Master patch listing for January 2025

I’ve updated the master patch list here.  It’s the first of the year and I have personally seen one issue whereby I atempted to install 2025-01 Security Update for Windows 10 22H2 KB5050411 along with the main security update and the .net update at the same time.  The first time it failed on error 0x80070643. Rescanned and it installed the second time. Confirmed in the forums by PK, and reports on the web seeing the same behavior.

Please note I am not recommending installing updates at this time, we are just testing and reporting.

I am keeping an eye on the other patches released this month. January was a HUGE release. I’m more concerned about business patchers than I am about consumers this month. I’m also honestly looking more forward to February’s release of the “new” Outlook and will be providing guidance on how to proactively deal with that (stay tuned, planning KB posts and video guidance).

As always, thank you all for supporting the cause! Remember we use the “name your price” model where you can choose how much you will pay for a membership. Plus membership gives you full access, And if you donate $50 or more, you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.

More details about these updates in Monday’s newsletter.  You are missing out if you don’t sign up. All content is human made with our own blood, sweat, tears, fingers, and brain power — and it’s 100% AI free.  Therefore, if I’ve fat fingered any KB numbers or if you have any questions, as always post in the forums and I’ll follow up!

January 2025 patches get released

It’s the first of the year and the start of our ten month countdown to end of support (but not end of using) Windows 10. Today’s updates include the following:

Windows 10 22H2 – KB5049981 – also includes an update to the Windows Kernel vulnerable driver blocklist.

Windows 11 23H2 – KB5050021  – This update adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.

Windows 11 24H2 – KB5050009 As a reminder I am still not officially recommending using or installing 24H2. I know many of you have but I still have reservations for consumers, gaming platforms and some business uses.

Citrix has documented issue, including a workaround which can be performed prior to installing the January 2025 Windows security update. For details, see Microsoft’s January Security Update Fails/Reverts on a machine with 2411 Session Recording Agent.

Next steps: Microsoft is working with Citrix to address this issue and will update this documentation once a resolution is available.

Just a reminder, I do not recommend installing updates at this time, we are now in test mode.

For Apple, I do recommend installing iOS 18.2.1 released on January 6th.

Treasure Hunt — 10 hidden gems on OlderGeeks.com

FREEWARE SPOTLIGHT

By Deanna McElveen

This week we’re looking at ten very useful and free programs that just kind of got buried in the thousands of other programs on our website.

This is not a “Top Ten” list — the selections are not ranked. But most have their place and serve a purpose, so I hope you’ll find something useful here.

Read the full story in our Plus Newsletter (22.02.0, 2025-01-13).
This story also appears in our public Newsletter.

Forum Top Ten lists!

FROM THE FORUMS

The forums are a centerpiece of AskWoody, allowing our community to engage with one another to solve problems, share insights, offer feedback, and add to our collective knowledge. (Not to mention keeping us in line.)

We appreciate both the questions and the ongoing willingness of forum members to participate.

Here’s a quick summary of posts from the second half of 2024. We look forward to seeing what happens in 2025.

Read the full story in our Plus Newsletter (22.02.0, 2025-01-13).
This story also appears in our public Newsletter.

Technology fail! Hackers steal $870M from Zelle users, US says

PUBLIC DEFENDER

By Brian Livingston

Three of America’s largest banks — Bank of America, JPMorgan Chase, and Wells Fargo — were sued last month by the US Consumer Finance Protection Bureau (CFPB) for fraudulent losses suffered by their Zelle online-payment customers.

These banks and others launched Zelle in 2017 to compete with electronic funds-transfer apps like PayPal, Venmo, and Cash App. But the financial institutions failed to implement basic fraud-prevention measures, and as a result, Zelle customers have lost $870 million to hackers since the services began, the CFPB says.

Read the full story in our Plus Newsletter (22.02.0, 2025-01-13).

PowerToys to manage your window layouts

WINDOWS 11

By Mary Branscombe

Get document and app windows where you want them more easily — with some help from Microsoft’s free utilities.

Some of the utilities in PowerToys are powerful tools you might need only once every few years, but there’s one I use dozens of times a day because it’s so useful. You might already be using a version of it that’s built into Windows 11!

Read the full story in our Plus Newsletter (22.02.0, 2025-01-13).

Choosing your own domain name services

ON SECURITY

By Susan Bradley

There is a long-standing joke in enterprise technology: “It’s always DNS.”

That’s because if something isn’t working, checking your domain name services to make sure they are set up and are working properly is a first step in diagnosing the problem. Misconfiguration has been the cause of many major outages — it’s not unheard of for incorrect DNS settings to take down entire firms or websites.

Even for consumers, bad DNS settings can prevent access to the Internet.

Read the full story in our Plus Newsletter (22.02.0, 2025-01-13).

Diagnosing an issue

I have an older HP Z2 Mini G9 workstation desktop PC running Windows 11 23H2 that lately has been driving me batty. It will randomly stop responding. The only way to get it working is to pull the power cord and turn it back on again. Ran diagnostics on all the hardware and it comes out clean. Ran Nirsoft Blue screen of death tool and it found two dump files on the box that pointed to video card drivers. There is a multi-card Nvidia installed. The way you know this is by running the Nirsoft tool and it if there is an obvious BSOD left behind, it will diagnose it and point you in the right direction. I say “point” because it gives you where the bugcheck occurred and you have to google the file name to see what or who made the driver. I downloaded the latest and greatest and now we wait to see if it occurs again. It’s one of my “older” units of my Windows 11 fleet. So, it’s not that old, but it is older.

So why did this machine suddenly start doing this when it was fine for so many years? Software is not a finished product. Every month on any platform we get little bits of updated code that fix this, or enhance that. Especially with firmware and video drivers, often this code more than any other interacts with the additional kernel protections that Microsoft keeps adding along the way.  So when suddenly a machine starts misbehaving, do your due diligence and start running tests. Then go on to tools like Nirsoft and see if there is a bluescreen dump left behind.

Now I will wait to see if that keeps it from freezing up again. I’ve seen this before. A well-behaved machine suddenly stops being so. And the ones with random errors are the hardest to diagnose.

MS-DEFCON 2: Kicking off the new year

By Susan Bradley

We’re less than a week away from the first round of updates for 2025, not just for Windows but for all our devices.

Although things have been relatively quiet at the end of the year, especially because many of Microsoft’s developers take extended time off over the holidays, we’ll soon be in the thick of patching. That’s why I strongly recommend deferring updates until we have time to study and test them. Therefore, I’m raising the MS-DEFCON level to 2.

Anyone can read the full MS-DEFCON Alert (22.01.1, 2025-01-09).

CES is not about consumers

You’ll be hearing headlines about the Consumer Electronics Show in Las Vegas this week. But here’s the thing — CES is not for consumers, it’s for the business and manufacturers of consumer technology. Also, most of the time it’s not about technology available right now, but rather technology soon to come. A lot of floor space is dedicated to the manufacturers of components, not finished products. Need a widget for your new tech wonder? This is the place to find it.

I know of many managed service providers that go to CES to get a pulse on what’s coming in technology. In small businesses, we often use both consumer and business tech.

There is also an increasing amount of health-related technology. I am a fan of the Withings monitoring cuff to take measurements of my blood pressure, as well as my dad’s. We tend towards high blood pressure (dealing with technology probably doesn’t help), so I monitor it on a regular basis. It uploads the readings to an electronic database. We print out the listing of the readings before we head to the doctor, which allows the information to be reviewed without the “increased by the stress of going to the doctor” effect.

Going to the show? Withings is at Level 2, Halls A-D, Booth 54119.  Tell them I said “Hi!” They have a new blood pressure monitor that was shown at last year’s CES but still awaits approval. See? That cool new thing announced at CES may — or may not — be available for sale!

January 2025 Office non-Security updates are available

Office non-Security updates have been released Tuesday, January 7, 2025. They are not included in the DEFCON-4 approval for the December 2024 patches. Unless you have a specific need to install them, you should wait until Susan Bradley (Patch Lady) approves them and any problems have been reported.

Remember, Susan’s patching sequence and recommendations are based on a business environment that has IT support and may have time constraints on the updating process. Consumer patching should be more cautious due to limited technical and mechanical resources. The latter is the reason for the AskWoody DEFCON system.

Office 2016
Update for Microsoft PowerPoint 2016 (KB5002632)

Office 2016 reached  End of Mainstream Support on October 13, 2020. EOS for Office 2016 is October 14, 2025.

Updates are for the .msi version (perpetual). Office 365 and C2R are not included.

Security updates for all supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday).

Happy New Year!

EDITORIAL

By Will Fastie

To begin 2025, we bring you our best advice about keeping your PC spit-polished and ready for another year of hard work.

The article “Let your PC start the new year right!” has been a staple around here for years. The tradition is now in the capable hands of our resident hardware expert, Ben Myers, after a long run from Fred Langa.

Read the full story in our Plus Newsletter (22.01.0, 2025-01-06).