Patch Lady – an ask for a Friday

https://aka.ms/AA1aitt

Please if you are running a Windows 10 machine, I’m asking for your help in upvoting this.  My feedback on Windows is quoted below:

“On behalf of your customers and the security ecosystem of Windows 10 please take this feedback seriously: Please review the procedures and policies you have in place for servicing.

Surface devices should not BSOD on 1803. Enterprise detection of May updates should not need metadata revisions. We should not be losing Nics in various platforms. We should have trust in the updating process that would let us feel comfortable in installing updates the week they come out not mandate that all of us are waiting and seeing what issues occur.

We, the patching community, your customers have lost trust in your patching processes. Please, please fix this. Ensure metadata issues do not occur. Ensure better quality testing is done. Ensure feedback processes are strengthened so that customer feedback is acted upon BEFORE issues occur not after Microsoft themselves have to acknowledge the issues.”

Microsoft 365: Wherein Windows takes a back seat

If you want to stick with Windows, here’s an important primer on where it’s heading.

Mary Jo Foley on ZDNet.

Two more evolving threats in Office: JavaScript functions in Excel and Payment Processing in Outlook

Microsoft’s Build 2018 was a snoozer if ever there was, but two new Office “features” stand out.

Not because they’re good. Because they’re just begging for compromise.

Computerworld Woody on Windows.

Win10 version 1803 is not compatible with Intel 660p and Pro 6000p solid state drives — even the ones in brand new Surface Pro (2017)

It’s taken Microsoft a while to come clean on the incompatibility, but we finally have details…. and now we know why. Some brand-spanking-new Surface Pro 2017 machines ship with the “bad” SSDs.

Who in tarnation tests this stuff? Win10 version 1803 bluescreens on brand new Surface Pros? Un-be-lievable.

Computerworld Woody on Windows.

Oh, and don’t call me “Shirley.”

https://www.youtube.com/watch?v=sNveA2OJODM

Roger Roger that.

Patch Tuesday problems and fixes, but there’s no cause for alarm

Yet.

Consolidated news about this month’s patches for Win10 version 1803, the CVE-2018-8174 VBScript zero-day (which isn’t bad yet), the Win10 version 1709 Meltdown bug fix of a fix, the “authentication error” CredSSP bug that isn’t a bug, and the final resolution of that Server 2008 R2 SMB memory leak fix.

Sliding down the razor blade of patches. Computerworld Woody on Windows.

Patch Lady – if you do have 1803

If you do have 1803 on your computer systems, you’ll honestly want to install https://support.microsoft.com/en-us/help/4103721

There are several key fixes in this release:

1. The issue impacting Chrome and Cortana is fixed.  “Addresses an issue that may cause some devices to stop responding or working when using applications, such as Cortana or Chrome, after installing the Windows 10 April 2018 Update.
2. Fixes an issue with interaction with Server 2016 Essentials and those who have VPN set up.  The issue manifests itself whereby the Server connector software can’t be installed on 1803 machines if VPN is set up on the server.  Installing this update fixes the side effect.  It may also fix issues with third party vpn software.  “Addresses an issue that prevents certain VPN apps from working on builds of Windows 10, version 1803. These apps were developed using an SDK version that precedes Windows 10, version 1803, and use the public RasSetEntryProperties API.“

JavaScript equations coming to Excel. What on earth are they thinking?

I was going to let this one fly by, but I just can’t.

If you’re in the Office Insider program, you can now use custom functions in Excel that are written in… my sweet lord… JavaScript.

The Office Dev Center describes the functions thusly:

Custom functions (similar to user-defined functions, or UDFs), enable developers to add any JavaScript function to Excel using an add-in. Users can then access custom functions like any other native function in Excel (such as =SUM()). … Custom functions are now available in Developer Preview on Windows, Mac, and Excel Online.

My jaw dropped when I heard that in the aftermath of a Build presentation yesterday. In fact, I figured I heard it wrong. But no.

What’s wrong with making JavaScript available as an in-the-sheet programming language? As Lawrence Abrams at BleepingComputer notes, “within hours” a security researcher, Chase Dardaman, figured out a way to put the CoinHive in-browser JavaScript miner inside a spreadsheet.

As if 25 years of macro malware wasn’t enough.

Problems with CredSSP updates CVE-2018-0886 breaking RDP connections

Yet another mess.

@GeekDiver reports:

Looks like CVE-2018-0886  was included in the cumulative update and is breaking RDP connections and App feeds.   No backward compatibility in CredSSP right now we are dealing with 100 Windows 10 PCs that are affected.   Anyone else seeing this?

The CVE-2018-0886 article lists every current version of Windows as falling under this patch’s spell.

Microsoft has an extensive list of errors generated by this update in KB 4093492, which mentions this error and offers a link to https://go.microsoft.com/fwlink/?linkid=866660 — which, in turn, links back to the same article.

Kinda like chasing your tail. Windows is the productivity OS, right?

Susan aka Patch Lady note as of 5/9/2018:  Please note the problem is NOT with the update.  Rather the issue is that there’s a mismatch of patching levels.  In March Microsoft released an update that began the process of rolling out an update to CredSSP used in Remote Desktop connection.  In May the updates mandate that a patched machine can’t remote into an unpatched machine.  If you dig into the KB there is a registry workaround to [TEMPORARILY] disable the mandate, but the better and wiser move is to update the server or workstation you are remoting into.  Make sure the “thing” you are remoting into has an update.  Also note that for consumers and home computers you probably won’t see this issue.  This only has impact if you use Remote Desktop connection to remote into another computer.