Newsletter Archives

• Microsoft (finally!) acknowledges a bug in Win7 virtual machines after installing the January Monthly Rollup KB 4480963 or Security-only KB 4480964

  Posted on February 12, 2019 at 09:51 CST by woody • Comment in the Forums

  Shout-out to Lounger Freeco, who first notified us of the bug almost two weeks ago.

  The KB articles now say:

  After installing this update, virtual machines may fail to restore after being “Saved and Restored” the first time. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

  This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (2^nd-gen) microarchitectures.

  Workaround:

  After installing this update, shut down the virtual machines before restarting the host.

  Microsoft is working on a resolution and estimates a solution will be available by mid-February 2019.

  Which presumably means it’ll be fixed in today’s Win7 Monthly Rollup.

  Windows Patches/Security January 2019 Black Tuesday, KB 4480963, KB 4480964

• Report of a buggy MSComCTL.ocx in January’s Office patches. Again.

  Posted on February 5, 2019 at 17:42 CST by admin • Comment in the Forums

  Günter Born just posted details (German). Quoting blogger Sam:

  Microsoft once again issues a wrong file version of the MS Common Controls (MScomctl.ocx) for the Office January 2019 updates. It affects the following file:

  18.01.2019 22:33 1’410’216 MSCOMCTL.OCX

  This is particularly stupid for Office 2019 C2R, because there is only a new build. A manual uninstall of the relevant update is not possible.

  In the other versions of Office, I have found absolutely no clues at Microsoft, with which patch in December 2018 or Jan 2019 the wrong MS Common Controls file version is delivered. MS is totally silent here.

  Any of you getting bit by a bad MSComCTL.ocx?

  UPDATE: Looks like the bad, older version is in the February non-security patches, too. Details coming on Born City.

  Office Patches/Security January 2019 Black Tuesday, MSComCTL.ocx

• MS-DEFCON 4: There are a couple of niggling problems, but they’re for (ahem) edge-use cases. Go ahead and get Windows/Office patched

  Posted on February 1, 2019 at 10:38 CST by admin • Comment in the Forums

  For almost everybody, now’s a good time to apply the January patches.

  As usual, there are some tricks.

  Details in Computerworld Woody on Windows.

  Windows Patches/Security January 2019 Black Tuesday, MS-DEFCON 4

• Microsoft Patch Alert: January patches stumbled all over themselves, but they’re finally looking reasonably stable

  Posted on January 30, 2019 at 08:12 CST by admin • Comment in the Forums

  Cold and snow have descended on Middle Tennessee. School’s out for the day. What better activity than to dissect this month’s patches?

  • The usual Win10 Patch Tuesday and “optional” cumulative updates, with a surprise laggard
  • Multiple problems with Win7/Server 2008 Monthly Rollups
  • .NET and activation surprises
  • Office 2010 takes one for the team

  and more.

  Details in Computerworld Woody on Windows.

  Windows Patches/Security January 2019 Black Tuesday

• Patch Watch: Green light for most patches; yellow for Win10 version 1809

  Posted on January 28, 2019 at 03:23 CST by woody • Comment in the Forums

  Patch Lady Susan Bradley’s latest take on patching.

  Out this morning to all AskWoody Plus members, in AskWoody Plus Newsletter 16.3.0, now available FREE online..

  Office Patches/Security, Windows Patches/Security January 2019 Black Tuesday, Patch Watch

• Bingo! Microsoft finally releases this month’s cumulative update for Win10 version 1809, KB 4476976

  Posted on January 22, 2019 at 17:11 CST by woody • Comment in the Forums

  It’s finally out. The first Win10 patch (to the best of my knowledge) that’s been thoroughly tested in the Windows Insider Preview Ring — and I’d be willing to bet that it’s pretty stable.

  Don’t be fooled by the Microsoft Update Catalog date stamp of Jan. 18. The KB article speaks the truth, it was released this afternoon.

  It still has the Jet database (Access 97-style) error and the Edge loading a local IP error. But it claims to fix the Japanese era date problem and the hotspot authentication error, which was an acknowledged problem with the last 1809 update.

  You can install the patch by clicking “Check for updates” (BOOO! HISSSS!) or by manually downloading and installing it from the Microsoft Update Catalog.

  Raise a glass of cheer. We may be witnessing a fix to Microsoft’s fumbled fixing method.

  Windows Patches/Security January 2019 Black Tuesday, KB 4476976

• Susan gives the go-ahead for installing this month’s patches

  Posted on January 21, 2019 at 14:18 CST by woody • Comment in the Forums

  Susan just posted an update on her Master Patch List:

  Note added 1/21/2019: While Woody is still at Defcon 2, I have tested and installed these updates at home/at my office and have not experienced any show stopping issues. While the updates may have known issues up the wazoo, it hasn’t impacted what I need to do on my machines. For those of you that due to patching or PCI/DSS mandates who need to patch now, I’m comfortable with recommending the January security updates be installed at this time. For those of you that defer to Woody’s guidance, please continue to do so at this time. I’m not seeing widespread attacks specifically using this month’s vulnerabilities so it’s still okay to wait until Woody gives the all clear.

  For those of you who need to update a bunch of machines, that seems like excellent advice.

  For those of you concerned about one or a small handful of machines, I’m sticking at MS-DEFCON 2 for a while — don’t patch — to see if any more problems crop up. As Susan says, there’s no imminent threat. But there sure are a lot of buggy details….

  By the way, there’s one overwhelmingly good detail about this month’s patches. Microsoft is actually testing — no, really, testing — the latest cumulative update to Win10 1809. First time ever, for Win10, to my recollection. I hope it becomes standard operating procedure for Win10 versions. Details about that tomorrow.

  Windows Patches/Security January 2019 Black Tuesday

• Incoming: New cumulative updates for Win10 1703, 1709, 1803, and previews for Win8.1 and .NET 4.6

  Posted on January 15, 2019 at 12:25 CST by woody • Comment in the Forums

  They’re coming hot off the presses right now.

  The Microsoft Update Catalog shows 14 new patches, just released. Details coming.

  Nothing for 1809. Yet. It would appear as if using the Windows Insider Preview Ring is working the way it’s supposed to!

  Win10 1803 cumulative update KB 4480976 brings build up to 17134.556

  Win10 1709 cumulative update KB 4480967 brings the build to 16299.936

  Win10 1703 cumulative update KB 4480959 brings the build to 15063.1596

  Looks like they’re only for “seekers” — they only install if you click “Check for updates.” I don’t see them coming in through the Automatic Update chute.

  Win8.1 Preview of Monthly Rollup KB 4480969

  I don’t see anything for Win7.

  UPDATE:
  Win7 Preview of Monthly Rollup KB 4480955 released 17 Jan

  Win10 1607 cumulative update KB 4480977 build 14393.2759 released 17 Jan

  All of them still have the acknowledged Jet database bug.

  Thx @GoneToPlaid

  Windows Patches/Security January 2019 Black Tuesday

• Patch Tuesday patches are here

  Posted on January 8, 2019 at 12:53 CST by woody • Comment in the Forums

  As usual, Martin Brinkmann has the first full list:

  • Microsoft released security updates for all client and server versions of Windows.
  • No critical vulnerabilities in Windows 8.1 and 7.
  • Microsoft released security updates for Microsoft Edge, Internet Explorer, Adobe Flash Player, .NET Framework, Microsoft Office, Microsoft Exchange Server, and Microsoft Visual Studio
  • The Update Catalog lists 187 updates for January 2019.

  Dustin Childs has an interesting take on the patches for the Zero Day Initiative:

  • CVE-2019-0547 – Windows DHCP Client Remote Code Execution Vulnerability
    If you are running Windows 10 or Server version 1803, this patch has to be on the top of your deployment list.

  • CVE-2019-0586 – Microsoft Exchange Memory Corruption Vulnerability
    This corrects a bug in Exchange that could allow an attacker to take control of an Exchange server just by sending it a specially crafted email.

  • CVE-2019-0550, CVE-2019-0551 – Windows Hyper-V Remote Code Execution Vulnerability

  Which means most of you aren’t in the crosshairs. The only known exploit he lists is for the Jet Database engine — another hole found in ancient technology that probably won’t affect you unless you use an old database application.

  There’s also a new Servicing Stack Update for Win10 version 1703, KB 4486458. As if any of you are still running 1703.

  There are January Security-only patches for .NET as well as the Security and Quality Rollups.

  January 2019 Security Updates for Microsoft Office 2010, Office 2013, Office 2016, the Office Viewers, and SharePoint Servers are available on the Office Support Pages. These Updates are for the .msi versions of Office, not Office 365 or C2R.

  UPDATE: It looks like the Win10 version 1803 patch, KB 4480966, may be something you need to install quickly. So far there are no known exploits, and no proof of concept code. But Microsoft is saying it’s bad.

  ….Remote Code Execution in Windows DHCP Client (9.8/8.8) It was internally found & no POC will be released but please, start the year off right and patch. your. systems.

  BTW, the team who found the DHCP vuln is hiring & @metr0 is someone you really want to work with

  — Nate Warfield | n0x08.bsky.social (@n0x08) January 8, 2019

  Will keep you posted as the drama unfolds.

  Windows Patches/Security January 2019 Black Tuesday, KB 4480966

• MS-DEFCON 2: Microsoft’s already yanked four patches. Best to verify Auto Update is turned off

  Posted on January 7, 2019 at 05:43 CST by woody • Comment in the Forums

  The holidays are over, but the Grinch is still on the loose. Make sure your machine is locked down.

  Computerworld Woody on Windows.

  Windows Patches/Security January 2019 Black Tuesday, MS-DEFCON 2

• January 2019 non-Security Office Updates have been posted

  Posted on January 3, 2019 at 06:13 CST by PKCano • Comment in the Forums

  The January 2019 non-Security Office updates were released Wednesday, January 2, 2019. They are not included in the DEFCON4 approval for the December 2018 patches. Unless you have a specific need to install them, you should wait until Susan Bradley (Patch Lady) approves them and any problems have been reported.

  Office 2010

  Update for Microsoft Excel 2010 (KB4461627)
  Update for Microsoft Office 2010 (KB4032217)
  Update for Microsoft Office 2010 (KB4032225)
  Update for Microsoft Office 2010 (KB4461616)

  Office 2013

  Update for Microsoft Project 2013 (KB4461560)
  Update for Skype for Business 2015 (KB4461557)

  Office 2016

  Update for Skype for Business 2016 (KB4461586)
  Update for Microsoft Excel 2016 (KB4461600)
  Update for Microsoft Office 2016 (KB3203480)
  Update for Microsoft Office 2016 (KB4032230)
  Update for Microsoft Office 2016 (KB4461435)
  Update for Microsoft Office 2016 (KB4461533)
  Update for Microsoft Project 2016 (KB4461587)
  Update for Microsoft Visio 2016 (KB4461531)

  There were no non-security listings for Office 2007 (which is out of support).
  Office 365 and C2R are not included.
  Security updates for all supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday).

  UPDATE: As of January 4, 2019, the four January 2019 Updates for Office 2010 (msi version) have been pulled by Microsoft and are no longer available for download. If you have problems with the Office programs, Microsoft recommends uninstalling the updates.

  Office Patches/Security January 2019 Black Tuesday, Office 2010, Office 2013, Office 2016, Office 2019, Office non-security patches, Office non-security updates, Office updates