Windows 10 bumps up support-call traffic

Windows 10 bumps up support-call traffic

A major operating system upgrade always brings new problems — and a slew of frantic calls to tech-support services.

Queries about a new OS often go well beyond learning a user interface; drivers and applications have to be updated, and no amount of beta testing ensures that everything works.

All this is especially true of the Windows 10 upgrade. Users flocked to the new OS in record numbers. Many waited eagerly for months to try the Win8 replacement; others leaped at the apparent bargain of a free upgrade. And others, who didn’t even want Win10, got it anyway, thanks to Microsoft’s aggressive upgrade policies.

Recently, the large support company RESCUECOM (website) reported that 56 percent of the calls it received in the third quarter were Windows 10 related — and Win10 didn’t officially ship until the quarter was nearly a third over.

Curious about the most common Win10 issues, I interviewed RESCUECOM CEO David Milman, via email. Knowing more about possible upgrading traps makes it easier to avoid or fix them.

RESCUECOM is a subscription-based tech-support and repair company for Windows, Macs, tablets, and phones. Subscriptions start at U.S. $30 a month and include both tech calls and house calls (at no extra cost).

Milman wouldn’t tell me how many subscribers the company has, but he stated that RESCUECOM has over 6,500 employees and contracted freelancers, which gives you an idea of its size.

Note: Aside from researching and writing this article, I have no connection with RESCUECOM. I’ve never used, tested, or reviewed the service. So I can’t say whether it’s better or worse than its competitors.

With the Win10 release, the phones start ringing

Milman noted that RESCUECOM always sees a surge in calls when an operating system gets a major upgrade. But Win10 was unusual; the volume of calls has been about double that of previous Windows releases. Most of the support questions “focused on problems with usability and a desire to revert [to Windows 7 or 8], instead of how to use the new OS,” according to Milman.

The upgrade caught many users by surprise; they didn’t understanding why their desktop suddenly looked different. According to Milman, “Microsoft was either brilliant or sneaky (the jury is still out) in how it delivered Windows 10, [which] appeared on just about every Windows 7 and Windows 8 (8.1) computer on the planet.” (That doesn’t include the many corporate systems.)

However, the majority of RESCUECOM callers were better informed. They had actively — perhaps even enthusiastically — updated their systems. But then they discovered that Windows 10 didn’t always behave as advertised.

Milman noted that he ran into problems on his own machines and reverted one system back to Win8.1. “One of my two NVIDIA graphics cards was incompatible, and I didn’t feel like spending the time to chase down the correct drivers.”

(As described in the Aug. 27 Windows Secrets Top Story, “Thirty-day Win10 experiment lasts only a week,” I had my own share of Win10 upgrade disasters — most of which have been resolved.)

Drivers drive Win10 upgraders to drink

Hardware failures — mostly due to incompatible drivers — are a common problem with new operating systems. “Some hardware will not [immediately] work with Windows 10,” Milman told me. “Some older products may never get windows 10 drivers.”

Milman suggests opening Windows’ Device Manager to find misbehaving drivers. (Right-click the Start icon and select Device Manager from the pop-up list.) Typically, a small yellow warning flag will be attached to the icon for a problematic device.

That is, of course, if you can use your computer at all. Bad video drivers can result in a black screen. For driver issues this severe, try booting into Safe Mode and downloading the correct drivers from the hardware manufacturer’s site. (Win10 doesn’t make it easy to run Safe Mode. For more info, see the Sept. 17 Field Notes, “Lost and found: Windows 10’s safe mode.”) Open Device Managers again, right-click the failing hardware, and select Update Driver Software.

When a favorite app doesn’t survive the upgrade

Most applications that work in Windows 7 and 8 should work in Win10 — but sometimes they don’t. And XP-era applications are especially problematic. For in-place upgrades, Microsoft suggests running the system-compatibility checker that’s in the Get Windows 10 option menu (see Figure 1).

Milman surprised me when he noted that many callers complained that their antivirus program no longer worked after the Win10 upgrade. But most of these callers were uninformed users running outdated AV software (which is scary, even without an OS upgrade). Updating the security software always fixed that problem. (The Win10 upgrade process is supposed to uninstall third-party AV apps and then reinstall them, but apparently that doesn’t always work.)

You probably know enough to keep your antivirus up-to-date. But if any type of program refuses to run in Windows 10, you should always check for a newer version. You can also try running it in the Windows compatibility mode (see Figure 2). For more information, see the Oct. 15 LangaList Plus item, “Tools for running old software on new Windows.”

Note that Microsoft recommends backing up your personal information, installing all offered Windows updates, and getting the most current versions of all apps before migrating to Win10.

Rolling back Win10 — or avoiding it completely

It was no surprise that many callers wanted to return to Win7 or 8.1. But I was surprised that reverting to the previous OS didn’t always work — even within the 30-day grace period. “The failed reverts were most troublesome,” Milman told me. “In the most dramatic cases, we did a data recovery from the drive and did a fresh install of the older OS.”

The lesson here — actually a familiar reminder — is to always back up your full system before making any significant changes to it. (And upgrading the OS certainly qualifies as the most significant change you can make to a PC.)

If you do roll back — or never allow the upgrade to happen — you’ve got another problem: Microsoft will continue to push the upgrade. How do you stop that? Milman suggests you “edit the way icons are displayed in the tray,” then “go into the control panel and look for a specific installed update and remove and/or hide it.”

I have a better solution. Download and run the free GWX Control Panel (webpage). Once it’s up, click the two lower buttons: Disable ‘Get Windows 10’ App (permanently remove icon) and Disable Operating System Upgrades in Windows Update. I discussed this in more detail in a recent PCWorld article.

The various liabilities of Windows 10

That many people struggle to avoid Windows 10 speaks volumes about its problems. Like many, many others, I eagerly awaited this upgrade — then was disappointed with the results. Not only does it have technical problems (inevitable with a major OS upgrade), but it suffers from privacy issues and an aggressive upgrade policy that makes upgrading actually difficult to avoid.

In the past, I’ve recommended that Windows users wait three month before upgrading to a new version of operating system; RESCUECOM recommends six months. (And not just for Windows; Milman has the same recommendation for Macs, too.) Advanced Windows users can work through the problems with the new OS, but for novice and casual users, I think I’m going to start recommending a six-month wait, as well.

Still no formal word on the Win10 Fall Upgrade

When Windows 10 was first released back at the end of July, the recommendation was to wait for the first major update before migrating to the new OS. That big fix for Win10 is due out any day now.

Plus: Google puts another nail in the Windows XP coffin — and adds another one for Vista, too.

Still waiting for Windows 10 Fall Update

As has been widely reported, the much-anticipated, next major Win10 update, Version 1511, is due out this month. Some reports claim that it’s essentially Insider build 10586, which went to the fast ring Nov. 5 and then to the slow ring Nov. 9. As a reminder, fast-ring releases are generally quite stable but could have some significant bugs; slow-ring releases are close to a finished product.

There have also been numerous speculations/predictions that it would be released on the regular monthly Patch Tuesday. But based on the updates offered this Patch Tuesday, the Fall Update is still a no-show. Still, the past few months, Microsoft has been much more loosie-goosie about its Windows and Office update schedule. The current betting is that it will start rolling out this Thursday, Nov. 12.

The update could arrive any day now, and it should be chunky. Win10 users should prepare for a relatively long download-and-install process.

Time for XP and Vista users to dump Chrome

A Nov. 10 Google Chrome Blog post notes that Google will no longer send out updates and security fixes for Chrome on XP and Vista. But there’s no need to panic; the new policy reportedly starts in April, 2016. Dropping support for Vista is a bit puzzling; Microsoft will send out security updates until April 11, 2017. Mark your calendars.

(The new Chrome policy isn’t restricted to Windows; Apple OS X 10.8 (Mountain Lion) and earlier versions will also no longer get Chrome updates.)

The post notes that Chrome will continue to work on those platforms. But if there’s any single app category that you want to keep updated, it’s your browsers.

Finally, Google Maps while offline

Smartphones have become the go-to devices for searching locations and viewing maps. But when your connection to the Internet gets spotty, digital navigation can also get dicey. It’s the primary reason I use a standalone GPS unit in my truck.

Now, however, not only can you run Google Maps to your mobile device, you can download geographic data for use offline. That includes, according to the Google announcement, turn-by-turn directions and points of interest. Apparently, the app will automatically switch between online and offline modes, based on its ability to connect to the Net.

Not surprisingly, the new Google Maps is available only for Android devices; an iOS version is “coming soon.”

Audible vs. Kindle Unlimited; pros and cons

I don’t have much time to sit and read books, but I’ve been an Audible.com subscribers since its inception. Currently, I pay $14.95 for one book a month, and I listen to Sci-Fi, history, and mysteries while walking the dogs and doing other stuff that doesn’t require much thought. I’ve especially enjoyed audio books during long road trips up and down the Left Coast.

I also have a Kindle account for times when I can sit and read. So my interest was piqued when I received a Kindle Unlimited offer for just $10 a month (with a 30-day free trial). The $10 fee doesn’t restrict you to one or two books a month — it’s effectively unlimited. What’s especially intriguing is that the digital book I’m reading lets me switch back and forth between reading and listening modes.

So it seems as if Kindle Unlimited might be a better deal than Audible (which is owned by Amazon). But the proof of the pudding is, as they say, in the eating — the two services are different. You effectively purchase an Audible book. If you cancel your Audible membership, you still have access to all the books you’ve paid for. Whether that’s a plus depends on whether you reread books.

Kindle, on the other hand, is more like a library — you borrow books. When you cancel your Kindle membership, you lose access to any books you’ve selected.

But it’s a bit more complicated than that. A Kindle Unlimited account includes access to a limited selection of Audible books. How many is hard to say, but the Amazon site lists over 4,500 books with narration. (It also list over a million books in the Kindle Unlimited library.) Oddly, the Audible site states that you can pick from over 60,000 Kindle books with the audio option. And Audible has a catalog of over 180,000 titles, including books, magazines, and other content.

So which is better? That, of course, depends on your reading habits. It you’re like me and have little time for actual reading, Audible is probably the better way to go. If you have more time on your hands and are less picky about what you read, Kindle Unlimited looks like a good deal.

MS Office files locked after Win8/10 upgrades

On some systems, upgrading from Win7 to either Win8 or Win10 can result in user files — including all your Office documents — being set to read-only or made otherwise unusable. Here’s the fix.

Plus: A supposed “tune up” tool creates a mess, and Windows turns 30 this month!

Can’t use Office documents after upgrade

Reader DLeib had an unpleasant surprise after migrating to Win10.

• “I upgraded to Windows 10. All my MS Office documents and folders were read-only. I reverted back to Win7 to be able to access my files.

  I Googled the issue; found no solutions online.”

This error isn’t limited to Win10; it can also happen with some Win7-to-Win8 upgrades. Typically, it’s the result of a mangled ownership security attribute for files or folders. This makes Windows treat your files as if they were being accessed by a different user!

There are a number of fixes, ranging from the simple to the complex; you’ll find them detailed in the Sept. 10 LangaList Plus item, “File-permissions problems after Win10 upgrade,” and the May 21 column, “Windows 8 upgrade error locks user’s files.”

But because you’ve already reverted back to Win7, you have another option that can let you sidestep the problem. Here’s how:

• Make a full backup or image.
• Manually copy your user files and folders to a safe location, off the main hard drive. Make sure to copy all files that were locked after the Win10 upgrade.
• While still in Win7, delete the original versions of the troublesome user files and folders. Be sure to delete all previously locked files and folders.
• Now, do the Win10 upgrade again.
• When the update is complete, copy your user files back from wherever you stored them.

Because the files that you stored off the main drive were not processed in any way by the Win10 upgrade, you should be able to copy them into your new setup — and access them normally.

Running a “tune-up” tool creates huge mess

Patrick Montgomery tried an automated clean-up tool, but ended up with a dead PC. He’s running Win10, but the same problem occurs with any Windows version.

• “Here’s the scene: I did a system scan with IObit’s Advance System Care. The app said my Win10 setup had two ‘security holes,’ and it made some repairs. However, when I restarted the computer, it froze. So I did a power off and restart. Now all I have is a blank screen with the little cursor flashing at the top.

  “How do I rescue my computer? I’m dead in the water here.”

Wow, that’s a serious mess, Patrick.

I can help, but first, will you allow me a small “I told you so?” I covered IObit’s Advance System Care in the July 16 Top Story, “Are system/Registry cleaners worthwhile?” and found it lacking.

I also covered similar products in:

• “The Windows Maintenance Challenge: Part 1” – Aug. 14, 2014
• “The Windows Maintenance Challenge: Part 2” – Aug. 28, 2014
• “Test-driving ‘free scan’ tune-up suites” – Aug. 9, 2012
• “Putting Registry- /system-cleanup apps to the test” – Nov. 10, 2011

In those tests, I found that most tune-up tools were far too aggressive, effectively creating more problems than they solved. And, like you, I’ve ended up with some Windows setups rendered totally unbootable by bogus and unnecessary “repairs.”

Now to the problem at hand:

To recover your system, you’ll need a Windows setup or system-repair disk, a third-party recovery/repair disc, or a bootable recovery disk created by whatever backup/imaging tool you use. Boot your system from any one of these disks and use its Repair or Restore options to recover your PC.

However, I’m assuming you don’t have that option readily available — or you wouldn’t have written in. I suspect you’re really asking for a way to rescue your system without having any recovery/repair tool on hand.

From Win7 onward, all Windows setup and recovery discs are totally generic for each version; e.g., a rescue disc created on any edition of Win7 will work for any other edition. If you can borrow an appropriate Windows disc from another source (say, from friend, family, or work), you can boot from that disc and select Repair my PC. As long as that borrowed disc is the same Windows version (Win10, in your case), it should work fine. You can even use someone else’s setup disk to completely reinstall Windows to your PC. It’s completely legitimate, as long as you use your own product key (or automatic “digital entitlement”).

If no one you know has a disc to loan you, use any functioning Windows PC to download a fresh copy of the Win10 setup files from the Microsoft site and burn them to disc or flash drive. (Note: Make sure you download the correct bittedness (x32 or x64) for your PC.) Boot your PC from that generic Win10 setup disc or drive and select the Repair my PC option when it’s offered.

The preceding procedure should get your system booting again. You then have two immediate tasks:

• Make a full backup or system image plus a separate recovery drive so that you can access your backups in an emergency (such as the one you’re now experiencing). For help with that task, see the Windows Secrets stories, “Best of breed: Win10’s hybrid backup system” (Oct. 15), and “Learn to use the Windows 10 Recovery Drive” (Sept. 17).
• Next, uninstall — and resolve never to use again — hyperagressive “tune up” tools. Instead, follow the advice given at the end of “Are system/Registry cleaners worthwhile?” (July 16) for effective and safe ways to keep your PC properly maintained.

Happy Birthday! Windows turns 30 this month

Microsoft launched Windows 1.0 in November, 1985.

That original version of the OS was just a standard DOS setup (on a 5.25″ floppy disk) wrapped in a simple point-and-click interface and displayed in glorious Hercules monochrome or CGA graphics.

This combination of operating environment and shell was primitive, but it could run and display several programs at the same time (see Figure 1) — something novel in the then world of PCs, typically running single-tasking DOS apps and simpler, one-app-at-a-time task switchers.

Windows 1.0 was ahead of its time; most PCs of the day had, at best, only 640KB of available memory. After loading DOS and the Windows 1.0 shell, there wasn’t much room for productive/useful apps. Simpler, leaner, terminate-and-stay resident (TSR) task switchers, such as Borland’s Sidekick (Wikipedia info), were far more useful and popular.

Although Windows 1.0 had the humblest of beginnings, it started the evolution of an OS family that now runs on about 88 percent of the world’s desktop and notebook PCs.

For more info:

• “Windows 1.0” – Wikipedia page
• A 1985 image of a very young Bill Gates, holding a Win1.0 floppy disc – Twitter post

Are you keeping away from the OS bleeding edge?

When Lounge member Fascist Nation read an off-hand remark by tech writer Ian Paul that Win8.1 users are very happy with their free upgrade to Win10, he saw that it begged a question: Why are Win8.1 users who are sticking with that much-maligned OS doing so?

He took his question directly to the Windows 8 forum in the Lounge. Wherein an interesting discussion ensued. You might want to join it.

The following links are this week’s most interesting Lounge threads, including several new questions for which you might have answers:

Office Applications
General Productivity	Office 2016 programs restart after being closed
Word Processing	Office 2010 in Win10
Spreadsheets	UDF to parse formula
Databases	Simple forms design question
Presentation Apps	Removing background of photo
Visual Basic for Apps	How to reset checkbox?
Microsoft Outlook	Reconnecting Gmail account to Outlook 2013 client
Non-Outlook E-mail	Web-based Outlook problem
Other MS Apps	Windows PowerShell stopped working
Windows
General Windows	Little or no CPU activity about same time every day
Windows 10	Problem getting Insider Preview builds
Windows 8	Love Win8.1; why not Win10?
Windows 7	Replacing hard drive
Windows Vista	Task Manager problem
Internet/Connectivity
Internet Explorer and Edge	Internet Explorer and Blur BHO
Third-Party Browsers	Firefox 42.0
Networking	Laptop stopped printing to networked computer-connected printer
Other Technologies
Security & Scams	Email bombardment from emailinfo.bestbuy.com
Hardware	3TB Seagate drive in Rosewill enclosure reports only 746 GB
Graphics/Multimedia	Free way to compress MP4 videos?
Other Applications	Offsite (cloud) vs. NAS storage

starred posts: particularly useful

If you’re not already a Lounge member, use the quick registration form to sign up for free. The ability to post comments and take advantage of other Lounge features is available only to registered members.

If you’re already registered, you can jump right into today’s discussions in the Lounge.

Famous Northwest artist wary of reporter

Until recently, I was unaware that more than one Seattle feline has launched a big career on the Internet. We already know quite a lot about the ruminations of Henri, the tuxedo cat philosopher. Now, meet Cooper, an orange photographer and film maker. Although he seems quite at home in his gallery, his house, and the world, he seems a little standoffish with an over-friendly reporter. Which would only be correct and fastidious feline style. Click below or go to the original YouTube video.

Making Office secure is November's patching task

November is shaping up to be a hefty patch month. My Win7 machine was offered 30 updates, including a reissued Office patch and the all-too-regular .NET fixes. (The number you see depends on your configuration.)

As usual, I’ll tell you which updates are priorities and which should be put on hold for now. The good news? Most of the security fixes are rated just important.

MS15-112 (3104517)

November’s review of browser updates

Keeping your system fully updated always starts with the window into the Internet — your browsers and helper apps. November’s KB 3104517 is the regular cumulative update for Internet Explorer. (As I’ve said numerous times, it’s critical to keep IE updated, even if you never use it. Microsoft’s browsers have deep hooks into Windows.)

The Patch Tuesday week is always a good time to ensure that your other browsers are fully updated. Chrome and Firefox typically update automatically, but not always.

More problematic are helper apps such as Adobe Flash Player and Java, both of which have long vulnerability histories. Simply put, if you don’t need them, uninstall them. As a Network World story notes, Flash is a favorite with cyber criminals. Unfortunately, Microsoft has built Flash into IE 10 and 11; you’ll need to manually disable the media player. A How-To Geek blog post provides details.

The most recent Flash, Version 19.0.0.245, was released on Nov. 10, according to Adobe Security Bulletin APSB15-28. The update fixes 17 newly revealed vulnerabilities. Win10 users will see KB 3103688 for updating Flash in IE.

If you have Java, the app’s download page shows Version 8 Update 65 as the most current release, posted Oct. 20.

As also noted in this week’s Field Notes, if you’re running Chrome on XP, the browser will no longer get updates after April 2016 (see Google post). Here’s yet another example of why sticking with XP can be dangerous.

Final note: When installing or updating browsers and browser accessories, watch out for prechecked, possibly unwanted software offerings, such as toolbars, security software — and Chrome.

What to do: Install KB 3104517 (MS15-112) as soon as possible.

MS15-113 (3105213)

Fix for Edge included in Win10 cumulative update

Microsoft is soon to release a significant update for Windows 10: the Fall Update or Version 1511. But that hasn’t stood in the way of the company issuing a large, cumulative update for the current OS. The info page for KB 3105213 states that it’s a cumulative update for the Edge browsers. And, indeed, the patch fixes four vulnerabilities in the new browsers. But the update includes all previous Win10 security updates.

A Paul Thurrott blog reviews what we should see in Version 1511. Oddly, however, this new release already has its own cumulative update, in the form of KB 3105211.

When the Fall Update is out, we’ll review its new features and changes. Those running the Windows Insider edition should see KB 3105211 sooner. And if you’re sticking with Win7, stay tuned for information on how to block the upcoming push to migrate to Windows 10.

What to do: Let KB 3105213 (MS15-113) and KB 3105211 install when offered.

MS15-114 (3100213)

Journal exploit leads to email-based attacks

Despite countless warnings not to, computer users continue to open bogus email attachments. Sometimes it’s through thoughtlessness; in other cases we’re tricked by cleverly designed phishing attacks. (It’s always tempting to open that very real looking, but bogus, FedEx message.)

KB 3100213 patches a vulnerability in Windows Journal that’s likely to be exploited via malicious email attachments. The Journal is a note-taking application that I suspect most Windows users have either forgotten about or never knew existed. Opening a malicious Journal file could allow a remote attack.

The update is rated critical for Vista, Win7, Windows Server 2008, and Server 2008 R2 systems; all other Windows users are off the hook.

What to do: Install KB 3100213 (MS15-114) when it’s offered.

MS15-115, MS15-121, MS15-122

A confusing set of Windows-kernel updates

Three security updates tackle different vulnerabilities but share a common task: fixing flaws in the Windows kernel. KBs 3097877 and 3101746 repair how Windows handles memory, embedded Adobe Type Manager fonts, and permissions. KB 3097877 prevents remote-attack exploits and is rated critical; KB 3101746 tackles exploits that bypass Windows security and is rated important.

KB 3081320 fixes Windows’ Schannel component (aka the Security Support Provider Interface), which handles system-security authentications. Exploiting a vulnerability in this component, an attacker could spoof credentials via a man-in-the-middle hack. The update is rated important for Vista, Win7, Win8.x, and various Windows Server versions.

KB 3101246 patches the Windows Kerberos component, which handles network authentications. As noted in the update’s info page, an attacker could bypass Windows security and decrypt BitLocker drives. But the patch is rated just important because a successful exploit requires direct access to a targeted machine. This updates applies to all supported versions of Windows — including the soon-to-be-released Windows 10 Version 1511.

Note: If you manually install these three updates on Win8 or Server 2012 machines, you must do so in the following order: KB 3101246, KB 3101746, and KB 3081320. (Windows Update will install them in the proper order automatically.)

Again, all three updates involve the Windows kernel. Patching the kernel always includes a bit of caution. But because some of these patches are critical, I’ll give an early yea/nay in the Windows Secrets Lounge (see the link at the bottom of this column).

What to do: There are early reports of sign-in problems and Outlook crashes after installing KB 3097877 (MS15-115). Keep that patch on hold while I look for more information. Microsoft is also looking into the patch’s problems.

Wait at least a week before installing KB 3101746 (MS15-115), KB 3081320 (MS15-121), and KB 3101246 (MS15-122).

MS15-099, MS15-116

A slug of Office patches — including a do over

For November, Microsoft has released security updates for five versions of Office — from Office 2003 on. That makes for a long, long list of fixes.

Adding to the task, Microsoft reissued the updates in MS15-099, which includes KBs 3085572, 3085620, and 3085635.

The rest of the Office security updates are included in MS15-116, which addresses five memory-corruption vulnerabilities that could give an attacker elevated rights. Office users will see some combination of the following:

Office 2016

• 2910978 – Access
• 2920680 – Publisher
• 2920698 – Project
• 2920726 – OneNote
• 3085634 – Skype for Business
• 3085635 – Office
• 3101507 – Visio
• 3101509 – PowerPoint
• 3101510 – Excel
• 3101512 – Office
• 3101513 – Word
• 3101514 – Office

Office 2013

• 3054793 – InfoPath
• 3085561 – Publisher
• 3085584 – Access
• 3101359 – PowerPoint
• 3101360 – Office
• 3101365 – Visio
• 3101370 – Word
• 3101371 – OneNote
• 3101496 – Lync (Skype for Business)
• 3101499 – Excel
• 3101506 – Project

Office 2010

• 2817478 – Publisher
• 2878230 – InfoPath
• 2899516 – Pinyin IME
• 2965313 – Word
• 3085560 – Office
• 3085594 – PowerPoint
• 3085614 – Project
• 3101521 – Office
• 3101526 – Visio
• 3101529 – Office
• 3101543 – Excel
• 3101544 – Access

Office 2007

• 2596614 – Access
• 2596770 – Project
• 2687406 – InfoPath
• 2899473 – Office IME (Japanese)
• 2880506 – Publisher
• 2889915 – OneNote
• 2965313 – Office Suite SP3
• 3085548 – PowerPoint
• 3085620 – Office
• 3085552 – Word
• 3101553 – Publisher
• 3101554 – Excel
• 3101558 – Office Compatibility Pack SP3
• 3101560 – Excel Viewer

Office 2003

• 3101564 – Word Viewer

Other platforms

• 3085477 – Word Automation Services on SharePoint Server 2013
• 3085511 – Word Automation Services on SharePoint Server 2010
• 3101364 – Excel Services in SharePoint Server 2013
• 3101367 – Office Web Apps Server 2013
• 3101525 – Excel Services in SharePoint Server 2010
• 3101533 – SharePoint Server 2010 Office Web Apps
• 3101559 – Excel Services in SharePoint Server 2007
• 3102924 – Office for Mac 2011
• 3102925 – Office 2016 for Mac

What to do: Install any of the above updates if and when offered.

MS15-117 (3101722)

NDIS leads to denial-of-service attacks

Microsoft’s Network Driver Interface Standard provides a common interface between various network drivers. KB 3101722 fixes a vulnerability in the NDIS component that could lead to a denial-of-service attack. The attacker would either run a malicious application or trick a user into opening a bogus app. The update is for Vista, Win7, Server 2008, and Server 2008 R2 and is rated important.

What to do: Install KB 3101722 MS15-117) when offered.

MS15-118 (3104507)

The usual round of .NET Framework updates

MS15-118 includes November’s .NET fixes for three vulnerabilities. The flaws include information leaking, elevation of privilege, and bypassing ASLR security. The patches are all rated important and affect all current versions of Windows and Windows Server.

Note: The .NET updates for Win10 are included in cumulative update KB 3105213. You should see one or more of the following:

• 3097988 – .Net 2.0 SP2
• 3097989 – .Net 3.5.1
• 3097991 – .Net 3.5
• 3097992 – .Net 3.5.1
• 3097994 – .Net 4
• 3097995 – .Net 4.5, 4.5.1, 4.5.2
• 3097996 – .Net 4.5, 4.5.1, 4.5.2
• 3097997 – .Net 4.5.1, 4.5.2
• 3097999 – .Net 4.6
• 3098000 – .Net 4.6
• 3098001 – .Net 4.6

What to do: Install any of the .NET Framework updates in MS15-118 if and when offered.

MS115-119 (3104521) and MS115-120 (3102939)

Two networking-stack vulnerabilities

Windows Sockets sets how networking software can access services. But a vulnerability in Winsock could give an attacker additional rights to a system.

KB 3104521 (MS15-119) is the fix and applies to all current Windows systems. It’s rated important.

Windows IPSec is a protocol used to authenticate network packets. KB 3102939 fixes a flaw in the IPSec component that could allow denial-of-service attacks. This update applies only to Windows 8.x and versions of Server 2012

What to do: Both updates are rated important. Install KB 3104521 (MS15-119) and KB 3102939 MS15-120 when offered.

MS115-123

Fixes for Microsoft communications app

Some cyber attacks target user information that can be later used for other types of hacking. The various patches in MS15-123 fix information leaking in Skype for Business 2016, Lync 2013, and Lync 2010. If you are a user of Skype for Business, the update should apply automatically. The update is rated important.

What to do: Install KBs 3085634, 3096735, 3096736, 3096738, and/or 3101496 (MS15-123) if and when offered.

3102810

Optional fix for slow Windows updates

On Nov. 3, Microsoft released KB 3102810 as an optional update for Win7 and Server 2008 R2 systems. According to its online description, this patch plows familiar grounds. It fixes instances where a Svchost.exe process essentially takes over the system CPU. The problem occurs when a Win7 system is upgraded to Win10. We first reported a similar problem on XP systems way back in 2007. I have been seeing this issue this month in scanning manually for updates on my Windows 7 machines.

On Windows Server 2008 R2 servers, the update fixes a slow-down/overloading problem when the System Center Configuration Manager is used to update workstations. (The service is used to configure and manage groups of workstations; more info.)

What to do: Install KB 3102810 if your system seems to run exceptionally slow when processing updates.

Office 2016 gets an early dose of fixes

The list of November nonsecurity updates is relatively modest, though one has to wonder if we’re still beta-testing the latest Office. I’ve not seen any problem reports on these fixes yet. They include:

Windows 8/8.1

• 3107998 – Remove Lenovo USB Blocker version 1.0.0.37 to avoid a system crash

Office 2016

• 2910951 – Office; chart-color in VBA apps
• 2910953 – Office; security popup in IE
• 2910979 – Office; issues with Rights Management Services
• 2920710 – Office; Updating VBA library names
• 3085444 – Office; chart issues with Office apps
• 3085540 – Office; chart issues with Office apps
• 3101352 – Office; VBE type library incompatibilities
• 3101508 – Outlook junk-mail filter
• 3101511 – Office; cache cleanup, collaboration with OneDrive and Word
• 3101515 – Office; Month abbreviations in Greek, chart issues with Office apps
• 3101517 – Outlook; incorrect user names, meetings duplications
• 3101518 – Office; various fixes
• 3101519 – OneDrive for Business; various fixes

Office 2013

• 3055007 – Office; SharePoint connections in Access
• 3101358 – Office; zoom issues in Publisher, PowerPoint crashes
• 3101366 – SharePoint Designer; incorrect URL redirection, workflow publishing failure
• 3101374 – Office; memory leaks
• 3101487 – Office; Recent Rooms failure in Outlook
• 3101488 – Outlook; numerous fixes
• 3101493 – Outlook junk-mail filter
• 3101501 – Office; various fixes
• 3101505 – OneDrive for Business; document shortcuts lost

Office 2007/2010

• 2791057 – Office 2010; error message with Access Data Collection option
• 2837592 – Office 2010; unknown
• 3101540 – Outlook 2010 junk-mail filter
• 3101557 – Outlook 2007 junk-mail filter

Other updates

• 3085508 – SharePoint Foundation 2013; incorrect URL redirection, Add button failure
• 3101362 – SharePoint Server 2013; various fixes
• 3101368 – SharePoint Foundation 2013; cumulative update
• 3101369 – Project Server 2013; cumulative update
• 3101373 – SharePoint Server 2013; cumulative update
• 3101498 – SharePoint Foundation 2013; various fixes
• 3101502 – Project Server 2013; various fixes
• 3101504 – SharePoint Server 2013; About me search failure
• 3101530 – Project Server 2010; cumulative update
• 3101534 – SharePoint Server 2010; cumulative update
• 3101538 – SharePoint Server 2010; document indexing
• 3101547 – SharePoint Foundation 2010; people-picker failure, indexing docs, Russian time zones

What to do: Put off installing these optional update for a couple of weeks. In the next Patch Watch, I’ll report back on any problem patches.

Regularly updated problem-patch chart

This table provides the status of recent Windows and Microsoft application security updates. Patches listed below as safe to install will typically be removed from the table about a month after they appear. Status changes are highlighted in bold.

For Microsoft’s list of recently released patches, go to the MS Security TechCenter page.

Patch	Released	Description	Status
3097877	11-10	Kernel and Adobe Type Manager; also KB 3101746	Hold
3081320	11-10	Windows Schannel	Wait
3101246	11-10	Windows Kerberos	Wait
3080446	10-13	Windows Shell/malicious toolbars; also KB 3093513	Install
3085544	10-13	Reissued Office 2007 fix	Install
3088195	10-13	Windows kernel	Install
3093983	10-13	IE cumulative update	Install
3094996	10-13	JScript and VBScript	Install
3096440	10-13	Office; see MS15-110 for complete list	Install
3097617	10-13	Edge browser, included in cumulative Win10 update	NA
3097966	10-13	Security certification fix	Install
3092601	11-10	Windows Winsock	Install
3100213	11-10	Windows Journal	Install
3100773	11-10	IE cumulative update	Install
3101722	11-10	Windows Network Driver Interface Specification	Install
3102939	11-10	Windows IPSec	Install
3104507	11-10	.NET Framework; see MS15-118 for complete list	Install
3104540	11-10	MS Office; see MS15-116 for complete list	Install
3105213	11-10	MS Edge cumulative update	NA
3105872	11-10	Lync/Skype for Business; see MS15-123 for complete list	Install

Status recommendations: Skip — patch not needed; Hold — do not install until its problems are resolved; Wait — hold off temporarily while the patch is tested; Optional — not critical, use if wanted; Install — OK to apply.