News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

Newsletter Archives

  • MS-DEFCON 4: The printing issues continue

    Posted on September 28th, 2021 at 02:45 Comment on the AskWoody Lounge
    AskWoody Plus Alert Logo
    ISSUE 18.37.1 • 2021-09-28

    MS-DEFCON 4

    By Susan Bradley

    Printing or security — you decide

    We’re back to reasonable levels of safety and of understanding the nature of recent updates, so I’m recommending the resumption of update installation — but not without some major caveats. Sadly, there are still some side effects with printing, which is getting to be an annoying trend. It’s been months now.

    These updates also include new and expanded categories plus registry keys that allow you to officially defer Windows 11 and then choose to push off the upcoming 21H2 release. More about that later.

    Consumer and home users

    I haven’t seen printing problems with directly attached printers, the most likely scenario for home users. Therefore, I recommend applying the September updates now. The reason is that this month’s updates include expanded sections to choose various versions of Windows 10 or Windows 11 and specifically block what you don’t want.

    For those of you on Windows 10 Professional, after installing the September updates you’ll be able to click on the search box and type in “edit group policy.” Next, scroll down to Computer Configuration, Administrative Templates, Windows Components, Windows Update, and Windows Update for Business. Find the setting for Select the target Feature Update version. Click on Enabled, fill in the product version in the first box (“Windows 10”), and then the feature release version you want to keep.

    Of course, Windows 10 Home can’t do group policy. Instead, use registry keys to defer Windows 11 and stay on the version of Windows 10 you want. You’ll be adding a value under

    HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

    Manually add the values “TargetReleaseVersion”=dword:00000001, “ProductVersion”=”Windows 10”, and “TargetReleaseVersionInfo”=”21H1”.

    I’ve made it easier for you by including links to download these registry keys. If you want to stay on 21H1, click on this link and install it on your system. If you plan to let your machine upgrade to 21H2, click on this link. And if you leave the setting alone and do nothing, and your computer does not have the hardware capabilities for Windows 11, you will not be offered the upgrade. If you do have hardware that can handle Windows 11, you’ll be offered — but not pushed to — Windows 11.

    Business users

    First the good news: Microsoft has finally acknowledged what we’ve known for weeks now — its updates trigger issues if your users do not have administrator rights. The bad news is that it hasn’t yet acknowledged the issues we’ve seen this month, nor are any fixes planned. Microsoft will only urge us to

    Verify that you are using the latest drivers for all your printing devices and where possible, use the same version of the print driver on the print client and print server.

    Microsoft indicates that the trigger is

    … caused by a print driver on the print client and the print server using the same filename, but the server has a newer version of the file.

    But here’s the problem: We never installed a newer driver on the server. We did nothing but install the software update to the server. I know that many of these notifications are triggered by the use of v3 (older) printer drivers versus v4 printer drivers. If you cannot upgrade to v4 drivers, you have a couple of options to “re-push” out drivers to fix this issue.

    Unfortunately, in this era of cumulative updates you can’t break out the parts of the update you want from the parts you don’t want. So if you don’t install this update this month, you put your business at risk from MSHTML-based ransomware attacks (CVE-2021-40444).  If you make the decision to not install these updates, make sure you use the registry keys I wrote about earlier to block the MSHTML vulnerabilities. Don’t go unpatched and unprotected.

    References

    Read the full story in the AskWoody Plus Alert 18.37.1 (2021-09-28).

  • MS-DEFCON 4: All clear for consumers, less so for businesses

    Posted on August 25th, 2021 at 02:45 Comment on the AskWoody Lounge
    AskWoody Plus Alert Logo
    ISSUE 18.32.1 • 2021-08-25

    MS-DEFCON 4

    By Susan Bradley

    This month has been a bit bumpy for business users needing to print.

    This month’s change to a technology called “Point and Print” has triggered side effects for information technology professionals who deployed workstations without administrator rights.

    Although I’m reluctantly recommending installing these updates, because you need to be protected from all the other vulnerabilities this month, I must acknowledge that even after you patch, you still won’t be protected from printer vulnerabilities. There is yet another Print Spooler issue out there. Right now, the only way you can protect yourself from the remote Print Spooler attack described by CVE-2021-36958 is to keep your Print Spooler service disabled unless it is absolutely needed.

    Consumer and home users

    Install the August updates. In a change to my past update recommendations regarding .NET, I now recommend installing the .NET updates as well. For the last year, I’ve not experienced any side effects with the nonsecurity .NET updates and feel confident about their safety.

    I’ve also not been tracking any side effects with Chromebook 92 after its release on August 2. Unlike last month, there’s been no need to roll back this version.

    Business users

    For those of you in charge of business patching, there’s no good resolution for the side effects of the August updates, not to mention the risks of the unpatched Print Spooler vulnerability. If you deploy print drivers using group policy and your users do not have administrator rights, they are being prompted to install a printer-driver update even though the printer driver has not changed — the only thing that has occurred is that the patch was installed. You can deploy a registry key to

    HKLM\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint

    with the name RestrictDriverInstallationToAdministrators and a DWord value of 0, but unfortunately, this opens up your workstations to attack. It’s not a good solution.

    The root cause appears to be v3 versions of printer drivers. In the short term, I recommend several possible solutions.

    • Temporarily allow administrator rights via group policy to allow your end users to install the updated print driver, and then revert them back to non administrator rights.
    • Use the registry key workaround (above) that will allow printer drivers to be installed, with full knowledge that this opens your machine up to attack.
    • Review the printer drivers you have installed and ensure that they are v4 and not earlier versions.

    References

    Read the full story in the AskWoody Plus Alert 18.32.1 (2021-08-25).

  • MS-DEFCON 4: Get those June updates installed

    Posted on June 24th, 2021 at 02:50 Comment on the AskWoody Lounge
    AskWoody Plus Alert Logo
    ISSUE 18.23.1 • 2021-06-24
    MS-DEFCON 4: Get those June updates installed

    MS-DEFCON 4

    By Susan Bradley

    It’s time to deal with “News and Interests.”

    Consumer and home users

    If you’ve been procrastinating with the June updates so you didn’t have to deal with the new “News and Interests” feature and its side effects, the time has come.

    Microsoft has released KB5003698 to fix issues with blurry images in 1909 for Enterprise. Windows 10 2004/20H2 and 21H1 received KB5003690 to fix the blurry text on the News and Interests button for some screen resolutions. KB5003690 also fixes a problem with search box graphics on the Windows taskbar, which occurs if you right-click the taskbar and turn off News and Interests. This graphics issue is especially visible when using dark mode. If it is a problem for you, install this optional update.

    There are other issues to work out, such as interactions with the desktop if you are using Classic Shell or other menu programs. AskWoody readers have noted cases in which sign in to customize the news selections did not work. If you have problems with the News and interests feature, try setting it to icons only instead of icons and text.

    For Office updates, open up any Office software application, click on File, Account, Office Updates, and enable updates. Then click on Update Now to trigger their installation.

    Business users

    This month’s releases showcase that timing is everything. If you apply updates to workstations before applying them to servers and then attempt to use remote event-log tools, you will find that you cannot access the event logs. As noted by Microsoft, affected apps are using certain legacy Event Logging APIs. Ensure that you apply the updates for both workstations and servers before attempting to use such software.

    References

    Read the full story in the AskWoody Plus Alert 18.23.1 (2021-06-24).

  • MS-DEFCON 4: It’s quiet out there

    Posted on May 27th, 2021 at 01:00 Comment on the AskWoody Lounge
    AskWoody Plus Alert Logo
    ISSUE 18.19.1 • 2021-05-27
    MS-DEFCON Level 4

    By Susan Bradley

    This month has been relatively quiet with respect to patching side effects. It’s now time to install the May updates.

    Consumer and home users

    Most of the issues and complaints have not been about the May update. Instead, there has been dissatisfaction with a new feature called News and Interests. As this feature rolls out, more and more people are asking how to remove it. I have provided a registry update file that will automatically disable News and Interests. The only known side effect is audio issues in some machines; these can be bypassed by using stereo settings.

    More details will be provided in my upcoming Patch Watch article.

    Business users

    For small businesses that still have an on-premises Exchange email server, make sure you install this month’s Exchange patches, as described in KB 5003435.

    Note that some users reported issues if they had manually removed the new version of Edge, proving once again that Microsoft doesn’t test the edge cases (pun intended).

    Read the full story in the AskWoody Plus Alert 18.19.1 (2021-05-27).

  • MS-DEFCON 4: Patching is approved

    Posted on April 30th, 2021 at 01:02 Comment on the AskWoody Lounge
    AskWoody Plus Alert Logo
    ISSUE 18.15.1 • 2021-04-30
    Susan Bradley

    By Susan Bradley

    Proceed to update.

    I’m separating my patching guidance into two categories — one for consumer or home users and one for business users. And I’m changing our MS-DEFCON level to 4. At this time, I’m not seeing major issues with updating.

    Consumer and home users

    The April updates have been much better behaved and I’m not seeing any major issues with the releases. Problems identified in 2004/20H2 as impacting performance in games have been automatically mitigated by Microsoft, using its Known issue rollback process. The April updates also resolved the lingering issues with printing triggered with the March updates. Importantly, the April updates install the new, Chromium-based Edge as the default browser and remove the old, “legacy” Edge. Be aware that this update will reset default programs, such as your PDF reader, to the new Edge; you’ll need to make manual adjustments to restore your preferences.

    Note: Going forward, when AskWoody mentions “Edge,” you should assume we mean the new, Chromium-based Edge. Otherwise, we will refer to legacy Edge.

    If you are still using Windows 10 Home or Pro 1909 you have only until May before that version is no longer supported. If you have not already upgraded to 20H2, I recommend taking this opportunity to do so. Remember, my favorite way to upgrade is to use the Update now button on the Software download page.

    Business users

    Coming with the preview releases for Windows 10, and included in the May Security releases, Microsoft will be including a new “News and Interests” taskbar item that will feature topics of interest to your users. If you want to proactively block it, use the Group Policy editor or adjust registry keys.

    References

    Read the full story in the AskWoody Plus Alert 18.15.1 (2021-04-30).

  • MS-DEFCON 4 – February updates trigger few issues

    Posted on March 1st, 2021 at 01:00 Comment on the AskWoody Lounge

    PATCH WATCH

    MS-DEFCON 4 – February updates trigger few issues

    By Susan Bradley

    All-clear for February patches

    It’s that normal time of the month when I’ll urge everyone to get the February security updates installed. For consumers, I’m not tracking any major issues. l also recommend that those of you still on 1909 consider installing 2004 or 20H2, unless they are not yet being offered on your PCs. I’ve now installed 2004/20H2 on enough systems to be comfortable recommending either one on your machines. Remember, the complete list of February updates that I recommend — or not — can be found at any time on the Master Patch List.

    Read the full story in AskWoody Plus Newsletter 18.8.0 (2021-03-01).

  • MS-DEFCON 4: Install the February updates, skip that Secure boot

    Posted on February 27th, 2021 at 22:12 Comment on the AskWoody Lounge

    More details will be in tomorrow’s newsletter along with a Plus membership only video that discusses my patching recommendations for the month.

    I always use the weekend for maintenance tasks, so for those of you that were waiting for the Defcon 4 green light I just flipped the beacon so you can do so anytime this weekend.

    As a reminder I am not recommending installing KB4535680 and recommend you to use Wushowhide (or your favorite patching hiding tool).

    If you aren’t a plus member, you can sign up now and you’ll get not only the private video but all of the other great newsletter articles coming out tomorrow.  Hope to see you on the Plus side!

  • MS-DEFCON 4 – Make sure January updates are installed

    Posted on January 31st, 2021 at 10:15 Comment on the AskWoody Lounge

    It’s time to make sure January updates are installed. More details are in the AskWoody Plus newsletter out  tonight/tomorrow (sign up for it here).

    I’m recommending that Win10 Home and Pro users move to version 2004 (or 20H2) if you haven’t already done so.  Remember you can set the Targetreleaseversion setting and make sure you only get to the version you want.

    I also have advice and information about the supposed NTFS “bug” upcoming Computerworld.  Stay tuned!

  • MS-DEFCON 4 – reminder for December updates

    Posted on January 4th, 2021 at 00:27 Comment on the AskWoody Lounge

    Just a reminder – it’s time to install the December updates.  If you received a bit of an unusual alert tonight/this morning that had a heading of November updates but content regarding December updates that left you slightly scratching your head, blame yours truly (me!) that clearly didn’t read the manual well enough to get all the parts of the alert template right.  Like a typical geek I missed a step or two.

    For those WindowsSecrets former newsletter subscribers who are receiving unusual renewal reminders saying that their subscription is about to expire on November 10, 2206, no we having been drinking the leftover egg nog a bit too much, clearly the technology gods are slightly freaking out on the year change.  Apologies for any unusual emails you may be receiving, have received or will be receiving as we work through the issues.  I have someone looking at that.

    Ah isn’t technology fun?

    Remember we are taking a break this week from the newsletter and will be back next week with some exciting new content and authors.  Stay tuned!

  • MS-DEFCON 4 – all clear to install updates

    Posted on December 28th, 2020 at 08:16 Comment on the AskWoody Lounge

    Well it’s time to close the year and the month on patching.  If you haven’t already done so, install them now and get ready to say goodbye to Adobe Flash.

    More on Computerworld.

  • MS-DEFCON 4 – It’s time to Patch for Nov

    Posted on November 23rd, 2020 at 11:15 Comment on the AskWoody Lounge

    My advice: If you have a zoom call coming up this week for a Thanksgiving get together – ensure that you do that Zoom call FIRST – then update your computer after that!  So it’s okay to use this week as “computer maintenance week” (at least for those of us in North America).  For those outside of North America I’m still ready to give the all clear especially for those on 1909.

    Remember 1903 goes out of support next month.

    More at Computerworld.com

  • MS-DEFCON 4: Get the September 2020 patches installed

    Posted on October 2nd, 2020 at 09:25 Comment on the AskWoody Lounge

    If you’re running SQL Server 2019, surprise!, Microsoft yanked the old cumulative update and replaced it with a working one last night.

    In general, it looks like a pretty healthy bunch of patches, with the usual (undocumented) problems: the “temporary profile” bug; stealthy installation of KB 4023057; odd miscellaneous blue screens and interface bleeps.

    I still won’t install version 2004 on my production machines, even though about one-third of all Win10 users have swallowed that pill. There’s nothing in version 2004 that warrants even the slightest bit of sweat off your brow.

    So I’m moving us to MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.

    Full story in Computerworld Woody on Windows.