Newsletter Archives

• Another key Win10 security feature bites the dust: Say goodbye to Windows Defender Exploit Guard

  Posted on November 22, 2019 at 08:08 CST by woody • Comment in the Forums

  There’s a reason why I’m skeptical about the fancy new security features touted for Win10 versions. In many cases, at least for me, they don’t work. Enterprises have a different school of fish to fry, but the benefits of some of the new features just eludes me.

  Take, if you will, the Windows Defender Exploit Guard. When Win10 version 1709 hit the street, it was billed as a major new security feature that the whole world needs. Although on the surface it seemed like something I could understand — keep rogue programs out of key pieces of Windows — I never got it to work right. Here’s how MS described it back during the 1709 release:

  Implementing Attack Surface Reduction rules within Windows Defender Exploit Guard. Exploit Guard is a new feature of v1709 that helps prevent a variety of actions often used by malware. You can read more about Exploit Guard here: Reduce attack surfaces with Windows Defender Exploit Guard. Note that we have enabled “block” mode for all of these settings. We are continuing to watch the “Block office applications from injecting into other process” setting; if it creates compatibility problems then we might change the baseline recommendation to “audit” mode for that setting. Please let us know what you observe.

  That seems like a worthy goal, and I dutifully reported on it. But I never got it to work.

  Now comes word that Microsoft’s recommending everybody disable it in Win10 1909. From the newly published Security Baseline for 1909:

  Exploit Protection 

  Because of reported compatibility issues with the Exploit Protection settings that we began incorporating with the Windows 10 v1709 baselines, we have elected to remove the settings from the baseline and to provide a script for removing the settings from machines that have had those settings applied. (See Remove-EPBaselineSettings.ps1 in the download package’s Scripts folder.)

  So this once-highly-touted security feature has not only bitten the dust, there’s a handy program included in the Security Baselines toolbox that makes it easy to ensure that the %$#@! thing has been turned off everywhere.

  There’s a reason to be skeptical of new security “features” that you don’t understand….

  Windows Security Win10 1909, Windows Defender Exploit Guard

• Upgraded to 1909 – or was he?

  Posted on November 21, 2019 at 09:26 CST by woody • Comment in the Forums

  Tero Alhonen has a tweet that baffles me:

  ??? pic.twitter.com/BReFDX63XH

  — Tero Alhonen (@teroalhonen) November 21, 2019

  In the end, it appears as if he’s on the first October cumulative update for 1903 (build 18362.418), but the original prompt and the install history says he’s on 1909, presumably the latest build 18363.476.

  Anybody have a guess what’s going on?

  Windows 10 Releases Win10 1909

• All roads lead to Win10 1909 — but you can take your time

  Posted on November 18, 2019 at 01:15 CST by Tracey Capen • Comment in the Forums

  WOODY’S WINDOWS WATCH

  By Woody Leonhard

  For a change, Microsoft is letting everybody decide when to upgrade to the latest release of Win10 (Version 1909) — provided they’re already running the penultimate version, Win10 1903 (and in some cases Version 1809).

  That’s good news, and it represents a sea change in Microsoft’s pushiness.

  Read the full story in AskWoody Plus Newsletter 16.42.0 (2019-11-18).

  Windows 10 Releases AskWoody Plus Newsletter, Service Pack, Win10 1909, Windows Update

• Peering into the Windows tea leaves

  Posted on November 4, 2019 at 01:15 CST by Tracey Capen • Comment in the Forums

  WOODY’S WINDOWS WATCH

  By Woody Leonhard

  You can expect some significant changes — existential changes — to Windows in the very near future.

  Based on some official announcements and more than a few highly reliable leaks, it looks like Windows is in for a very bumpy ride.

  Read the full story in AskWoody Plus Newsletter 16.40.0 (2019-11-04).

  Windows News AskWoody Plus Newsletter, Win10 1909, Win10 20H1, Windows Core OS

• How to keep Win10 version 1909 from installing

  Posted on November 1, 2019 at 09:36 CDT by woody • Comment in the Forums

  The rules have changed. Keeping 1909 off your machine until you’re ready to install it is much easier than blocking upgrades in previous versions of Win10. Still, there are nuances.

  Computerworld Woody on Windows.

  Windows 10 Releases Win10 1909

• Getting ready for Windows 10 1909

  Posted on October 28, 2019 at 01:05 CDT by Tracey Capen • Comment in the Forums

  PATCH WATCH

  By Susan Bradley

  Many of us are still pondering Win10 1903 — and now Version 1909 is almost upon us. Here’s how not to be the next release’s beta tester.

  If the rumors are true, the next feature release for Windows 10 will begin trickling out on November 12. It looks like Version 1909 won’t be the big deal we thought it might be, which is all the more reason to not be one of the early adopters — unless you really like testing “beta” operating systems.

  Read the full story in AskWoody Plus Newsletter 16.39.0 (2019-10-28).

  Patch Watch AskWoody Plus Newsletter, Office patching, Win10 1909, Windows 7 EoL, Windows patching

• Defer updates, Pause updates, Delay updates, and the big unknown of Win10 1909

  Posted on October 23, 2019 at 10:38 CDT by woody • Comment in the Forums

  Yes,  there’s a difference between Defer updates and Pause updates. But that’s just the tip of the micro-plastic infused iceberg.

  The main sticking point: Win10 still has both concepts floating around, they conflict, and we don’t have any idea how the conflicts are being resolved — a problem that’s going to get worse with the release of Win10 version 1909, which doesn’t follow the Defer, Pause, push, pull or prod rules.

  Details in Computerworld Woody on Windows.

  Thx @b, @PKCano

  Windows 10 Releases, Windows Patches/Security defer updates, Pause updates, Win10 1909

• Rings within Insider Rings – where you end up, nobody knows

  Posted on October 22, 2019 at 13:44 CDT by woody • Comment in the Forums

  Those of you in the Insider Program have a choice to make. I’m having a hard time guessing where this is all headed.

  Right now, I can confirm that if you’re in the Release Preview Ring on a completely clean copy of 1903 and check for updates, you end up on 1903 build 18362.448 with an offer to upgrade to 1909

  

  Looks like Slow Ring is on 1903 (build 18362.10024?), but “you’ll be updated to 20H1/2003 shortly” and you won’t be offered a chance to move to 1909. If I read the tea leaves correctly.

  Fast Ring is a big question mark. Right now, Fast is on 20H1/2003, but will it move to 20H2/2009? Or will it move to 21H1/2103?

  Skip Ahead is also a big unknown. Will it go to 20H2/2009 or 21H1/2103?

  Release Preview ring -> 19H2
  Slow ring -> 20H1

  Fast ring -> 20H2 or 21H1?
  Skip Ahead ring -> 20H2 or 21H1? pic.twitter.com/g422zOOXqs

  — Tero Alhonen (@teroalhonen) October 22, 2019

  Another way to rephrase the question… Is Microsoft going to switch over to giving us a Service Pack late in the year every year – or are we going back to the old two-versions-every-year pace?

  A related question: Could Microsoft possibly make this any more complex?

  Windows 10 Releases Win10 1909, Win10 2003, Win10 2009, Win10 2103

• Microsoft declares that you can now safely install Win10 version 1903 on Surface Book 2 machines

  Posted on October 12, 2019 at 08:54 CDT by woody • Comment in the Forums

  Took ’em about six months, but Microsoft has finally given the go-ahead to install Win10 version 1903 on Surface Book 2 PCs. I talked about the “dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU” bug in the July 22 AskWoody Plus Newsletter (accessible to everyone).

  The upgrade block which has been in effect since May was officially removed yesterday.

  The impetus? A firmware update for the Surface Book 2, also released yesterday. I’ll have a full rundown of the latest firmware releases on Monday. Suffice it to say that many people are steamed — and rightfully so — about the way MS has been steering its customers into uncharted waters.

  At any rate, if you paid $3,000 for a Surface Book 2 with a separate GPU, you’re now free to install Microsoft’s latest, greatest version of Windows.

  Just in time for the release next month of “Windows 10 November 2019 Update (19H2)” — better known as Win10 1909.

  I’ll have more about the 1909 release next week. Current obsession: What exactly do we know about the rollout?  If you think previous Win10 releases were unnecessarily cumbersome and hard to understand, boy howdy, you ain’t seen nuthin’ yet.

  Windows News dGPU, Surface Book 2, Win10 1909

• Will Win10 1903 and 1909 co-exist?

  Posted on September 12, 2019 at 09:54 CDT by woody • Comment in the Forums

  I’m still scratching my head over this one. Please tell me if you’ve heard anything, official or otherwise.

  Sometime in the next few weeks, Microsoft’s going to release Win10 version 1909. We know it’s going to appear as a cumulative update to Win10 1903 — just like a Service Pack, which is great.

  Here’s the question: Will Win10 customers be able to continue to use and update Win10 1903 without making the leap t0 1909?

  We have concurrent patches in beta testing with builds 18362.xxx and 18363.xxx separately available. The former apply to 1903; the latter to 1909.

  Will the stubborn ones in the crowd (e.g., me) be able to stick with 1903 for a while, to see what, uh, surprises await us in 1909? If you’ve seen anything official, please post a link!

  Windows 10 Releases Win10 1903, Win10 1909

• Win10 version 1909 (“19H2”) now has three current beta versions

  Posted on August 27, 2019 at 10:48 CDT by woody • Comment in the Forums

  Never let it be said that the Windows Insider rings are well defined.

  Microsoft’s putting the finishing touches on the next new version (“feature update”) for Win10 version 1903. Except it isn’t being distributed as a new version. It’s being distributed as a plain-vanilla monthly patch (“quality update”).

  I tend to think of the next version of Win10 as Win10 1903 Service Pack 1. But you’ll probably end up calling it Win10 version 1909.

  Here’s where you need a decoder ring.

  The Windows Release Preview ring has been used, historically, for all sorts of things. Recently, it’s been used to test updates to Win10 version 1903 prior to officially rolling them out. (It’s also been photobombed by an odd update, build 18947, which was quickly pulled.) On August 21, Microsoft released a new test version of Win10 1903, build 18362.325, into the Release Preview ring. Presumably, 18362.325 includes fixes for the VB/VBA/VBScript bugs introduced on Patch Tuesday in 18362.295.

  Starting yesterday, a subset of those in the Release Preview ring (about 10%, according to Dona Sarkar), were given the keys to the executive washroom. If you’re in the Release Preview ring and you’re one of the chosen few, you’ll see a link to update to “Windows 10, version 1909.”

  Click on that link and you’ll be able to test Win10 build 18363.327. That’s the first Win10 1909 update allowed out of the Redmond barn.

  Note the monkey business with the build numbers — Win10 version 1903 is build 18362.blahblahblah. Win10 version 1909 (nee “19H2”) is build 18363.mumblemumble.

  Sarkar says “to designate 19H2 as a feature update, we are revising the baseline build number by one full build” in the Windows Obfuscation Numbering Scheme. But note that:

  Insiders in the Release Preview ring who get 19H2 Build 18363.327 today will not see all the 19H2 features the Slow ring currently has as not all the features have been incorporated into the build yet.

  But wait a sec. There isn’t a single beta version of 1909 in the Slow Ring. There are two. I call them the bifurcating betas. That means, right now, there are not one, not two, but three different beta test versions of Win10 1909 — builds 18362.10014, 18362.10015, and 18363.327.

  The official announcement ends with this bit of wisdom:

  Because of the differences between the way the 19H2 updates are packaged between the Slow and Release Preview rings, Insiders in the Slow ring will not be able to switch to the Release Preview ring and get updates yet. Insiders who are thinking of switching rings should stay put for now. We will communicate to Insiders when it is ok to make the switch.

  See what I mean about a decoder ring?

  Thx @EP

  UPDATE: Paul Thurrott has posted an article on his paywall site that says there are “a minimum of” four versions of 1909 (“19H2”) floating around. I’ve seen three, but haven’t seen the fourth — and doubt that it exists. Three. Four. Whatever. It’s still way too many.

  Windows 10 Releases, Windows News Win10 1909

• Microsoft continues its bifurcating betas with two new versions of Win10 19H2 (aka 1909)

  Posted on August 19, 2019 at 16:13 CDT by woody • Comment in the Forums

  I just love how they’re doing this.

  A few minutes ago, Microsoft (once again) released not one, but two “latest” beta versions of Win10 version 1909. Builds 18362.10014 & 18362.10015 are headed to Windows Insiders in the Slow (er, very slow) Ring.

  One of the betas has all of the “new” features turned OFF, the other has the “new” features turned ON. ‘Course this is the Service Pack we’re all expecting for Win10 1903, which shouldn’t have any new features worth spittin’ about.

  Official announcement here.

  Windows 10 Releases Win10 1909
• « Older Entries

  Newer Entries »