Newsletter Archives

• MS-DEFCON 3: Get your September patches installed — but stick to the mainstream patches

  Posted on October 2, 2019 at 11:28 CDT by woody • Comment in the Forums

  Lots of people will tell you that you need to install strange (very strange!) patches to protect yourself from the “Exploited: Yes” zero day patch for CVE-2019-1367. I say meh. Stick to this month’s normally distributed patches and you’ll be OK.

  Details and step-by-step instructions in Computerworld Woody on Windows.

  Windows Patches/Security MS-DEFCON 3, September 2019 Black Tuesday

• Where we stand with the September 2019 patches

  Posted on September 30, 2019 at 07:53 CDT by woody • Comment in the Forums

  It’s a mess, folks.

  I can’t recall the last time Patch Lady Susan Bradley recommended that you pass on a zero-day patch. (A note for those of you who don’t get the AskWoody Plus Newsletter: You need to become an AskWoody Plus Member in order to receive or view the Newsletter. It’s easy, and you get to decide how much you want to donate. See the notice on the right side of this page.)

  Somebody please tell me again how Windows patching is getting better.

  Details in Computerworld Woody on Windows.

  Windows Patches/Security September 2019 Black Tuesday

• Confusion reigns supreme for admins facing this month’s patches

  Posted on September 28, 2019 at 06:22 CDT by woody • Comment in the Forums

  Site admins I know are livid about this month’s mess-ups. Read this Twitter thread from Bryan Dam:

  Note: None of these are security updates and the KBs don't list the IE vuln. Apparently how you handle a zero-day being actively exploited is to push out a bunch of non-security updates to your customers.
  Win 10: CU on the 23rd list the fix.
  For 7/8.1: Fix isn't listed anywhere.

  — Bryan Dam (@bdam555) September 27, 2019

  There are thousands of threads (especially on Reddit) from people shaking their fists at Microsoft. And these are Microsoft supporters!

  Windows Patches/Security September 2019 Black Tuesday

• Three known bugs in the latest build of Win10 version 1903

  Posted on September 27, 2019 at 11:26 CDT by woody • Comment in the Forums

  Microsoft is supposed to be keeping us informed of bugs in Win10 versions, and you’d think they’d be particularly on-the-spot about following up on bug reports in the newly christened “ready for broad deployment” version of their flagship product.

  Harumph.

  I know of three bugs — all documented on this site — that bedevil both the current release of Win10 version 1903, build 18362.387, and its predecessor, the undistributed 18362.357:

  • The latest versions of Win10 1903 block installation of .NET 3.5. You may scoff that it’s an old version of .NET, but at least one large package — part of the ERP package known as SAP — requires .NET 3.5. Per Günter Born:

  [.NET 3.5] installation fails with the error:

  Microsoft-Windows-NetFx3-OnDemand-Package: 0x800f0954

  • The latest versions of Win10 1903 break some HP printers including. According to Tom Rogers on the Patchmanagement list:

  I installed the updated Sept 2019 Cumulative Update for Win10 x64 [1903] and it broke me printing to a network HP Color LaserJet Pro MFP M180NW… What happens in my case is the screen will flash, I hear the printer start, but then nothing. And then Windows closes any open windows. Almost like Windows Explorer restart. Job is not being held in the queue, printer is not offline (but HP software monitor says it is), this is a network printer I am testing on.

  • The latest versions of Win10 1903 trigger black screens when running RDP. Per an anonymous poster:

  We have HP z2 g4 mini PCs – Windows 10 Pro 1903 – we have installed the updates above and we still get a black screen on remote desktop. We tried changing the systems we are remoting to to use the MS Basic Display Driver but that did not resolve the issue. Rebooting allows the system to work for an unknown amount of time before it stops working again until the next reboot.

  And confirmation, again anonymously:

  I installed KB4517211 (OS Build 18362.387) and still have the RDP black screen on HP EliteDesk 800 G5 SFF and HP 800 G3 Mini desktops. I ran HP SDM on both models to ensure all OEM drivers are current as of 9/27.

  Those last two may be driver problems — hard to say — but a “ready for broad distribution” build shouldn’t trigger new bugs in longstanding drivers, eh?

  In all cases, rolling back the latest updates fixes the problem.

  Windows 10 Releases, Windows Patches/Security September 2019 Black Tuesday, Win10 1903 CBB

• Reports of problems with HP printers after installing the second Sept Win10 1903 cumulative update, KB 4522016

  Posted on September 26, 2019 at 15:42 CDT by woody • Comment in the Forums

  From the Patch Management mailing list:

  FYI: I installed the updated Sept 2019 Cumulative Update for Win10 x64 [1903] and it broke me printing to a network HP Color LaserJet Pro MFP M180NW.

  Since I also installed the Adobe Flash update, along with the .NET update for Sept 2019 at the same time, I thought it may be one of those, but through uninstalling all, and installing 1 at a time (Cumulative last) and testing printing between reboots, it was isolated to this update.

  I have since uninstalled KB4522016 (the update with the IE Zero-Day patch) and installed the KB4515384 predecessor and all is well.

  The problem’s been confirmed.

  That’s the second problem I’ve seen with the stunted IE-only patch KB 4522016.

  We’re still waiting to see if the third September cumulative update for 1903 will have the same problems.

  Windows Patches/Security HP printer, KB 4522016, September 2019 Black Tuesday

• What do we know about the big, scary, exploited, emergency patched Internet Explorer security hole CVE-2019-1367?

  Posted on September 25, 2019 at 07:49 CDT by woody • Comment in the Forums

  Nothing.

  Well, almost nothing.

  Do you think that Microsoft’s cleaned up its Windows patching mess?

  Details in Computerworld Woody on Windows.

  Windows Patches/Security September 2019 Black Tuesday

• Microsoft clarifies (?) its CVE-2019-1367 release method

  Posted on September 25, 2019 at 07:38 CDT by woody • Comment in the Forums

  From the Windows Message Center:

  Update: Starting September 24, 2019, mitigation for this vulnerability is included as part of the 9C optional update, via Windows Update (WU) and Microsoft Update Catalog, for all supported versions of Windows 10, with the exception of Windows 10, version 1903 and Windows 10, version 1507 (LTSB). For devices running Windows 10, version 1903, mitigation for this vulnerability will be included as part of the 9D optional update via WU, WSUS and the Microsoft Update Catalog (targeted for September 26, 2019.) To apply this update, go to Settings > Windows Update > Check for Updates. (Note Because this update requires a reboot, we are making it optional to give customers and administrators a choice to install/deploy the update now.)

  For customers running Windows 8.1/ Windows Server 2012 R2 or below, the 9C update is also available on Windows Server Update Services (WSUS). For other supported versions, IT admins using WSUS can import this update into WSUS/SCCM manually. See instructions on the WSUS and the Catalog Site.

  For those of you who don’t speak, you know, insider hep talk, “9C” is shorthand for “the third week in September that includes a Tuesday.”

  This seems to imply that the second monthly cumulative update for Win10 1903 is scheduled to arrived on Sept. 26 (tomorrow), and that it will include the fix for CVE-2019-1367.

  You have to wonder if MS could come up with a Cortana translator for this stuff. I mean, it’s cool that the cognoscenti can all use their own language and all… but some normal people have to understand this, too.

  Thx @teroalhonen

  Windows Patches/Security September 2019 Black Tuesday

• Heads up! Many “optional non-security” updates are on the way

  Posted on September 24, 2019 at 12:23 CDT by woody • Comment in the Forums

  These aren’t the wimpy download-only IE patches from yesterday. They’re the whole nine yards.

  Here’s what I see:

  Win10 version 1809 and Server 2019 – KB 4516077 – big bunch of fixes, apparently including yesterday’s IE patch (because they’re both cumulative)

  Win10 version 1803 – KB 4516045 – another big bunch.

  Win10 1709, 1703, 1607/Server 2016 patches also released.

  Win7 – KB 4516048 – Monthly Rollup Preview. Not much:

  Addresses an issue that may cause an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in the Event Log related to cryptnet.dll.

  Win8.1 – KB 4516041 – Monthly Rollup Preview. Fixes the bug that prevented IE 11 from running on RT devices.

  “Group B” patchers note that the IE zero-day fix only appears in the separate IE cumulative update, KB 4522007. You’ll need to hop over to “Group A” to get the IE fix.

  Details in Computerworld Woody on Windows.

  Windows Patches/Security September 2019 Black Tuesday

• More on the unexpected manual-install-only Win10 cumulative updates and IE patch

  Posted on September 23, 2019 at 14:41 CDT by woody • Comment in the Forums

  As Susan Bradley details (see next post), in the past few hours Microsoft released a bunch of new Win10 cumulative updates:

  • 4522016 for Win10 1903
  • 4522015 for Win10 1809 and Server 2019
  • 4522014 for Win10 1803
  • 4522012 for Win10 1709
  • 4522011 for Win10 1703
  • 4522010 for Server 2016
  • 4522009 for Win 10 1511 (the original version)

  In addition there’s a single standalone patch, KB 4522007, that applies to IE in Win7, 8.1, Server 2012 and Server 2012 R2. It’s a plain-vanilla IE patch (which means it’s a rollup), arriving at a weird time. It’s NOT a Windows patch.

  Microsoft has released very little info about the security hole, identified as CVE-2019-1367, but apparently it’s been found in the wild, and it can be very nasty.

  If you don’t use Internet Explorer, you can safely ignore all of the hoopla. If you do use IE, rap yourself on the knuckles, click on those links and go diving for the update: You’ll only get it if you manually download and install it.

  At the same time, Microsoft released a notification of another security hole, CVE-2019-1255, that can conceivably be used to block Windows Defender updates. There’s no separate patch. You don’t need to worry about installing the fix, because Defender will patch itself.

  Perhaps this is why we didn’t see any Win10 cumulative updates last week – the “Week C” that usually brings at least a handful of them.

  Windows Patches/Security September 2019 Black Tuesday

• New complaints about Search in Win10 1903 with the September cumulative update

  Posted on September 21, 2019 at 08:10 CDT by woody • Comment in the Forums

  After first warning that there were Start and Search problems with the latest Win10 version 1903 cumulative update, KB  4515384, MS then said that it couldn’t find any problems.

  Over on the patchmanagement.org mailing list, I see a documented problem:

  In a 3 monitor setup. Search works as expected on Monitor 1. On monitor 2 and 3, searching blanks the menu and disappears instead of populating with results.

  and confirmation:

  I’m seeing the same issue

  and a possible workaround:

  We were seeing start menu issues until we updated the administrative templates in GP.
  You can find new templates here: https://www.microsoft.com/en-us/download/details.aspx?id=58495&WT.mc_id=rss_alldownloads_all

  Can anybody else confirm?

  Windows Patches/Security KB 4515384, Search bug, September 2019 Black Tuesday

• MS says there’s no Start/Search bug in this month’s Win10 1903 cumulative update

  Posted on September 20, 2019 at 09:59 CDT by woody • Comment in the Forums

  The official Release Status Info page was recently updated to say:

  Some users report issues related to the Start menu and Windows Desktop Search

  Microsoft has received reports that a small number of users are having issues related to the Start menu and Windows Desktop Search.

  Affected platforms:

  Client: Windows 10, version 1903

  Resolution: At this time, Microsoft has not found a Search or Start issue significantly impacting users originating from KB4515384. We will continue monitoring to ensure users have a high-quality experience when interacting with these areas. If you are currently having issues, we recommend you to take a moment to report it in via the Feedback Hub (Windows + F) then try the Windows 10 Troubleshoot settings (found in Settings). If you are having an issue with search, see Fix problems in Windows Search.

  Can anybody confirm or deny?

  Windows Patches/Security September 2019 Black Tuesday

• Microsoft tries to fix the sfc /scannow bug introduced by a patch in July, ends up clobbering Defender Malware

  Posted on September 18, 2019 at 10:42 CDT by woody • Comment in the Forums

  @DrBonzo reports here on AskWoody:

  I’m running Win 7 Pro, SP1, x64. I just updated (actually about an hour ago by now) the definitions in MS Security Essentials to 1.301.1608.0. I tried a Full Scan and it quit scanning after 29 files. Tried a Quick Scan and it also stopped after 29 files. It’s not throwing any error codes and says that no threats were found after scanning 29 files. Gives me the big green checkmark. So, it looks just like a normal Full Scan except it only scans 29 files.

  I shut down the computer, restarted and attempted another definition update but was told I was already up to date. Tried another Full Scan with the same results as above.

  I’m now seeing reports from all over.

  Günter Born published an explanation in German (translated by Google):

  Earlier this week, Microsoft announced a silent update of the Defender Antimalware engine to version 4.18.1908.7. The update was long expected by me to fix the issue in the System File Checker caused by July 2019 updates…

  Microsoft has smuggled a friendly bug on the system. If you open up Windows security and have the system checked with a quick scan, after a few seconds and five files is over.

  Looks like the problem’s widespread. The solution? Roll back the silent update!

  There’s a reason why I’m not optimistic that MS has fixed its patching problems.

  Windows Patches/Security September 2019 Black Tuesday
• « Older Entries