Newsletter Archives

• November 2019 Office non-Security updates are available

  Posted on November 5, 2019 at 13:49 CST by PKCano • Comment in the Forums

  The November 2019 non-Security Office updates have been released Tuesday, November 5, 2019. They are not included in any DEFCON-4 approval for the October 2019 patches. Unless you have a specific need to install them, you should wait until Susan Bradley (Patch Lady) approves them and any problems have been reported.

  Remember, Susan’s patching sequence and  recommendations are based on a business environment that has IT support and may have time constraints on the updating process. Consumer patching should be more cautious due to limited technical and mechanical resources. The latter is the reason for the AskWoody DEFCON system.

  Office 2016
  Update for Microsoft Access 2016 (KB4475539)
  Update for Microsoft Office 2016 (KB4484138)
  Update for Microsoft Office 2016 (KB4484137)
  Update for Microsoft Office 2016 (KB4475588)
  Update for Microsoft Office 2016 (KB4475552)
  Update for Microsoft Office 2016 (KB4484145)
  Update for Microsoft Outlook 2016 (KB4484139)
  Update for Microsoft PowerPoint 2016 (KB4484134)
  Update for Microsoft Word 2016 (KB4484135)

  There were no non-security listings for Office 2007 (which is out of support), Office 2010, or Office 2013.

  Updates are for the .msi version (persistent). Office 365 and C2R are not included.

  Security updates for all supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday).

  Office Patches/Security, Uncategorized Office non-security updates

• Installing the Win10 1903 second Sept cumulative update, KB 4522016, prevents installation of .NET 3.5

  Posted on September 26, 2019 at 09:13 CDT by woody • Comment in the Forums

  Looks like our Keystone Kops patches are turning into bumper cars.

  You may recall that MS has released “optional non-security” third monthly cumulative updates for all versions of Win10 except 1903. Presumably, 1903 will be blessed with its third cumulative update today.

  I’m seeing reports on patchmanagement.org that installing the second cumulative update — you know, the one that’ll protect you from the big, scary, exploited, emergency-patched IE security hole CVE-2019-1367 — makes it impossible to install .NET 3.5.

  Uninstalling KB 4522016, installing .NET 3.5, then re-installing KB 4522016 seems to do the trick.

  Uncategorized .NET 3.5, KB 4522016

• Why are patches so bad?

  Posted on September 22, 2019 at 11:53 CDT by woody • Comment in the Forums

  I don’t think this is the whole problem. But it’s certainly part of the problem.

  Other, Uncategorized

• Microsoft confirms: Visio online stops working with Win10 1903

  Posted on September 8, 2019 at 06:10 CDT by woody • Comment in the Forums

  Here’s one I missed…

  Sergiu Gatlan at BleepingComputer points to an official Office online document that says:

  Visio stops working when using the keyboard

  You may have experienced the Visio app becoming slow or stalling when using the keyboard. This issue occurs on Windows version 1903. If you don’t know which version of Windows you have, see Which version of Windows OS am I running?

  This is a known issue and we are actively working on a fix.

  There’s a workaround — turn off Show text suggestions as I type — but no details about the 1903 build number.

  The Microsoft 365 Service Status page lists the bug, saying:

  Current status: We’ve completed development of the fix and we’ll begin performing exhaustive internal validation before deploying to the affected environments. We expect this validation phase to take an extended period of time while we ensure the effectiveness of our fix. Once the validation is complete, we will deploy it in the next Windows update.

  Scope of impact: This issue may affect any of your Microsoft Visio users that are on Windows Build 1903 and have the “Show text suggestions as I type” feature enabled.

  Start time: Tuesday, May 21, 2019, at 12:00 AM UTC

  Root cause: A code issue within Microsoft Windows is causing the Microsoft Visio service to experience stalls or delays.

  Next update by: Thursday, September 26, 2019, at 7:00 AM UTC

  MS has known about this since May 21. I’m really late to the party….

  Uncategorized Visio online, Win10 1903

• Bill Nye, Chromebooks, and common sense

  Posted on August 15, 2019 at 10:34 CDT by woody • Comment in the Forums

  Whaddaya want to bet Bill Nye uses a Chromebook?

  I’ve been saying it for more than four years: Unless you have a specific need to run a Windows-only program (and the prospect of Google snooping even more doesn’t bother you), the Chromebook is an excellent choice.

  Uncategorized ChromeOS

• Windows Insiders watch out: Build 18947 may be worth skipping

  Posted on July 24, 2019 at 06:47 CDT by woody • Comment in the Forums

  Warning from Zac Bowden:

  Windows 10 build 18947 is being pushed to Insiders in *ALL RINGS* on 32-bit machines. 18947 is a canary build, and has not been tested internally yet (it was compiled less than a day ago.) Seems an error has caused the rollout.

  — Zac Bowden (@zacbowden) July 24, 2019

  I assume Zac means both the Fast and Slow rings. Release Preview is still locked in to 19H2.

  Looks like it’s also being pushed to 64-bit machines.

  If you’re in the Fast or Slow rings, might want to sit this one out. Pause updates.

  UPDATE: Brad Sams has details on Thurrott.com:

  Users on the Insider rings know the risks of running pre-release updates, an accidental release of a build to all rings is a serious issue for Microsoft, but installing this build comes with even more risk than typical for the program. The company does try to hold back releases that will corrupt machines in the preview program but this release has slipped through without the proper telemetry to know if there are any major issues.

  ANOTHER UPDATE: According to Ed Bott on ZDNet, the bad build has been pulled.

  Uncategorized Win10 2003, Win10 20H1

• Patch Lady – Okay Microsoft the 10 limit is soooo 80s

  Posted on July 7, 2019 at 14:06 CDT by Susan Bradley • Comment in the Forums

  Every time I use a Windows 10 device and hit the 10 device limit I grumble.  Come on Microsoft…this is dumb and sooooo 80s.

  https://account.microsoft.com/devices/content

  If you have 10 devices hooked to the Microsoft store, you can’t download any new purchases. If Microsoft had won the phone wars this artificial limit would be even more dumb.  Regardless of what has been posted here, I still hit the 10 device limit today.  Come on Microsoft, make that limit more realistic.  Especially if you want us to use the Store as our method of purchasing software.

  Uncategorized Patch Lady Posts

• Patch Lady – do they think this will work?

  Posted on June 3, 2019 at 14:54 CDT by Susan Bradley • Comment in the Forums

  Over the weekend here at the office nearly every mailbox (including ones that aren’t public) got “I saw what you did and now send me bitcoin” threatening emails.  The interesting part to me isn’t that I received the emails (phishing and threating emails are pretty common these days), nor honestly was it that I got it to some “non public” mailboxes.  It’s also pretty common for attackers to use enumeration tools that are pretty well known in the attack community to harvest email address. No to me what was surprising was that someone thought someone would fall for this.

  Emails were addressed to a number of names.  Date was in the “foreign” not USA format.  Misspelled words.  And certainly last but not least, merely providing the bitcoin wallet number to your attackees isn’t a good way to ensure you will be paid.

  Seriously attackers, if you want to get me, you need to get better than this.  You need to ensure that the email is plausible and provide an easy way to receive payment.   I guess if you send out enough and some people respond it’s worth it, but really?

  (note I’m not linking the email due to the profanity in the email).

  Uncategorized Patch Lady Posts
• « Older Entries

  Newer Entries »