connection keeps dropping, you should definitely look at rolling back the buggy update(s). There’s nothing in those patches that needs to be installed, like, right now.

    And fer heaven’s sake, don’t voluntarily put your machine in the “cannon fodder” category. Sit back, relax, wait for the problems to appear. And watch the MS-DEFCON level.

  • Reported problem with the latest Windows Defender “Unexpected error”

    Posted on March 25th, 2020 at 09:35 woody Comment on the AskWoody Lounge

    Oh boy. You know that unpublicized Windows Defender patch that fixed the “Items skipped during scan” bug?

    There are two reports on Reddit already about bugs in the new version. Per u/K1Xaviesta:

    Hi I just updated my windows 10 and I got a notification that the windows defender is off and when I go to Windows Security and Virus & threat protection to turn it on it says “Unexpected error. Sorry, we ran into a problem. Please try again.”

    Are you seeing similar problems after installing  KB4052623?

  • Microsoft pauses non-security patches

    Posted on March 25th, 2020 at 09:10 woody Comment on the AskWoody Lounge

    Microsoft says it won’t be pushing any new non-security patches (although they just pushed one about an hour ago).

    We have been evaluating the public health situation, and we understand this is impacting our customers. In response to these challenges we are prioritizing our focus on security updates. Starting in May 2020, we are pausing all optional non-security releases (C and D updates) for all supported versions of Windows client and server products (Windows 10, version 1909 down through Windows Server 2008 SP2).

    There is no change to the monthly security updates (B release – Update Tuesday); these will continue as planned to ensure business continuity and to keep our customers protected and productive.

    Perhaps you can read the tea leaves better than I can. Is Microsoft saying that, for the foreseeable future, they’re only going to be releasing security patches to Win10? The announcement doesn’t quite say that – and today’s patch is a counterexample – but it certainly hints in that direction.

    If so, bravo!

    UPDATE: Mary Jo Foley has a recap. But it still doesn’t answer my fundamental question. I think. Will we stop getting non-security patches altogether?

    ANOTHER UPDATE: I put together my concerns in this post for Computerworld Woody on Windows. I sure wish MS would learn to speak clearly….

    P.S. Why, oh why, isn’t Microsoft using an Insider ring for non-security patches on production versions of Windows?

    AN OFFICIAL UPDATE: On Twitter, a few minutes ago, the official @WindowsUpdate account said:

    That sounds right to me.

  • Microsoft quietly fixes the “Items skipped during scan” Windows Defender bug

    Posted on March 25th, 2020 at 07:12 woody Comment on the AskWoody Lounge

    Report out this morning from Günter Born: It appears as if Microsoft has released a new version of Windows Defender that fixes the “Items skipped during scan” bug I talked about in Computerworld yesterday.

    It’s listed as KB 4052623. You should get it automatically in the next day or two (Windows Defender updates aren’t controlled by the usual Windows Update settings). It’s also available in the Microsoft Catalog.

This website collects data via Google Analytics. Click here to opt in. Click here to opt out.