Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Microsoft confirms problems with June 2017 security patches for Outlook, provides workarounds

    Posted on June 19th, 2017 at 11:12 PKCano Comment on the AskWoody Lounge

    Microsoft has acknowledged that the June 2017 security patches for Office Outlook can cause Email attachment blocking problems. This affects Outlook 2007 (KB 3191898), Outlook 2010 (KB 3203467), Outlook 2013 (KB 3191938), and Outlook 2016 (KB 3191932). The description of the Security Updates comes with this warning about known issues:

    If an email message includes an attached email message, and the attached email message’s subject line ends with an unsafe file name extension as listed in the Blocked attachments in Outlook page, the email attachment will be blocked for recipients. To fix this issue, save the email message to the computer and rename its subject line so that it does not end with an unsafe file name extension. Then, attach it to the email message to be sent.

    The blocking of attachments with file extensions that are on the list is meant to protect against opening files that could be harmful to your computer. However there have been reports that other attachments such as Rich Text (.rtf) and Word and Excel are also being blocked. Microsoft has issued several workarounds for this.

    For Office 2007 and 2010 Rich Text attachments (.rtf)

    • Forward the email to yourself and then open the attachments from the forwarded email.
    • Change the email format to HTML, or Text format.
    • Save the attachments to your computer, using one of the following methods, then open them from the saved location:
      • Drag and drop the attachments to your desktop.
      • Go to File > Save Attachments.
      • Copy and paste the attachment to your computer.

    For Outlook 2007, Outlook 2010, Outlook 2013, and Outlook 2016 attachments containing consecutive periods (…) or exclmation mark (!).
    If you’re sure the attachment was sent from a trusted source, proceed to Open or Save the attachment.

    For Outlook 2013 and Outlook 2016
    If you set ShowLevel1Attach to allow Outlook to display Level 1 attachments, you may see the error: “One or more objects in this file have been disabled due to your policy settings

    • Change the email format to HTML, or Text format.
    • Save the attachments to your computer, using one of the following methods, then open them from the saved location:
      • Drag and drop the attachments to your desktop.
      • Go to File > Save Attachments.
      • Copy and paste the attachment to your computer.

    For a complete description of the warning messages, and the workarounds Microsoft has issued, see You receive an error when opening attachments in Outlook

    @gborn is also reporting issues with Outlook after installing June 2017 security patches on Born’s Tech and Windows World

  • Finally, a fix for Microsoft’s draconian block on Win7 updates for recent processors

    Posted on June 14th, 2017 at 08:31 woody Comment on the AskWoody Lounge

    Remember Microsoft’s not-so-subtle hint that it won’t support Win7 on newer processors? Remember how the April security and Monthly Rollup patches knocked out Windows Update on systems that were running older processors?

    Looks like MS is atoning for at least one of its sins.

    Tucked away at the bottom of the Win7 update info for KB 4022719 is a note that goes like this:

    Installation steps for systems using AMD Carrizo DDR4 processor:

    1. Download KB4022719 from Microsoft update catalog.
    2. Extract the CAB file from the downloaded .msu file from step 1. Note the path where you stored the CAB file for use in step 3.
    3. Run the DISM /Online /Add-Package command to install the update: DISM.exe /Online /Add-Package /PackagePath: CAB file path from step 2.

    So if you don’t mind downloading the patch from the Update Catalog, and installing it with a DISM command, you can restore Windows Update functionality to computers with older Carrizo DDR4 chips.

    I have no idea if this fix works on the other machines that Microsoft inadvertently clobbered, but at least it’s a start.

  • The whack-a-mole approach to running Windows 7 on newer machines

    Posted on April 20th, 2017 at 07:18 woody Comment on the AskWoody Lounge

    Zeffy’s approach works, for now, but the new update engine is already out.

    You gotta wonder why Microsoft’s continuing this self-destructive push. We need more carrots, fewer sticks.

    I wonder if @abbodi86’s approach could be turned into a simple program?

    InfoWorld Woody on Windows.

  • Conflict between Win7/8.1 patches and Carrizo DDR4 machines

    Posted on April 11th, 2017 at 14:57 woody Comment on the AskWoody Lounge

    In today’s Security TechCenter release notes, there’s a sobering entry that looks like this:

    Symptom

    If the PC uses an AMD Carrizo DDR4 processor, installing this update (KB 4015549 (the Win7 Monthly Rollup), KB 4015546 (the Win7 Security-Only patch), KB 4015550 (the Win8.1 Monthly Rollup), KB 4015547 (the Win8.1 Security-Only patch) will block downloading and installing future Windows updates.

    Workaround / Resolution

    Microsoft is working on a resolution and will provide an update in an upcoming release.

    Sound familiar? On March 22 I wrote about Microsoft’s reprehensible approach to forcing Win7 and 8.1 off the newer 7th generation Kaby Lake/Ryzen processors.

    Two days later I pointed folks to companies that are maintaining lists of supported PCs — ones that wouldn’t run afoul of the blocked updating. At the time I said:

    I don’t know what Microsoft intends to do with AMD chips. The way the announcements stand, AMD Bristol Ridge PCs won’t have Win7 or 8.1 support, and there’s no magic list of manufacturers or machines that are exempt from the ruling.

    Now it appears we have a real-world example of a supposedly-protected 6th generation chip, AMD’s Carrizo, which got zapped by the 7th generation police.

    Microsoft’s own Lifecycle Policy FAQ says:

    What is the support policy for prior generations of processors and chipsets on Windows 7 or Windows 8.1?

    Windows 7 and Windows 8.1 will continue to be supported for security, reliability, and compatibility on prior generations of processors and chipsets under the standard lifecycle for Windows. This includes most devices available for purchase today by consumers or enterprises and includes generations of silicon such as AMD’s Carrizo [emphasis added] and Intel’s Broadwell and Haswell silicon generations.

    (Thx @radosuaf)

    Even more distressing: It looks like this obnoxious behavior extends to both the Monthly Rollup patches (which I expected) and to the Security-only patches (which I did not).

    What a massive screw-up.

    (Can anybody point me to a commercial machine that uses Carrizo with DDR4?)

  • First sightings of the Win7 update block for Kaby Lake and Ryzen processors

    Posted on March 22nd, 2017 at 07:30 woody Comment on the AskWoody Lounge

    We have first sightings, and some idea of how the block will be implemented. But how to break the block?

    See InfoWorld Woody on Windows.

  • 2 simple steps to speeding up Windows 7 update scans

    Posted on August 9th, 2016 at 08:54 woody Comment on the AskWoody Lounge

    OK, they’re tedious, but they’re simple and easy to follow.

    Go from many hours to just a few minutes.

    InfoWorld Woody on Windows

    My thanks — and deep admiration — to Dalai, ch100, and EP.

    IMPORTANT: I forgot to mention one patch, KB 3020369, that also needs to be installed. Chances are very good you already have it, but if not, check the KB article to download and install it.

    UPDATE: I’m seeing reports that the July “magic” patch, KB 3168965, works for August, too. My current best guess is that it works for those who haven’t already installed the July patches.

    UPDATE 2: Dalai has updated the wu.krelay.de page to feature KB 3177725, the new “magic” August patch.

    UPDATE 3: Ends up that this month’s “magic” August patch, KB 3177725, has a bug in it that screws up printing multiple pages. Details coming in InfoWorld. For now, just relax. There’s nothing in August’s patches (or even July’s!) that’s super-critical.

  • The shame of Windows Update

    Posted on May 9th, 2016 at 06:08 woody Comment on the AskWoody Lounge

    Michael Horowitz at Computerworld echoes a sentiment we’ve been debating for far too long.

    The shame of Windows Update

  • Turn off Windows Update if you want to force-feed individual patches

    Posted on April 29th, 2016 at 20:24 woody Comment on the AskWoody Lounge

    Good note from DC:

    I like you assumed that standalone KB updates should install without running any Windows Update checks however this doesn’t appear to be the case if you have the Windows Update service running and/or your internet connection open.
    If your Win7 system is suffering from the “frozen” Windows Update issue and you want to manually install the two KB updates (3138612 & 3145739) then you need to stop the Windows Update service (wuauserv) before attempting to run the MSU installer(s) and also temporarily disconnect your internet connection.
    When you run the manually downloaded MSU installer it will attempt to open an internet connection via the Windows Update service – this then triggers the endless “Searching for Updates …” message. The MSU installer doesn’t require this internet check to proceed – but if available will fall into the same “hole” as the normal Windows Update system. If you prevent the connection it gives up on the “Searching for Updates ….” check after a few seconds and proceeds with the install. I assume this is because the MSU installer (Microsoft Update Standalone Package) is treated as part of the Windows Update family and attempts to “phone home” for advice – rather than accept you are calling the shots.