Newsletter Archives

• MS-DEFCON 3: Time to get Windows and Office patches up-to-date

  Posted on May 7, 2020 at 08:56 CDT by woody • Comment in the Forums

  For those of you new to this particular piece of AskWoody arcana…

  Every month, I recommend that people pause Windows updating long enough to make sure there aren’t any real stinkers in the Patch Tuesday bunch. That sets up an ongoing tug-of-war. On the one hand, there are inevitable problems with all of the patches. Every month. On the other hand, there’s an ongoing threat that some miscreant will use the patched security holes to make new malware.

  I watch both sides incessantly and try to come up with solid patching recommendations. Been doing it for 14 years.

  You can read about my general approach in a Computerworld article, The case against knee-jerk installation of Windows patches. The AskWoody site has details about the MS-DEFCON system, which I’ve used for years to give normal Windows users a red-light/green-light signal about installing patches. (Very advanced Windows users and admins in charge of many systems are better off following Susan Bradley’s Master Patch List.) Whenever there’s a change in the MS-DEFCON level, I publish detailed, step-by-step instructions in Computerworld.

  Every month, there comes a time when – in my opinion – it’s better to install the (possibly modified) patches than leave the month’s round of patches uninstalled. We’ve just reached such a point. I figure we know enough about the problems at hand to help people who get socked by this month’s patches — and the malware cretins are close enough that it’s time to put the shields up.

  We’re now at MS-DEFCON 3: Go ahead and patch, but watch out for potential problems.

  Details in Computerworld Woody on Windows.

  (Yes, it’s true, my main machines are all on Win10 version 1909. Test machines run other versions and, of course, the Seven Semper Fi machine runs bone-stock Win7. See the Computerworld article.)

  Windows Patches/Security April 2020 Black Tuesday, MS-DEFCON 3

• Where we stand with the April 2020 patches

  Posted on April 29, 2020 at 11:31 CDT by woody • Comment in the Forums

  The Windows patches are throwing all sorts of strange (one-off?) errors. Microsoft has asked for help in identifying the problems (yay!) but we’re having trouble sorting out how to post the problem reports.

  The “missing data” temporary profile bug is still there – and has been since February (or maybe January).

  Office Click-to-Run patch throws VBA compile errors – but they’re there to protect you.

  Susan still hasn’t gotten to the bottom of the v4 Printer Driver disconnected printer bug.

  And I’m sitting here worried what kind of mess we’ll see when MS releases Win10 version 2004.

  Details in Computerworld Woody on Windows.

  Windows Patches/Security April 2020 Black Tuesday

• The bugs in this month’s Win10 version 1903 and 1909 Cumulative Update have prompted MS to issue a call for help – but where’s the telemetry?

  Posted on April 27, 2020 at 07:26 CDT by woody • Comment in the Forums

  It’s good that Microsoft has acknowledged the bugs in this month’s Cumulative Update. I’ve looked and looked, and haven’t found any patterns. So I feel their pain.

  But… why isn’t Windows telemetry picking this stuff up? We’re sending copious quantities of data to Microsoft every time we use Windows. MS says they aren’t using it to sell things to us. Okay. But if the telemetry isn’t there to pinpoint and fix these kinds of problems, why do we bother?

  Details in Computerworld Woody on Windows.

  Windows Patches/Security April 2020 Black Tuesday, telemetry

• Voluminous reports of problems with this month’s Win10 Cumulative Update – but many appear random

  Posted on April 24, 2020 at 09:40 CDT by woody • Comment in the Forums

  Yes, there are lots and lots (and lots) of reports of problems with this month’s Win10 version 1903 and 1909 cumulative update, KB 4549951. I’ll be hanged if I can see any patterns. Aside from the race condition/temporary profile bug, which has been around for months, the rest of the ailments seem random.

  Have you figured out the root cause(s)?

  Details in Computerworld Woody on Windows.

  Just as a reminder: We’re still at MS-DEFCON 2. I see absolutely no reason to install the April patches right now.

  Windows Patches/Security April 2020 Black Tuesday

• Microsoft releases out-of-band patch for Office 2016 Click-to-Run, Office 2019, and Office 365 ProPlus (now known as Microsoft 365 Apps for enterprise)

  Posted on April 22, 2020 at 14:08 CDT by woody • Comment in the Forums

  Even Microsoft didn’t get the name change.

  Security Advisory ADV200004, Availability of updates for Microsoft software utilizing the Autodesk FBX library, describes a handful of out-of-band security patches for various Office click-to-run versions.

  The security holes originate with the Autodesk FBX library, which is buried inside various Office products. (FBX, in case you were wondering, is Autodesk’s file format for animated 3D images.)

  Here are the affected products, according to the Security Advisory:

  • Office 2016 Click-to-Run
  • Office 2019 (which is only available as Click-to-Run – thx, @b)
  • Office 365 ProPlus
  • Paint 3D

  Of course, you’re savvy enough to know that Office 365 ProPlus has officially been renamed to “Microsoft 365 Apps for enterprise” — but don’t tell Microsoft that.

  The bug is marked with a Severity of “Important,” which means it isn’t really all that important. If you have a habit of opening dodgy 3D animation files, watch out. Otherwise, you’re fine.

  Carry on. And stay home.

  Office Patches/Security April 2020 Black Tuesday, Office patches

• The last of the “optional, non-security, C/D Week” patches arrive for Win10 versions 1903 and 1909

  Posted on April 21, 2020 at 12:50 CDT by woody • Comment in the Forums

  They’re out – hopefully for the last time.

  KB 4550945 – dozens of non-security fixes for Win10 versions 1903 and 1909

  KB 4550969 – ditto for Win10 version 1809

  Win10 1803 an d 1609 get similar patches.

  Also, the Win8.1/Server 2012 R2 Monthly Rollup Preview, KB 4550958, is also available.

  By this time next month I expect that we’ll be wrangling with Win10 version 2004 – so the planned demise of “optional, non-security, C/D Week” patches won’t come a moment too soon.

  As always, you don’t want to install them. Patience, grasshopper….

  Thx, @EP

  Windows Patches/Security April 2020 Black Tuesday

• Patch Tuesday update: Confusion over the number of 0days and many reports of failed installs

  Posted on April 15, 2020 at 08:33 CDT by woody • Comment in the Forums

  So far, Patch Tuesday looks pretty stable. Of course, it’s much too early to tell if there are lesser goblins in the mix.

  The main point of contention early Wednesday morning is whether we have three or four “exploited” patches – whether Microsoft had marked three or four patches as zero-days (“Exploited: Yes”). Brian Krebs has a good, and accurate, explanation:

  Many security news sites are reporting that Microsoft addressed a total of four zero-day flaws this month, but it appears the advisory for a critical Internet Explorer flaw (CVE-2020-0968) has been revised to indicate Microsoft has not yet received reports of it being used in active attacks. However, the advisory says this IE bug is likely to be exploited soon.

  As best I can tell, that advisory has always said CVE-2020-0968 is not a zero-day. So it appears as if some security sites are working from outdated information, possibly fed to them by MS.

  The only problem I’m seeing at this early date involves installation errors 0x80070008 , 0x800f0985, 0x800f0986, and 0x800f081f. Those are all pretty common. Usually retrying the installation clears up the error. But it always amazes me when people freak out because a Patch Tuesday patch doesn’t install. Given that there are no pressing security holes this month, you should be glad that the installer didn’t work.

  It’s not a bug, it’s a feature.

  At some point you’ll want to install the Patch Tuesday patches, but for now, sit tight.

  And for those of you who were wondering, nope, there’s no MSRT this month. See the updated text for KB 890830, the Microsoft Malicious Software Removal Tool.

  Windows Patches/Security April 2020 Black Tuesday

• Patch Tuesday bugs appearing already – after installing today’s Office patches, you may trigger a VBA “Compile error: Can’t find project or library”

  Posted on April 14, 2020 at 13:38 CDT by woody • Comment in the Forums

  Official confirmation here:

  When you install one of the Microsoft Office security updates that are listed in Microsoft Common Vulnerabilities and Exposures CVE-2020-0760, you might notice that some types of Visual Basic for Applications (VBA) references are blocked, and you receive an error message….

  If your existing VBA solutions have some VBA object libraries or references that are blocked, the following error message is displayed.

  

  This is a standard message that indicates missing VBA object libraries. If you receive this error message, revisit your current VBA solution, and replace the blocked libraries with local ones.

  It’s going to be a rocky week.

  Office Patches/Security April 2020 Black Tuesday
• « Older Entries