Newsletter Archives

• A few smallish gremlins still infest Win10 20H2 and 2004

  Posted on November 8, 2020 at 21:05 CST by Tracey Capen • Comment in the Forums

  ON SECURITY

  By Susan Bradley

  With the release of Windows 10 20H2, May’s Version 2004 has moved into an elder-sibling role.

  But that doesn’t mean that the spring update no longer has growing pains. Currently in the process of upgrading my systems to Version 2004, I’ve not run into any significant problems. But that’s not the case for everyone.

  Read the full story in AskWoody Plus Newsletter 17.44.0 (2020-11-09).

  AskWoody Plus Newsletter, Security AskWoody Plus Newsletter, group policy, Win10 2004, Win10 20H2, Windows upgrades

• Win10 v1709 “Preview Builds/Feature Updates deferral” Group Policy blocks Security Updates

  Posted on November 20, 2017 at 11:22 CST by PKCano • Comment in the Forums

  This came in from Klaasklever

  FYI:

  The Win 10 v1709 “Select when Preview Builds and Feature Updates are received”
  Group Policy (located under Computer Config –> Admin Templates –>
  Windows Components –> Windows Update –> Windows Update for Business)
  incorrectly blocks all Cumulative Security Updates.

  If enabled and set to anything greater than 0 days, not only feature updates
  (i.e. upgrades to a new semi-annual Windows Version) are blocked,
  but all cumulative security updates are wrongly blocked as well!

  This might cause some headaches for admins…

  See my following post on Technet:

  https://social.technet.microsoft.com/Forums/en-US/16172050-6cec-4e5d-b0fb-884b79571de0/win-10-v1709-preview-buildsfeature-updates-deferral-group-policy-incorrectly-blocks-cumulative?forum=win10itprosecurity

  Cheers!
  Klaasklever

  Is anyone else seeing this behavior?
  Other, Windows Patches/Security Block Win10 updates, group policy, Win10 1709, Windows Update

• Microsoft acknowledges permission problems with MS16-072 patches KB 3159398, 3163017, 3163018, 3163016

  Posted on June 16, 2016 at 08:21 CDT by woody • Comment in the Forums

  It took 36 hours, but they came clean.

  InfoWorld Woody on Windows

  Rod Trent notes on WindowsITPro that there’s a PowerShell script that will go out and see if any of your domain’s computers are affected.

  UPDATE: Susan Bradley notes this “doesn’t have to be listed in the client side patches – Windows 10 for example. The fix for this group policy mess has to be done on the servers.  so 2012/2012 r2 is where the known issue stuff should be documented.”

  That means if you see the problem on your machine (client, not server), your admin has to solve the problem. And the solution is in the KB article directed to your admin.

  
  Windows Patches/Security group policy, KB 3159398, KB 3163016, KB 3163017, KB 3163018

• Security update for Group Policy, KB 3159398, breaks Group Policy

  Posted on June 15, 2016 at 09:56 CDT by woody • Comment in the Forums

  I’m coming up to speed on this one, on a very busy Wednesday morning. Anything new to add?

  From DC_FS on the TechNet forum:

  I found out that if you give the Group authenticated users the right to read the GPO (Just Read, not to  Apply the GPO) then the Policies work again.

  Details from Rod Trent on WindowsITPro.

  Windows Patches/Security group policy, KB 3159398