News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • New, one-off cumulative updates for all Win10 versions to fix that “gov.uk” HSTS bug

    Posted on May 20th, 2019 at 07:30 woody Comment on the AskWoody Lounge

    Yep, it’s Sunday.

    Looks like we have new cumulative updates for all versions of Win10 and all related versions of Server. That, combined with the Win7 and 8.1 patches released on Saturday, seems to fix all of the buggy gov.uk May patches.

    If you’re a glass-half-full kind of person, you can say that Microsoft fixed the bug it promulgated in less than a week.

    If you’re a glass-half-empty sort, you can say that it took Microsoft nearly a week to fix the bug it spread on Tuesday.

    Details in Computerworld Woody on Windows.

    Win10 Installation instructions from the KB articles:

    Install this update

    • UK customers : This update will be applied automatically to resolve this issue. You may be required to restart your device again. If you are affected by this issue, Check for updates to apply the update immediately.
    • Customers outside of the UK: This update will not be applied automatically. If you are affected by this issue, we recommend that you apply this update from Windows Update and then restart your device.
  • For the second month in a row, McAfee and Sophos are having problems with the Win7/Server 2008 R2 Monthly Rollup and Security-only patches

    Posted on May 19th, 2019 at 07:38 woody Comment on the AskWoody Lounge

    After the debacle last month, you’d think that McAfee and Sophos would’ve figured out a way to work with Microsoft’s monthly patches.

    Not so.

    Microsoft says that its May 14 Monthly Rollup, KB 4499164 and Security-only patch KB 4499175, are triggering problems anew:

    Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.

    We are presently investigating this issue with McAfee.

    Guidance for McAfee customers can be found in the following McAfee support articles:

    To be clear, this is in addition to the problems we all felt last month. The official Release Information status page says that this particular problem originated on April 9 and has been mitigated. McAfee disagrees: “May 16, 2019 Updated that this issue applies to Windows April 2019 update KBs or later Windows monthly updates.” You can choose which one you believe.

    Microsoft hasn’t yet admitted to the problems with Sophos, but I assure you they will. Here’s what Sophos says:

    We have had an increase in customers reporting that following on from the Microsoft Windows 14th May patches they are experiencing a hang on boot where the machines appear to get stuck on “Configuring 30%”

    Initial findings suggest that this relates to the below Microsoft Patches:

    May 14, 2019—KB4499164 (Monthly Rollup)
    May 14, 2019—KB4499165 (Security-only update)

    We have currently only identified the issue on Windows 7 and Windows Server 2008 R2

    Applies to the following Sophos product(s) and version(s)
    Sophos Endpoint Security and Control
    Sophos Central Endpoint Standard/Advanced

    Why does this feel like deja vu all over again?

    Thx Kevin Beaumont @GossiTheDog.

  • Good news: The “wormable” security hole in XP, 7, and related Servers, isn’t being exploited yet

    Posted on May 16th, 2019 at 08:21 woody Comment on the AskWoody Lounge

    If you’re running

    • Windows XP (including Embedded)
    • Windows Server 2003, Server 2003 Datacenter Edition
    • Windows 7
    • Windows Server 2008, Server 2008 R2

    You still have time to install the May patches.

  • MS-DEFCON 3: Get Windows XP, Win7 and associated Servers patched

    Posted on May 15th, 2019 at 07:59 woody Comment on the AskWoody Lounge

    If you’re running Win8, 8.1, 10 or related Server versions, stay on MS-DEFCON 2. Don’t install this month’s patches just yet.

    But if you have:

    • Windows XP (including Embedded)
    • Windows Server 2003, Server 2003 Datacenter Edition
    • Windows 7
    • Windows Server 2008, Server 2008 R2

    you need to get patched right away. The sky isn’t falling — there’s no worm making the rounds just yet — but at this point it looks like the benefits of patching outweigh the risks.

    If you’re running Vista, hang tight. Looks like Microsoft forgot to document that one.

    For XP and 7 users, I’m moving to MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.

    Details in Computerworld Woody on Windows. And I’ll have an AskWoody Alert out soon.

  • May 2019 Patch Tuesday arrives

    Posted on May 14th, 2019 at 12:08 woody Comment on the AskWoody Lounge

    The Update Catalog has 237 new entries. Jeeeez.

    The Security Update Guide lists 2,195 new individual patches today.

    Martin Brinkmann has posted his summary:

    • Microsoft released security updates for all supported versions of Windows.
    • All versions of Windows are affected by CVE-2019-0903,  a GDI+ Remote Code Execution Vulnerability critical vulnerability.
    • Windows 7 is the only client system affected by another critical vulnerability CVE-2019-0708 , Remote Desktop Services Remote Code Execution Vulnerability
    • Microsoft released a security update for Windows XP (KB4500331)

    Dustin Childs has his report posted for ZDI:

    security patches for 79 CVEs (separately identified security holes) along with two advisories… (Windows Error Reporting bug CVE-2019-0863 being exploited actively)… details about the use of the exploit are not available, it is likely being used in limited attacks against specific targets.

    Big news is the “wormable” security hole in RDP, CVE-2019-0708. From Simon Pope on the MSRC Technet blogt:

    Any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.

    Vulnerable in-support systems include Windows 7, Windows Server 2008 R2, and Windows Server 2008. Downloads for in-support versions of Windows can be found in the Microsoft Security Update Guide. Customers who use an in-support version of Windows and have automatic updates enabled are automatically protected.

    Out-of-support systems include Windows 2003 and Windows XP. If you are on an out-of-support version, the best way to address this vulnerability is to upgrade to the latest version of Windows. Even so, we are making fixes available for these out-of-support versions of Windows in KB4500705.

    Yes, you read that correctly. There’s a downloadable fix for Win 2003 (not to be confused with Win10 “version 2003,” which is currently in the Insider Fast Ring) and WinXP.

    But wait. That’s not all. There’s also a big hole in .NET versions 2.1 and 2.2. CVE-2019-0982. It’s a Denial of Service vulnerability.

    UPDATE: Poster Old School on Krebs on Security reports:

    KB 4494441 [that’s the Win10 1809 patch] had to be installed twice so be sure to run Windows Update twice. I was not amused.

  • MS-DEFCON 2: Keep the May 2019 patches off your machine for now

    Posted on May 13th, 2019 at 07:43 woody Comment on the AskWoody Lounge

    Tomorrow’s Patch Tuesday and, if it’s like other Patch Tuesdays for the past year or two, it’ll be accompanied by howls of pain.

    Don’t be an unpaid beta tester. Get Windows Update locked down.

    We’re at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

    Full details in Computerworld.

  • May 2019 non-Security Office Updates have been released

    Posted on May 7th, 2019 at 13:03 PKCano Comment on the AskWoody Lounge

    The May 2019 non-Security Office updates have been released Tuesday, May 7, 2019. They are not included in the DEFCON4 approval for the April 2019 patches. Unless you have a specific need to install them, you should wait until Susan Bradley (Patch Lady) approves them and any problems have been reported.

    Remember, Susan’s patching sequence and  recommendations are based on a business environment that has IT support and may have time constraints on the updating process. Consumer patching should be more cautious due to limited technical and mechanical resources. The latter is the reason for the AskWoody DEFCON system.

    Office 2010

    Update for Microsoft Outlook 2010 KB4464524

    Office 2013

    Update for Microsoft Office 2013 KB4011677
    Update for Microsoft Outlook 2013 KB4464546
    Update for Microsoft Word 2013 KB4464545
    Update for Skype for Business 2015 KB4464547

    Office 2016

    Update for Microsoft Excel 2016 KB4464550
    Update for Microsoft Office 2016 KB2902717
    Update for Microsoft Office 2016 KB4461441
    Update for Microsoft Office 2016 KB4461477
    Update for Microsoft Office 2016 KB4462119
    Update for Microsoft Office 2016 KB4462238 has been pulled
    Update for Microsoft Office 2016 KB4462243
    Update for Microsoft Office 2016 KB4464538
    Update for Microsoft Office 2016 KB4464552
    Update for Microsoft Office 2016 Language Interface Pack KB4464537
    Update for Microsoft Outlook 2016 KB4464540
    Update for Microsoft PowerPoint 2016 KB4464533
    Update for Microsoft Project 2016 KB4464541
    Update for Microsoft Visio 2013 KB4462113
    Update for Skype for Business 2016 KB4464532

    There were no non-security listings for Office 2007 (which is out of support).
    Updates are for the .msi version (persistent). Office 365 and C2R are not included.
    Security updates for all supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday).

    UPDATE: Update for Microsoft Office 2016 KB4462238 has been pulled