Newsletter Archives

• It’s time to get Windows, Office, Net, and the others updated

  Posted on December 31, 2016 at 10:16 CST by woody • Comment in the Forums

  Compleat step-by-step instructions for the faint hearted.

  InfoWorld Woody on Windows

  Windows Patches/Security December 2016 Black Tuesday

• MS-DEFCON 3: Cautiously update Windows and Office

  Posted on December 29, 2016 at 12:29 CST by woody • Comment in the Forums

  It’s been a difficult month for Windows patches. If you’ve been following along here you know about:

  • Odd Windows driver updates, distributed through Windows Update, that include a Realtek Win10 driver being pushed onto Win7 machines
  • Undocumented rollbacks of “INTEL – System” drivers, with a specific recommendation to bypass the “Intel System 8/19/2016 12:00:00 AM 10.1.2.80” patch
  • An Active Directory Admin Center console conflict with the Win7 December Security-only patch
  • A hotfix for Windows 10, build 14393.577, that isn’t available through Windows Update – or even acknowledge on the Win10 update page
  • Conflicts between the .NET Security/Quality rollups and SQL Server and Veritas (which I incorrectly reported as Microsoft pulling KB 3210137 and 3210138). The confusion over the patch numbers was resolved by Abbodi, “Both .NET 4.6.2 updates are identical it seems they created the security-only update just to comfort the non-security haters. Apparently they didn’t feel the same or have the time to do that with other .NET versions.”
  • A conflict between the Win10 version 1607 cumulative update KB 3206632 and IP addressing
  • An enormous amount of misinformation (not Microsoft’s fault) about the way the Win10 1607 cumulative update solved the “dropped internet connection” bug

  And those are just the highlights.

  I count nearly a hundred Office patches this month, for Office 2003 (!), 2007, 2010, 2013 and 2016. Microsoft lists just one known bug in Word –

  Customers have reported that automatic saving of files doesn’t always function, resulting in loss of data and other work… We’re aware of this issue and are investigating it. When we have more information, we’ll provide it here.

  There are fixes or workaround for other acknowledged bugs in Outlook, Excel, PowerPoint and OneNote.

  Anyway, enough time has elapsed that I think we know about the major problems, and it’s time to get Windows and Office patched.

  I’ll post these instructions in InfoWorld on Monday, but for now, here’s the gist of it.

  If you have Win7 or 8.1 Automatic Update set to “Never” or “Check but don’t download,” it’s time to get your system patched. If you have Win10 and you followed one of the many paths to blocking forced updates, now would be a good time to release the blocks and let Windows Update do its thing.

  Those of you who haven’t updated Windows 7 or 8.1 since the patchocalypse in October need to decide if you’re in Group A (those who will take all the changes Microsoft has to offer, telemetry-laden or not) or in Group B (you only want security updates).

  Once you’ve made that decision, follow the steps outlined in “How to cautiously update Windows 7 and 8.1 machines.” (Be aware that article is more than a little controversial. You can see much of the debate on AskWoody.com.)

  For those in Group B, the update you want from the Microsoft Catalog is as follows:

  • Win7 64-bit
  • Win7 32-bit 
  • Win 8.1 64-bit 
  • Win 8.1 32-bit 

  One important caveat: Do NOT install any optional drivers. As ch100 noted earlier today:

  I can say with a degree of certainty that the Chipset drivers being pushed are related to improving chances of a successful Windows 7/8.1 upgrade in place to Windows 10. They are Windows 10 compatible and there is no other reason to install Windows 10 drivers on a lower version of Windows, when the current drivers are functional.

  On the other hand, if you hit a Recommended driver, you should probably install it.

  The instructions for Group A and Group B take you through the process of checking for updates (including driver updates), for Office patches and for .NET security patches. Although there’s a problem with one of the pieces of one of the .NET patches, it appears to be limited to Windows 8.1 machines running SQL Server. I’d guess that very few of you fall into that category.

  If you’re on the Windows 10 side of the fence, follow the steps in “Woody’s Win10Tip: Apply updates carefully.”

  If you hit any problems, hit me in the comments!

  Next month’s going to be interesting. We bid a (fond??) farewell to the Security Bulletin system, and ring in a new ring of hand wringing. Oh boy.

  Windows Patches/Security December 2016 Black Tuesday

• It’s still too early to apply December patches

  Posted on December 22, 2016 at 12:22 CST by woody • Comment in the Forums

  I’ll be looking again early next week, but we’ve had several monkey wrenches so far this month.

  Patience. If you aren’t using Internet Explorer or Edge, and you avoid Flash, you’re fine.

  MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

  Windows Patches/Security December 2016 Black Tuesday

• Don’t apply any updates just yet

  Posted on December 13, 2016 at 13:54 CST by woody • Comment in the Forums

  I know the updates are out. But hold off installing them. We don’t know if there are any major problems.

  Reminder: We’re still at MS-DEFCON 2, and will likely stay there for a week or longer.

  Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

  UPDATE: I moved to MS-DEFCON 3 on Dec. 29. Cautious patching is in order. See https://www.askwoody.com/2016/ms-defcon-3-cautiously-update-windows-and-office/

  Windows Patches/Security December 2016 Black Tuesday

• Windows 10 cumulative updates out

  Posted on December 13, 2016 at 12:40 CST by woody • Comment in the Forums

  Sunuvagun, the Win10 update page has been updated, and it IS showing KB 3201845/version 1607 build 14393.479.

  The Reddit thread is up. If you have any problems, that’s the place to go. Several Microsoft employees are there, and they’re helping!

  @teroalhonen caught a key change: “Addressed a service crash in CDPSVC that in some situations could lead to the machine not being able to acquire an IP address.” That’s the fix for the mysterious “Wi-Fi doesn’t have a valid IP configuration” bug.

  It looks like the 100% drive problem with KB 3201845 has been solved.

  I’d strongly suggest you wait to install the Win10 updates until we’ve had a chance to get some feedback. The response to KB 3201845/version 1607 build 14393.479 was not kind.

  Windows Patches/Security December 2016 Black Tuesday

• MS-DEFCON 2: Make sure automatic update is turned off

  Posted on December 4, 2016 at 07:59 CST by woody • Comment in the Forums

  We’ll see a bunch of Office patches on Tues, Dec. 6, so now would be a good time to make sure you have Windows Automatic Update turned off.

  If you’ve been following my instructions, it’s already turned off, but if you’re not sure, see the “Automatic Updates” tab at the top of this page.

  Yes, that applies to Windows 10 as well. You Win10 Home users would be well advised to switch over to a Wi-Fi connection and set it to metered.

  If you’re using Office Click-to-Run (from Office 365), you should switch its automatic updating off, too. Microsoft describes how in KB 2753538.

  Windows Patches/Security December 2016 Black Tuesday

• Avoid yesterday’s “preview” patches, including KB 3197869 and 3197875

  Posted on November 16, 2016 at 07:56 CST by woody • Comment in the Forums

  A reminder about “preview” patches – and why you don’t want them.

  InfoWorld Woody on Windows

  Windows Patches/Security December 2016 Black Tuesday, KB 3197869, KB 3197875

• Third Tuesday patches just appeared, with one surprise

  Posted on November 15, 2016 at 14:30 CST by woody • Comment in the Forums

  Microsoft just released:

  .NET rollup previews

  https://support.microsoft.com/kb/3195382

  https://support.microsoft.com/kb/3195383

  https://support.microsoft.com/kb/3196684

  https://support.microsoft.com/kb/3196686

   

  Preview of non-security part of Monthly rollup for Win7

  https://support.microsoft.com/kb/3197869

   

  Preview of non-security part of Monthly rollup for Win 8.1

  https://support.microsoft.com/kb/3197875

   

  Preview of non-security part of Monthly rollup for Win8 Embedded

  https://support.microsoft.com/kb/3197878

   

  Windows 10 1511 (Fall Update) patch to make it possible to install cumulative updates – just had its metadata changed.

  https://support.microsoft.com/kb/3191208

  With Win 7 and 8.1, that usually means it went from Optional to Recommended. With Win10 – who knows?

  If you have Win 7 or 8.1, you don’t want any of them. Wait for them to bake. As for the 1511 patch… let’s see what happens.

  Windows Patches/Security December 2016 Black Tuesday, KB 3191208