Newsletter Archives

• Were the January Office security updates just re-released?

  Posted on February 12, 2018 at 07:07 CST by woody • Comment in the Forums

  Anybody have info on a recent re-release of Office security patches?

  On my main production machine (Win10 1703, Office 2013) I just got a Windows Update notification for all sorts of January Office (and Flash) security patches:

  • Security Update for Microsoft Office 2013 (KB4011580) 64-Bit Edition
  • Security Update for Microsoft Excel 2013 (KB4011639) 64-Bit Edition
  • 2018-01 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x64-based Systems (KB4056887)
  • Security Update for Microsoft Outlook 2013 (KB4011637) 64-Bit Edition
  • Security Update for Microsoft Office 2013 (KB4011636) 64-Bit Edition
  • Security Update for Microsoft Word 2013 (KB4011651) 64-Bit Edition

  I last installed updates on Feb 5 — when we went to MS-DEFCON 3.

  I just re-ran and re-checked the KBNew list. Nothing there from Office 2013.

  Did I miss something?

  Office Patches/Security January 2018 Black Tuesday

• A quick overview of January patching recommendations for Windows

  Posted on February 6, 2018 at 08:11 CST by woody • Comment in the Forums

  This web site is getting hammered. Sorry about that, but there’s a reason why the main discussion thread for installing January 2018 takes a long time to load – lots of comments, lots of people. We’re redlining the server again, folks, and it’s the beefiest one currently available from our host.

  For those of you looking for the bottom line on patching Win7 and 8.1, I’d like to repeat the posts from @PKCano and @MrBrian.

  Starting with @MrBrian:

  For any manually-installed Windows update from January 2018 and later: If you use antivirus, you must ensure that the antivirus-related registry item was set by your antivirus before proceeding with manual installation. If you don’t use antivirus, set the antivirus-related registry item, so that Windows Update won’t blacklist relevant updates.

  Windows 7 Monthly Rollup (“Group A”) – recommended:

  If Windows Update offers KB4056894 then install it. If Windows Update doesn’t offer KB4056894, then if Windows Update offers KB4057400 then install it. If neither update is offered, then wait for the February 2018 Windows updates.

  Windows 7 Security-only patch (“Group B”) – for those who only want the security update, and none of the additional patches:

  Manually install KB4073578. Manually install KB4056568.

  Windows 8.1 Monthly Rollup (“Group A”) – recommended:

  If Windows Update offers KB4056895 then install it. If Windows Update doesn’t offer KB4056895, then if Windows Update offers KB4057401 then install it. If neither update is offered, then wait for the February 2018 Windows updates.

  Windows 8.1 Security-only patch (“Group B”) – for those who only want the security update, and none of the additional patches:

  Manually install KB4077561. Manually install KB4056568.

  @PKCano has a slightly different approach – with observations for Windows 10.

  As a prelim:
  1. Update your Anti-virus to the latest version of the PROGRAM. Check to be sure the ALLOW Regkey is set.
  2. Verify whether your CPU is Intel or AMD.
  3. Backup your computer!!!!!
  4. Rule: DO NOT CHECK ANYTHING THAT IS NOT CHECKED BY DEFAULT

  The following are only my choices. Make the choices as applies to your case.

  Windows 7 Monthly Rollup (“Group A”):
  I installed KB4056894 Monthly Rollup. If you have AMD and you feel unsure, download KB4073578 and install it manually first then the Rollup. See AKB2000003. EDIT: See @abbodi86 ‘s comment at #165285. Normally it is not recommended to install unchecked Preview patches, but in this case KB4057400 Preview probably contains the AMD fixes found in KB4073578.
  I installed MSRT
  I installed all the Office 2010 updates
  I have .NET 4.7 on all machines. I did not install .NET 4.7.1 (unchecked).
  My choice for .NET has always been the Rollups offered by WU.

  Windows 8.1 Monthly Rollup (“Group A”):
  I installed KB4056895 Monthly Rollup. If you have AMD and you feel unsure, download KB4073576 and install it manually first then the Rollup. I suspect the PIC/APIC problem will be fixed in the Feb Rollup. See AKB2000003. EDIT: See @abbodi86 ‘s comment at #165285. Normally it is not recommended to install unchecked Preview patches, but in this case KB4057401 Preview probably contains the fixes found in KB4073576 and KB4077561.
  I installed the IE Flash update
  I installed MSRT
  I installed all the Office 2010 updates
  I have .NET 4.7 on all machines. I did not install .NET 4.7.1 (unchecked).
  My choice for .NET has always been the Rollups offered by WU.

  Win10 1703
  Using wushowhide I hid KB4023057, KB4073543, and KB4056254
  I installed CU KB4057144 Build 15063.877
  I installed all the other non-driver patches.

  Win10 1709
  I have KB4056892 Build 16299.192 installed.
  I was not offered KB4058258 Build 16299.214 through WU and I did not try to manually install it. It seems to have an installation problem as noted here.

  @PKCano’s approach to Win7 and 8.1 patching is slightly more aggressive than @MrBrian’s. Both ways are valid (and better than the directions I gave in the Computerworld article). You should choose @MrBrian’s approach if you aren’t overly concerned about a looming Meltdown/Spectre attack. But if you’re worried about an imminent attack (which is to say, one that happens before the February patches have time to stew), go with @PKCano’s approach.
  

  Other, Uncategorized January 2018 Black Tuesday

• MS-DEFCON 3: Lots of caveats, but it’s time to get patched

  Posted on February 5, 2018 at 11:19 CST by woody • Comment in the Forums

  The January 2018 patches are now history. Thank heavens.

  I hesitate to say it, but it’s time to take proper precautions, and get the January patches installed.

  Just make sure you don’t do anything stupid, OK?

  Extended definition of “stupid” in Computerworld Woody on Windows.

  Uncategorized January 2018 Black Tuesday, MS-DEFCON 3

• Patch Alert: There are still lots of problems with the January patches

  Posted on January 25, 2018 at 11:15 CST by woody • Comment in the Forums

  Computerworld Woody on Windows.

  Now… tell me what I missed!

  @PKCano picked up… With the release of KB 4077561 yesterday, Microsoft has fixed many of the acknowledged problems with this month’s Monthly Rollup and Security-Only (manual installation) patches for Win8.1.

  (Kb 4077561 is for Win8.1 only.)

  Windows Patches/Security January 2018 Black Tuesday

• More problems with this month’s patches

  Posted on January 21, 2018 at 07:35 CST by woody • Comment in the Forums

  The fun never ends.

  The Win8.1 Monthly Rollup, KB 4056895, now has an acknowledged bug:

  After installing this update, some systems running both PIC and APIC interrupt controllers may experience system crashes.

  You hardware folks may know… when is a Windows user likely to have both PIC and APIC enabled? (Thx to the anonymous poster who mentioned this.)

  I’m happy to report that there were no new patches distributed through the Windows Update Catalog yesterday, Saturday Jan. 20.

  Other than the problems I’ve documented in Computerworld, any other bugs lurking?

  Windows Patches/Security January 2018 Black Tuesday

• January Patch Tuesday overview

  Posted on January 10, 2018 at 10:25 CST by woody • Comment in the Forums

  My summary:

  What you’re witnessing is a colossal “Sky is Falling” routine, aided and abetted by folks who are going to make money from the havoc. Don’t fall for the hype. Get the facts, get your antivirus house in order, change the Equation Editor entries if you’re very concerned, and you’re good to go. For now.

  It’s really that simple. We’re still at MS-DEFCON 2.

  Computerworld Woody on Windows.

  P.S. If you ever wondered why I don’t get any Christmas cards from Microsoft, well, now you know.

  Windows Patches/Security January 2018 Black Tuesday

• January security patches are out

  Posted on January 9, 2018 at 12:22 CST by woody • Comment in the Forums

  The Release Notes are up. A total of 93 separate patches.

  SANS Internet Storm Center posted its usual list. 

  No known exploits.

  Weird. The Jan. 3 patches are listed in the Update Summary Guide as Jan. 9.

  Holy Guacamole, Bitman. Martin Brinkmann just posted his overview at ghacks.net and it goes on for pages and pages and pages.

  There’s some confusion about the Equation Editor vulnerability. You may recall that the original hole, CVE-2017-11882, was patched in November. This new patch, for CVE-2018-0802, takes the nuclear option — it removes Equation Editor from Word. @yuhong2 advises on Twitter that the Eqn Editor EXE turns into 0 bytes, so it’s even dead with WordPad.

  UPDATE: It looks like the Equation Editor patch is the only patch in this month’s crop that has known exploits.

  Windows Patches/Security January 2018 Black Tuesday

• Multiple reports of blue screens (BSODs) 0X000000C4 when installing the January Win7 Monthly Rollup KB 4056894

  Posted on January 5, 2018 at 17:01 CST by woody • Comment in the Forums

  We’ve seen many reports here on AskWoody.

  There’s also a thread on Reddit. More on MyDigitalLife.

  Some reports are detailed. Some are — well, they’re complaints. If you can imagine. AMD machines are being pinpointed.

  If you hit a blue screen, or you know someone who did, please post about it here. Include your processor type (Intel or AMD), which version of Windows you’re using, which antivirus you’re using, and whether you installed the patch manually or via Windows Update.

  UPDATE: Lots and lots of reported problems.

  TechNet: Blue Screen after KB4056894

  Answers Forum: STOP: 0x000000C4 after installing KB4056894 – 2018-01 Security Monthly Quality Rollup for WIndows 7 for x64 

  Overclockers UK: Warning on KB4056894 (Intel/AMD) Fix caused Operton Bluescreen/STOP

  Reddit: Problems with Windows 7 Quality Rollup (KB4056894)

  Thanks for the links, everyone.

  Windows Patches/Security 0X000000C4, January 2018 Black Tuesday, KB 4056894
• « Older Entries