Newsletter Archives

  • Ignore Susan Bradley’s Patch Watch at your peril

    PUBLIC DEFENDER

    Brian Livingston

    By Brian Livingston

    They say a cobbler’s children have no shoes. I proved this aphorism — the hard way — when I absent-mindedly clicked on a Microsoft update that seriously messed up some features of Windows 11 that I rely on.

    I’ll tell you what occurred and how you can prevent it from happening to you. Most importantly, I’ll explain how you can recover if an update has already wreaked havoc on your system.

    Read the full story in our Plus Newsletter (20.49.0, 2023-12-04).

  • Copilot coming to Windows 10

    Just confirmed on the Windows update twitter feed, Copilot will be coming to Windows 10

    But don’t panic, we will have registry keys and information to block it if you don’t want it.

    I kinda figured this was coming, they have to justify the price tag somehow.

    Just like with 11, it won’t be pushed to “managed” devices.  For unmanaged (those controlled only by Windows update as in Home computers), we will have registry keys and blocking info on the Master Patch List page and articles coming in future newsletters.  Don’t worry, we got your back and will keep you in control of your operating system.

  • Master Patch List as of November 14, 2023


    I’ve updated the Master Patch list for the November updates.  I’ll be updating the page for any known issues or issues that we are tracking. I will keep the latest info there.  Some people are reporting that updates are taking a bit longer to install.

    I’ve also seen some reports of interactions with the start menu for some users. It’s unclear to me right now if these are folks with third party start menu customization. But remember you can ALWAYS uninstall and defer an update while we wait to see if others are reporting issues.

    Click on start, Open Settings. Click on Update & security. Click on Windows Update. Click the Update history link. On Update history, you can view which updates were installed. Click on the update number to uninstall the update.

    If you have an HP computer with ” HPAudioAnalytics Service ” this may delay the installation of updates and appear to get stuck at 30%. If you are impacted, temporarily stop the service.

    For business patchers it’s mandatory that you update your VMware tools – ensure you update your VMware servers to https://www.vmware.com/security/advisories/VMSA-2023-0024.html

    Windows 11 22H2 and 22H3 unmanaged PCs may start to see Copilot.  To disable this use Download reg file to disable Windows Copilot  I’ve seen it dribbled on some, but not all machines.

    As always, thank you all for supporting the cause! Remember we use the “name your price” model where you can choose how much you will pay for  a membership . Plus membership gives you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.  More details in Monday’s newsletter.  You are missing out if you don’t sign up. All content is human made with our own blood, sweat, tears, fingers and brain power and 100% AI free.  Therefore, if I’ve fat fingered any KB numbers or if you have any questions, as always post in the forums and I’ll follow up!

  • Apple security updates October 25, 2023

    Apple is out with some security updates today:

    Like with any device – ensure you have a backup BEFORE installing updates.  No actively exploited bugs are included in this batch, but there are interesting bugs that are getting squashed.

    I’ll be adding this to the master list tonight and tracking any side effects.

    iOS 17.1 and iPadOS 17.1 iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
    iOS 16.7.2 and iPadOS 16.7.2 iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
    iOS 15.8 and iPadOS 15.8 iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
    macOS Sonoma 14.1 macOS Sonoma
    macOS Ventura 13.6.1 macOS Ventura
    macOS Monterey 12.7.1 macOS Monterey
    tvOS 17.1 Apple TV HD and Apple TV 4K (all models)
    watchOS 10.1 Apple Watch Series 4 and later
    Safari 17.1 macOS Monterey and macOS Ventura
  • Out of band .NET update?

    This time of the week and month we normally get the optional Windows updates to Windows 11 and 10. So far this week, I’ve yet to see the optional updates, however we got two interesting updates that were a re-release of some of the security updates released earlier in the month.

    https://support.microsoft.com/en-us/topic/-net-6-0-update-october-24-2023-kb5032874-c7206ee0-8768-496c-a122-eac43b8b85c9

    https://support.microsoft.com/en-au/topic/-net-7-0-update-october-24-2023-kb5032875-1c20c4da-3b7e-414f-b7e7-5947358c33d9

    Apparently they forgot to include the September fixes in their October releases.  “Microsoft is releasing an update to October 10, 2023 security release.  The .NET 6.0.24 release contain the security fixes from our previous September release that were missing in the October release.” Now not all machines may see this, you typically only get .NET 6 and 7 updates if something has installed these .NET versions on your machines.  I have not seen side effects, but anytime I see a re-release with a kinda dumb reason like this that showcases once again a lack of testing and follow up,  come on Microsoft you can do better.
    Bottom line if you got a restart this morning (and why a person in the office couldn’t connect to cellular on his Surface with LTE and called me this morning and I had him reboot and sure enough a .NET patch got installed), well there is your answer.
  • Master Patch List for 10-10-2023


    I’ve updated the Master Patch list for the October updates.  Remember to always review the known issues we are tracking on the Master Patch List page. I will keep the latest info there.  This month the .NET 4.x updates do not have new security patches so it’s not mandatory to install them. That said .NET has been well behaved. I AM seeing KB5011048 .NET 4.8.1 being pushed to machines. Note this is a bit confusing and it’s making me scratch my head as well.  It was originally placed on Windows update back in June.  But clearly it’s been refreshed as of 10/10/2023.  As noted below it’s triggering multiple reboots.

    Windows 11 22H2 changes:  Rolled into the October updates as noted in September 26, 2023—KB5030310 (OS Build 22621.2361) Preview – Microsoft Support

    • New! This update introduces websites to the Recommended section of the Start menu. These websites will be personalized for you and come from your browsing history. This gives you quick access to the websites that are important to you. You can remove any website URL from the Recommended section using the shortcut menu. To turn off the feature, go to Settings Personalization Start. You can adjust settings for all recommended content on the Start menu on this Settings page. Commercial customers can manage this feature using a policy.

    Windows 10 22H2 if you made search smaller or got rid of it, this reintroduces the bigger search box.

    • From https://support.microsoft.com/en-us/topic/september-26-2023-kb5030300-os-build-19045-3516-preview-9d43fdfb-71a1-4a40-b217-4a43d4bd84db.  “New! This update brings back an improved search box experience on the taskbar. If you have a top, bottom, regular, or small icons taskbar, you will see the search box appear. You can use it to easily access apps, files, settings, and more from Windows and the web. You will also have access to the latest search updates, such as search highlights. If you want to restore your previous search experience, you can do that easily. Use the taskbar shortcut menu or respond to a dialog that appears when you use search.”  You can use group policy or set a registry key  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search to 0 in a GPO if you want to kill it off.

    Windows 10/11 may see multiple reboots this month.  Workstations are being pushed .NET 4.8.1 KB5011048 in addition to the other updates triggering a multi-reboot month.

    Issues installing update on Windows 10 — see Here

    Server 2022 adds Azure Arc server setup – see here.

    WSUS appears to not be detecting that Windows 11 machines need updates.  Still investigating this to see what’s going on.

    Windows 11 22H unmanaged PCs may start to see Copilot.  To disable this use Download reg file to disable Windows Copilot  I’ve seen it dribbled on some, but not all machines.

    As always, thank you all for supporting the cause! Remember a donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.  More details in Monday’s newsletter.  You are missing out if you don’t sign up. All content is human made with our own blood, sweat, tears, fingers and brain power and 100% AI free.  Therefore, if I’ve fat fingered any KB numbers or if you have any questions, as always post in the forums and I’ll follow up!

  • Master Patch List for September 12, 2023


    I’ve updated the Master Patch list for the September updates.  Remember to always review the known issues we are tracking on the Master Patch List page. I will keep the latest info there.

    The updates are taking longer than normal to install. Many are reporting this, but it doesn’t mean anything bad is happening to your machine.

    Consumer tip:  If you are on Windows 11 and have any sort of third party menu or file explorer program, ensure that it’s up to date. If the start menu won’t launch be prepared to remove it. While I haven’t seen issues in my testing, it’s still too soon to be installing updates.

    I am recommending at this time that you install Apple updates, I’m not recommending Windows updates at this time. I’ll have more details in the newsletter on Monday.

    • Windows 11 22H2: Recommended
    • Windows 11 21H2: Will be recommended these get updated to 22H2 at the end of the month.
    • Windows 10 22H2: Recommended
    • Apple Ventura – Recommended for newer hardware – as always check with the applications you rely on if they recommend this release.

    As always, thank you all for supporting the cause! Remember a donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.

  • Master Patch List for August 8, 2023

    I’ve updated the Master Patch list for the August updates.  Remember to always review the known issues we are tracking on the Master Patch List page. I will keep the latest info there.

    So far trending issues are:

    8/8/2023:  Still in the process of testing and evaluating updates but be aware that I am seeing failures to install the Exchange server updates for Microsoft’s mail server see this post. Microsoft has pulled the update at this time.

    Consumer tip:  If you are on Windows 11 and have any sort of third party menu or file explorer program, ensure that it’s up to date. If the start menu won’t launch be prepared to remove it. While I haven’t seen issues in my testing, it’s still too soon to be installing updates.

    Business tip: On August 8, 2023, Windows Updates for Server 2022 will add options for administrators to audit client machines that cannot utilize LDAP channel binding tokens via events on Active Directory domain controllers.  (more info in the master patch list)

    I am recommending at this time that you install Apple updates, I’m not recommending Windows updates at this time. I’ll have more details in the newsletter on Monday.

    • Windows 11 22H2: Recommended
    • Windows 11 21H2: If you have a Windows 11 PC and are a gamer, recommended
    • Windows 10 22H2: Recommended
    • Apple Ventura – Recommended for newer hardware – as always check with the applications you rely on if they recommend this release.

    As always, thank you all for supporting the cause! Remember a donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.

  • Exchange patchers – August heads up

    Still in the process of testing and evaluating updates but be aware that I am seeing failures to install the Exchange updates potentially on German language servers — unsure if it’s other languages see the comments in this post.

    Normally I would be urging you to patch Exchange mail server (Microsoft’s email server) updates as soon as possible but I’m seeing patching admins indicate that on some  machines it’s failing to install the patch. Note that when Exchange fails to properly install it will often turn the services off completely and then fail to turn them back on. Bottom line don’t panic, just go into your Exchange server and turn the services manually back on. Chances are it will recover.  Note it MAY be that this just impacts German language servers. Note that it is impacting all non English versions of Exchange. Seeing indications in the blog that it may be that locale only?  But given the time zones they may be the ones patching and those of us in North America are still testing. Bottom line, be aware of potential installation issues.  You may want to hold back a bit and see what happens.

    More on this in the Newsletter on Monday. I will also keep the Master Patch List page up to date on the latest.  In the meantime I would keep an eye on the Exchange blog site.

  • Master Patch List as of July 11, 2023

    I’ve updated the Master Patch list for the July  Remember to always review the known issues we are tracking on the Master Patch List page. I will keep the latest info there.

    So far trending issues are:

    Consumers:

    Windows 11 updates include fixes for gaming quality mice.

    Business side effects:

    If you have external email banners set up for Outlook clients that are suddenly missing after the last update to Outlook. try adjusting the colors .
    Manual registry keys have to be deployed to be fully patched. Testing the impact and will report back. I do not see this as a concern for consumers just potentially targeted businesses.

    I am recommending at this time that you install Apple updates, I’m not recommending Windows updates at this time. I’ll have more details in the newsletter on Monday.

    • Windows 11 22H2: Recommended
    • Windows 11 21H2: If you have a Windows 11 PC and are a gamer, recommended
    • Windows 10 22H2: Recommended
    • Apple Ventura – Recommended for newer hardware – as always check with the applications you rely on if they recommend this release.

    As always, thank you all for supporting the cause! Remember a donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.

  • Master Patch List as of June 13, 2023

    I’ve updated the Master Patch list for the May releases.

    Remember to always review the known issues we are tracking on the Master Patch List. I will keep the latest info there.

    So far trending issues are:

    Consumers:

    Chrome may have some issues after the June updates – Triggered by malwarebytes – see their KB

    Business side effects:

    Users of Windows Hello may get an extra OOBE prompt.

    Manual registry keys have to be deployed to be fully patched. Testing the impact and will report back. I do not see this as a concern for consumers just potentially targeted businesses.

    June turns on Enforcement by Default comes with the June updates regarding CVE-2022-38023 ( KB5021130: How to manage the Netlogon protocol changes related to CVE-2022-38023 – Microsoft Support ).

    I am recommending at this time that you install Apple updates, I’m not recommending Windows updates at this time. I’ll have more details in the newsletter on Monday.

    • Windows 11 22H2: Not recommended
    • Windows 11 21H2: If you have a Windows 11 PC, recommended
    • Windows 10 22H2: Recommended
    • Windows 10 21H2: Drops out of support this month
    • Apple Ventura – Recommended for newer hardware – as always check with the applications you rely on if they recommend this release.

    As always, thank you all for supporting the cause! Remember a donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level

  • Master Patch List as of May 9, 2023

    I’ve updated the Master Patch list for the May releases.

    Remember to always review the known issues we are tracking on the Master Patch List. I will keep the latest info there.

    So far trending issues are:

    Business patchers – In order to fully patch systems for potential UEFI/Secure Boot there are a series of manual steps. I am NOT convinced that this is needed for anyone other than targeted nation state organizations. I’ll have exact instructions and a video should you want more information.

    I am recommending at this time that you install Apple updates, I’m not recommending Windows updates at this time. I’ll have more details in the newsletter on Monday.

    • Windows 11 22H2: Not recommended
    • Windows 11 21H2: If you have a Windows 11 PC, recommended
    • Windows 10 22H2: Recommended
    • Windows 10 21H2: Recommended (if a vendor won’t support 22H2)
    • Apple Ventura – Recommended for newer hardware – as always check with the applications you rely on if they recommend this release.

    As always, thank you all for supporting the cause! Remember a donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level