Help: FreeNewsletter@askwoody.com

Join AskWoody Plus Like what you see in the AskWoody FREE newsletter? The AskWoody.com tech news site and its companion advice and help forums are 100 percent free, too! But we need your help to keep AskWoody alive and free. Make a donation and become a Plus Member — it’s easy, and you decide how much to contribute. Stop by AskWoody.com and register for a free account. If you’ve already registered, simply enter your user name and password. When you’re signed in, click the Donate button in your member information box. Back when the newsletter was Windows Secrets, a subscription would have cost USD $39 to $59. But we’ve done away with all that. As a Plus Member, you’ll receive the full weekly newsletter plus news alerts and access to Susan Bradley’s renowned Master Patch List. And you’ll feel good about supporting independent journalism. Join today — and help spread the word. We’re 100 percent donor supported and proud of it.

INTRODUCTION

This week is starting to look a bit surreal — even by Microsoft standards.

The company is in open negotiations to buy TikTok, the video-sharing service; the new Edge browser crashes, if you use Google as your search engine; and there’s lots of confusion about the return of “preview” patches. On second thought, it’s just the usual chaos.

At AskWoody.com we stay on top of tech news that affects you — as well as answering your questions and standing up for your interests.

Drop by the site and get involved! Whether you have a problem, a solution, or just a gripe, we’re all ears. The advice is absolutely free (and no ads or trackers) and backed by the best volunteers online. The site is 100 percent donor supported. We do things differently.

— Woody

PATCH WATCH

By Susan Bradley

Have you received the May feature release of Windows 10 — aka Version 2004?

So here it’s the start of August — 68 days after the release of Microsoft’s newest Windows — and I have not seen Win10 2004 offered to any of my home PCs. These are my unmanaged machines: a home-built SilverStone small-form-factor desktop, a Lenovo ThinkPad X1 Carbon laptop, an older Surface, and a newer Surface Go. I’d thought Microsoft was removing the upgrade block on Surface devices — but it never took place, as ZDNet’s Mary Jo Foley reported. And Woody pointed out yet another block for the Surface X devices.

On every one of my systems, Windows Update taunts me with a message that effectively says “your machine isn’t worthy.” And it’s not just me: I know other Windows users who are in the same holding pattern — and wondering why it’s taking Microsoft so long to offer us the 2004 release. (We Windows users might not want this feature upgrade at this time, but we do want the option.)

Recently, I found an excellent article that sheds some light on this puzzle.

I think we’d all feel some small amount of comfort if Microsoft were more transparent about the upgrading process, clearly stating why so many of our machines aren’t “ready” for Win10 2004. (Perhaps the new OS isn’t “ready” for our PCs.) That said, I’m in no hurry to move to the next level of Windows. I haven’t seen any earth-shaking, must-have changes that would compel me to install Version 2004 immediately.

At this point, I’m perfectly comfortable waiting a month or two … or three. I think I’ll leave my home systems as they are — and just see how long it takes Microsoft to consider my PCs worthy. Moreover, Win10 1909 is working just fine, and it will be supported for many months to come. (Note: If you’re running a no-longer-supported version of Win10, Microsoft now makes it difficult to upgrade to Versions 1903 or 1909.)

I plan to close the Consumer Patching Survey and the Business Patching Survey on August 4, the day after this newsletter is published. Based on the preliminary returns, there are some interesting trends — and comments. For that input, I thank you!

As I noted at the start, this is a rather informal survey. But it does give all of us a platform for voicing our concerns about Windows updating. Perhaps providing your input will make you feel a bit better. Although the survey has no official connection with Microsoft — there was no MS input or support — I do know that the company has reviewed the results of my previous surveys.

So if you haven’t filled out the Consumer Patching Survey and/or the Business Patching Survey, please do so — right now!

For the past 22 years, the annual Black Hat conference has been a popular gathering for digital-security specialists and well-behaved hackers. Appropriately, this year’s keynote will highlight the security challenges for democratic elections.

Not surprisingly, the 2020 conference will be completely virtual. It might not be as much fun, but it makes it easier for anyone to attend. (Some sessions, such as the Business Hall, are free; most are paid. A briefings pass for the entire show costs US $1,095.) The main information and training sessions run August 1 through 6. I’ll be attending from the comfort of my home and office, and I’ll give you a report on my virtual experiences.

An aside: Here at AskWoody, we try hard to stay out of politics. But I must urge everyone to ensure that you’re registered to vote — whatever state or country you reside in. One way or another, all votes count. In my state, California, I can sign in to a website and confirm when my ballot was mailed to me, when the marked ballot was received, and whether it has been counted. Other states with mail-in voting offer similar sites.

If you choose to vote in person, double-check that your voter registration is up to date. In some states, you can confirm your status online, too. If you want to keep democracy healthy, vote!

The other major tech show to go all-virtual is the Consumer Electronics Show, to be held in January 2021. That will surely be a difficult transition — the entire show is one gigantic sensory and hands-on experience of all things digital. It was where we could really geek out. A virtual CES means no more one-on-one booth demos, no more business-to-business chats … and missing that chance encounter with the next up-and-coming inventor/entrepreneur.

After a short break, Microsoft is once again posting optional preview updates for Windows 10 1809 and later … well, except for Version 2004. As of this writing, no preview has been offered for Microsoft’s latest Windows. .NET Framework previews have returned, too.

What does this mean for the average PC user? Not much — the same rules apply: install previews only on test PCs; to keep them off your production/personal systems, do not click “Check for updates.” As we have said many times, clicking that option does not simply show available updates — it installs them.

I recommend that you skip the following Win10 preview patches:

Cumulative updates

.NET Framework

Security: Microsoft recently released an advisory for “There’s a hole in the boot” vulnerability. This is another one of those threats that won’t keep you awake all night — a successful exploit requires physical access to the computer. It’s more likely to be used against highly classified machines. Still, Microsoft reports that it’s working on a fix.

An Office reminder: Once again, I strongly recommend moving to the slower Enterprise Office-updating channel, rather than the monthly (aka current) channel. Mark Berry’s post shows exactly how to make that change. (Another reminder to IT consultants: you’ll likely want to pre-set the patching channel. This setting is inside the Office 365 administrator console, and you can select it before installing Office on workstations.) As I’ve noted before, in my experience, the slower updating channel works well and causes fewer hiccups over time.

Windows 7 fix: The bug in Windows 7 that prevents .NET update installs has now been resolved (more info).

You should now be able to successfully install July .NET Framework security update KB 4566517 or KB 4566466 on machines with valid Win7 ESUs.

Go Chromium: Microsoft is pushing out its Chromium-based edition of Edge. I recommend trying it — in the long run, it’ll undoubtedly be more secure than classic Edge. Download KB 4559309 if it’s offered or grab a copy online.

The good news is that the July updates fix the printing problem that cropped up in June. The alternative is to grab the hotfix from the Microsoft Update Catalog.

What to do: Any flaws in the July updates are relatively minor or impact a small subset of systems. So I’m giving the green light. Look for patch history in our online Master Patch List documents.

Servicing-stack updates

Cumulative updates

Cumulative .NET Framework for Win10

Before attempting to install the July updates, be sure you have June servicing-stack update KB 4562253 installed (you can get it at its Microsoft Update Catalog download page). Otherwise, July’s patches won’t show up. You’ll also need to have July’s servicing-stack update KB 4565354 in place to receive August fixes. (It should show up after you install the primary July updates.)

The following July security and non-security Office patches are safe to install.

These Security updates fix one or more remote code-execution vulnerabilities:

Office 2016

Office 2013 SP1

Office 2010 SP2

Non-security fixes and enhancements:

Office 2016

Office 2013 SP1

These days, more than ever, stay safe out there.

In real life, Susan Bradley is a Microsoft Security MVP and IT wrangler at a California accounting firm, where she manages a fleet of servers, virtual machines, workstations, iPhones, and other digital devices. She also does forensic investigations of computer systems for the firm.

	LANGALIST Is powerline networking secure? By Fred Langa An AskWoody Plus reader questions whether data is safe when traveling over common AC electrical circuits. Plus: Yet more tips from your fellow subscribers on hard-drive destruction, salvaging — and maybe even revival!
	Apple MAC Troubleshooting kernel panics and testing Mac hardware By Nathan Parker Most of the time, the macOS operating system “just works.” On healthy machines, users rarely experience major system issues. But occasionally, macOS will experience a kernel panic — the Apple equivalent of the Windows blue screen of death. In most cases, a kernel panic is caused by some flaw or incompatibility in an application or the operating system. But the source of frequent kernel panics could be in the hardware. It’s a good idea to run a hardware test to rule out that possibility.
	BEST UTILITIES Freeware Spotlight — Bloatbox By Deanna McElveen Managing privacy and removing bloatware in Windows are two of those important but annoying tasks for keeping a safe and clean system. Remember my review of Spydish? It’s one of my go-to utilities for running a quick check on privacy settings. It also lets you thin out some of the less useful apps included with Windows. Do you know anyone still using Zune? Recently, we heard that Belim from Mirinsoft was going to add a bloatware extension to Spydish. But apparently, there was a change in plan. Instead, Belim created a standalone gem called Bloatbox.