Newsletter Archives

• MS-DEFCON 4: Time to get patched, unless you’re using Win10 Fall Creators Update, version 1709

  Posted on December 22, 2017 at 12:46 CST by woody • Comment in the Forums

  If you got stuck with 1709 and it’s too late to roll back, stop using Internet Explorer or Edge, and wait until Microsoft gets its act together.

  Computerworld Woody on Windows.

  Windows Patches/Security December 2017 Black Tuesday, MS-DEFCON 4, Win10 1709

• Microsoft confirms bugs in this month’s Win10 1709 cumulative update

  Posted on December 21, 2017 at 01:02 CST by woody • Comment in the Forums

  Update on these bugs and two more — an Excel 2016 security patch bug from last month, and an Exchange Server security patch bug from this month — Computerworld Woody on Windows.

  Of course, you’ve known about it all along.This month’s cumulative update for Win10 1709 is a mess.

  Besides, we’re still on MS-DEFCON 2, so you didn’t try to install this month’s patches – and you aren’t running Win10 Fall Creators Update, anyway, right?

  Right?

  MS just posted confirmation of what we’ve known for some time: KB 4054517 installation may freeze at 99%, and Windows Update History may throw a bogus Error 0x80070643

  There’s a manual fix for the former, and an apology for the latter. For those of you who lost hours (or in some cases days) trying to figure out why your machine didn’t get the latest build of the latest version working, well, here’s your Automatic Update lump of coal.

  MS says it will provide an update in an upcoming release.https://support.microsoft.com/en-us/help/4054517/windows-10-update-kb4054517

  Windows Patches/Security 0x80070643, December 2017 Black Tuesday, KB 4054517

• December Patch Alert: Mostly clear sailing, if you aren’t using Win10 Fall Creators Update

  Posted on December 20, 2017 at 12:28 CST by woody • Comment in the Forums

  We were lucky this month – very few bugs, except for those who tried to update Win10 version 1709.

  Computerworld Woody on Windows.

  Windows Patches/Security December 2017 Black Tuesday

• December Patch Tuesday is out

  Posted on December 12, 2017 at 13:38 CST by woody • Comment in the Forums

  Full coverage in Computerworld Woody on Windows.

  As usual, Martin Brinkmann has an excellent detailed list on ghacks.net:

  • Windows 7: 2 vulnerabilities, all rated important (which means that they aren’t, really)
  • Windows 8.1: 2 vulnerabilities, all rated important
  • Windows 10 version 1607: 3 vulnerabilities, all rated important
  • Windows 10 version 1703: 3 vulnerabilities, all rated important
  • Windows 10 version 1709: 3 vulnerabilities, all rated important

  Yes, that means there are no “critical” updates for Windows.

  IE and Edge aren’t so lucky — 9 and 12 critical updates, respectively – but then again, you don’t use IE or Edge, do you?

  Office patches are available KB article 4055454. One for Office 2007, three for Office 2010, and the usual bunch for Office 2013 and 2016. Looks like they have changed the format on that page.

  Reminder: We’re at MS-DEFCON 2. Wait for the cannon fodder to fod. Or do they fud? At any rate, there’s absolutely NO REASON to install any of the updates right now.

  I’ll keep you posted, of course.

  UPDATES:

  PKCano reports that the MSRT is checked on a Win7 machine today. I can confirm on my “Group A” VM.

  Big update: All of the Office security patches apparently disable DDE. https://www.askwoody.com/forums/topic/december-patch-tuesday-is-out/#post-151624

  Windows Patches/Security December 2017 Black Tuesday

• MS-DEFCON 2: Make sure you have Windows Automatic Update turned off

  Posted on December 11, 2017 at 03:55 CST by woody • Comment in the Forums

  We’ve had a very rocky few months – and amazing array of buggy patches, dutifully vetted by the unpaid beta testers. Don’t volunteer your machine.

  You need to patch sooner or later, but there’s no reason to patch to Microsoft’s schedule.

  Computerworld Woody on Windows.

  Windows Patches/Security December 2017 Black Tuesday, MS-DEFCON 2