March 2019 Patch Tuesday patches

They’re starting to roll in.

Martin Brinkmann has a full roundup on ghacks.net:

• Windows 7: 21 vulnerabilities of which 3 are rated critical and 18 are rated important.
• Windows 8.1: 20 vulnerabilities of which 3 are rated critical and 17 are rated important.
• Windows 10 version 1703:  24 vulnerabilities of which 2 are critical and 22 are important
• Windows 10 version 1709: 28 vulnerabilities of which 2 are critical and 26 are important
• Windows 10 version 1803: 33 vulnerabilities of which 6 are critical and 27 are important
• Windows 10 version 1809: 33 vulnerabilities of which 6 are critical and 27 are important

The Microsoft Update Catalog lists 124 individual patches.

Dustin Childs has his usual thorough review on the ZDI blog:

security patches for 64 CVEs [ = separately identified security holes ] along with four advisories… Four of these bugs are listed as public and two are listed as being under active attack at the time of release.

The two that are under active attack (which is to say, the two 0days) are both rated “Important” which, as many of you know, means they aren’t really all that important. They’re “elevation of privilege” attacks — a miscreant has to be in your system already before they can leverage one of these two attacks to move themselves up to admin level.

The list of Win10 patches is up on Reddit.

Win10 1809 – It looks like the “crazy” performance drop in games, including Destiny 2, has been fixed.

There’s a Servicing Stack Update for Windows 7 that’s related to the SHA-2 “critical update” we’ve been expecting since November. No idea if this is the whole fix, or if it’s just a part of enabling SHA-2 encryption for Win7 patches. As noted in the earlier article, you need to get this Servicing Stack Update in order to install any Win7 patches after July. Thx @EP, @Crysta.

6 new Office security patches, to add to the 28 non-security patches from earlier this month. Two new versions of Office Click-toRun: 15.0.5119.1000 for Office 2013; 14.0.7230.5000 for Office 2010.

I don’t see anything screaming to be patched at this moment. More as the day wears on.

Microsoft announces auto-uninstall for bad Win10 patches

Yesterday, Microsoft posted an odd Knowledge Base article that has me scratching my head. KB 4492307 says:

Windows automatically installs updates to keep your device secure and running at peak efficiency. Occasionally, these updates can fail due to incompatibility or issues in new software. Your device has recently recovered from a startup failure if you have received this notification: “We removed some recently installed updates to recover your device from a startup failure.” If Windows detects this, it will try to resolve the failure by uninstalling recently installed updates. This is only done when all other automatic recovery attempts have been unsuccessful.

To ensure that your device can start up and continue running as expected, Windows will also prevent problematic updates from installing automatically for the next 30 days. This will give Microsoft and our partners the opportunity to investigate the failure and fix any issues. After 30 days, Windows will again try to install the updates.

That’s pretty short ‘n sweet – long on promises, short on details – but it begs a host of questions. It appears to announce a new Win10 feature that interrupts an endless reboot cycle and removes the most recently installed cumulative update and/or driver(s).

Further, the feature blocks installation of the same cumulative update and/or driver(s) for 30 days — which is more or less the amount of time necessary to hit the next month’s cumulative update. In the case of bad Patch Tuesday patches, the next Patch Tuesday rolls around in 28 or 35 days. Makes you wonder why the KB article doesn’t say that the auto-uninstaller will just skip the current cumulative update.

There’s no mention of which Windows 10 versions are covered.

@alQamar tweets

Great idea, but the uninstaller should ask before running.

This KB article references other articles that are ancient — one describes automatic updates for XP and Windows 2000, another describes expanding drivers for Vista.

It sure does sound like something an intern dredged up and posted just to increase his/her KB count. But maybe I’m wrong – maybe this is a significant new feature. We may never know.

Color me skeptical, but if you ever hit a “We removed some recently installed updates to recover your device from a startup failure” notification, I’d sure like to hear about it.

Thx Richard Speed at The Register, Rod Trent at myITforum, @rsmith98, Sergiu Gatlan at Bleeping Computer.

MS-DEFCON 2: Make sure your machine’s set to block automatic updates

With Patch Tuesday coming tomorrow, there are all sorts of threatening scenarios at work.

Worst case: Microsoft declares that Win10 version 1903 is ready for distribution. We used to call that “Currrent Branch” and then “Semi-Annual Channel.” Now, I’m not sure what it’s called. Perhaps RTM? I still like the term “Guinea Pig edition.”

Anyway, now’s the time to make sure you’ve gummed up the automatic update works. Full instructions in Computerworld Woody on Windows.

LangaList: How to create a Windows admin account in an emergency

Can’t get into your Windows PC’s sole admin account? Forgot the password? Does your old admin account no longer have admin privileges? No need to panic.

There’s a trick.

You need the Windows Recovery Environment, a series of steps to replace Sticky Keys (!), eye of newt and toe of frog, and some perseverance. Fred Langa takes you through the incantations.

Out this morning to all AskWoody Plus members, in AskWoody Plus Newsletter 16.9.0.

Office: A new Office app brings all of the Office programs under one roof

Whether you use Office 365, Office 2019 and earlier versions, or the free Office Online, the new Office — an upgraded and expanded version of the old My Office — offers one location for launching other programs in the suite (Excel, Word, Access, etc.), opening recent documents, uploading files to OneDrive, and more.

Lance Whitney shows you how to install and use this über-app.

Out this morning to all AskWoody Plus members, in AskWoody Plus Newsletter 16.9.0.

Quick Tip: How to overcome a stuck Default apps list

Win10’s Default apps list associates certain file types with programs designed to open that particular kind of file. Usually it’s pretty easy — tell the Default apps list to use Firefox as your default browser and it’ll take over the tasks usually relegated to Edge.

Sometimes the Default apps list gets stubborn. Try as you might, changing apps in the list doesn’t “take.”

Editor in chief TB Capen found a quick, reliable way to knock Win10 upside the head.

Details in this week’s AskWoody Plus Newsletter 16.9.0, out this morning to AskWoody Plus Members.

Windows 10 Tips: Making sense of Win10’s Storage Sense

Windows 98 introduced the disk cleanup routine – where Windows would reach into your machine and clean out temporary files, downloads, and clear out your Recycle bin.

Starting with Win10 version 1703, disk cleanup became fully automated with a utility known as Storage Sense. More recent versions of Win10 have added to the utility’s features and usefulness.

Michael Lasky brings an inside look at what Storage Sense does, and how to control it.

Details in this week’s AskWoody Plus Newsletter 16.9.0, out this morning to AskWoody Plus Members.

Deanna’s Freeware Spotlight: DeviceTool

Now you can control Device Manager on any of your networked machines. DeviceTool, from Lugrain Software’s Bjoern Schmidt, lets you take control of devices on all of your computers. Whether you need to selectively fire up a hard drive on your second machine, or shut down a Wi-Fi adapter to bring the late-night YouTube sessions upstairs to an abrupt halt, this absolutely free utility gives you complete control.

Details in this week’s AskWoody Plus Newsletter 16.9.0, out this morning to AskWoody Plus Members.