Pardon my (security cert) lapse…

As many of you have noted, the AskWoody site was down for a few hours this afternoon. Ends up that the SSL certificate (the thing that puts the “s” in “https”) expired — and it shouldn’t have.

Anyway, we’re back up and running like crazy…

July 11 security-only patch KB4025337 causes BSOD

Poster @skunk1966 reports

I just installed KB 4025337 for Windos 7 (x64). After rebooting my system I got BSOD. Started up in safemode and ran sfc /scannow. Rebooted in normal mode and again BSOD.

In the end I couldn’t fix it so uninstalled KB 4025337 using wusa cmd. Rebooted in normal mode and all is fine again,

The computer, running Win7 Ultimate has an older Intel Core 2 Quad Q8200 (Yorkfield) and ATI AMD Radeon HD6450 graphics.

Is anybody else seeing problems with the July 11 Security-only patch for Windows 7?

Today is Net Neutrality day

If you missed our recent blogpost on Net Neutrality, check it out:
https://www.askwoody.com/forums/topic/net-neutrality-day-is-july-12th-2017-a-call-to-action/

You could also check out:
https://www.savetheinternet.com/net-neutrality-what-you-need-know-now
http://www.netneutrality.com/
https://www.battleforthenet.com/
https://twitter.com/hashtag/NetNeutrality?src=hash
https://twitter.com/hashtag/NetNeutralityDay?src=hash

July 2017 Patch Tuesday rolls out with another load of updates

On July 11, Microsoft has once again rolled out a deluge of patches for Windows and other Microsoft products.

Martin Brinkmann at ghacks.net provides the full list. Here’s the summary.

• Windows 7:  22 vulnerabilities of which 2 are rated critical, 19 important, and 1 moderate
• Windows 8.1: 24 vulnerabilities of which 2 are rated critical, 21 important, and 1 moderate
• Windows RT 8.1: 21 vulnerabilities of which 2 are rated critical, and 21 important
• Windows 10 version 1703: 27vulnerabilities of which 2 are rated critical, 23 important and 1 moderate
  Note: Windows 10 version 1507 will no longer receive security updates.

Other products affected:

• Internet Explorer 11: 7 vulnerabilities, 5 critical, 2  important
• Microsoft Edge: 19 vulnerabilities, 15 critical, 3 important,  1 moderate
• Microsoft Office 2010 Service Pack 2: 2 vulnerabilities, 2 important
  
• Microsoft Office 2013 Service Pack 1: 1 vulnerabilities, 1 important
• Microsoft Office 2016: 1 vulnerability, 1 important

Good news: supposedly the IE11 browser crashes have been addressed.

It’s back!! Watch out for KB2952664 (Win7) and KB2976978 (Win8.1) reissued 7/11 with a metadata change. You may get it again!!!!

UPDATE: Security patches for Microsoft Office are now available. Considering last month’s fiasco, it’s probably an excellent idea to let the lemmings (er…Guinea Pigs) jump off the cliff first. Unless you desperately need patches to fix patches to fix patches….
Office 2007 (5), Office 2010 (3), Office 2013 (9), and Office 2016 (14)

UPDATE: .NET Security and Quality Rollup updates for July 2017 are available for Win10 only. The update addresses CVE-2017-0248.

Amazon Prime day

If you’ve been sitting on your keester, debating about shelling out hard money for an Amazon Echo, you have just a few hours to take advantage of the Amazon Prime day deals.

Echo has been cut 50%, to $89.99. The Dot goes down from $50 to $35.  Affiliate links for both are on the right. (Click on an affiliate link, or click one of the Amazon links up in the top right corner, and AskWoody gets a small cut from your purchase. No charge to you.)

MS-DEFCON 2: Time to make sure you turned off Automatic Update

With Patch Tuesday imminent, make sure you have Automatic Update turned off. You have to patch sooner or later, but there’s no reason to expose your machine to malformed missives from Microsoft.

Details in Computerworld Woody on Windows.

Big changes at the top for Microsoft

Brad Sams just reported on petri.com about two senior Microsoft departures. We’ve all been expecting details about thousands of folks in the salesforce getting the boot. But these two caught me by surprise.

Nat Levy at GeekWire reports that Chief Info Officer Jim Dubois – who’s been on sabbatical – is retiring. Folks inside Microsoft think of the CIO as the person who keeps the internal business systems running. I think of Dubois as the chief consumer of dog food — the person who gets to try out all of the new features before the beta world sees them.

Surprisingly, to me, Kurt DelBene will take on Dubois’s duties, using the newly coined title “Chief Digital Officer.” (I suppose that’s a step up from Chief Analog Officer.) I’ve written about DelBene before. He’s a long-time friend and confidant of Satya Nadella, with serious cloud experience.

Brad also announced that William Kennedy is leaving. He’s the Corporate VP of Windows development, but it isn’t clear to me exactly what he does at MS.

Oddly, this is the second time in two years that Kennedy’s departure has been announced. Back in August 2015, Ina Fried on Re/code said, as Nadella’s first round of major changes took effect:

Perhaps the oddest turn was a change that was announced but ended up not happening. According to a source, Microsoft announced to the Windows team that it was replacing William Kennedy, the corporate VP of Windows development. It even announced Holecek as his replacement, only to say a short time later that Kennedy would be staying in place after all.

According to this twitter conversation between Brad, Dona Sarkar, and Mary Branscombe, Kennedy is currently in charge of the team that makes Windows Photos, Paint 3D, and other Microsoft apps built for Windows. There are also several references online to Kennedy being “Corporate VP of the Windows Experience development team.”

I can’t find any more information about his departure – where he’s going, who (if anyone) will replace him. If you’re concerned about the future of Paint 3D, there may be reason to fret. Will keep you updated.

On Facebook Secret Conversations…

In the wake of the recent Snapchat location sharing change, I received a message concerning end-to-end encryption in Facebook Messenger:

“… as of late last year FB messenger has end to end encryption BUT…one has to select it for each message they want to make “secret”.

It won’t work with MS desktop FB unless its Win 10 (never for me).”

Now I’m not a Facebook user, but this intrigued me. What I found did not seem to be very user-friendly.

The app that introduced encryption is only available from the Microsoft Store for “Windows 10 and Windows 10 mobile”, but only the mobile app appears to have the chat encryption. It seems older OS devices must use prior app versions which do not support encryption. Naturally, apps are also available for Android and iOS.

(and note the mediocre ratings…)

HowToGeek.com have a post which details the rigmarole required to effect the much-lauded chat encryption. It discusses what parts of conversation are actually encrypted (not any video calling, or any images it allows you to send), and problems with using more than one device with the app.

Their post contains details on how to select which device you’ll be using, how to start a new Secret Conversation, changing an existing conversation to a secret one, confirming your conversations are secret, self-destroying messages and deleting secret conversations.

I was surprised how difficult this all seemed, when other messaging apps seem to be a little simpler.

Thanks to @hiflyer