Newsletter Archives

• MS-DEFCON 3: Time to get July security patches applied

  Posted on August 1, 2016 at 05:02 CDT by woody • Comment in the Forums

  The initial wave of changes, coinciding more or less with the expiration of the “free” Windows 10 upgrade, have rippled through the system. It’s time to get your security patches installed.

  For Win7 and 8.1 users, that’s no easy task. For you Win10 users who block updates, it’s time to put through the latest cumulative update, KB 3172985, bringing version 1511 up to build 10586.494. That’s likely to be the last patch to 1511, before you’re upgraded to version 1607, the Anniversary Update.

  Public Service Announcement: If you know anyone who upgraded to Windows 10, and now has Upgrader’s Remorse, point them to my article about recovering from a Win10 upgrade.

  We had some problems this month with Office security patches – in particular the Excel patches KB 3115322, KB 3115262, and Office 365 Click-to-Run version 1605 build 6965.2066. More about that below.

  In a nutshell, now’s a good time to get your Windows security patches applied. To-wit:

  Vista: If you haven’t yet followed the trick for speeding up Windows Update scans, use the method described in this InfoWorld article to first grease the skids. Start Internet Explorer and verify (Help > About) that you’re running Internet Explorer 9. Go into Windows Update (see the Windows Update tab on this page), make sure security patches are checked and non-security patches are unchecked, then run the update.

  Windows 7: I’m no longer recommending that you use Microsoft’s approach to fixing their ridiculously slow Windows Update scans. If you find yourself waiting more than half an hour for Windows Update to scan for updates, follow the instructions on wu.krelay.de to speed up the scans. I hope to have an InfoWorld article out before too long that explains how to put together the fix, but for now, if you have questions, hit me in the comments.

  Check to make sure you’re running Internet Explorer 11. If you’re still running GWX Control Panel, you can safely uninstall it (Control Panel, Add/Remove Programs).

  Go into Windows Update (Start > Control Panel > System and Security > under Windows Update, click Check for updates). Click the link that says “XX important updates are available.” CHECK the boxes next to items that say “Security Update,” “Windows Defender” and “Malicious Software Removal Tool.” UNCHECK the boxes next to any items that aren’t specifically marked as “Security Update.”

  On the left, click the link that says Optional. Uncheck every box that you see, except “Windows Defender,” which should stay checked. (If you installed KB3161608 to speed up Windows 7 update scans, it was replaced/superseded by KB3172605, so you might want to check that one. ) Yes, I’m saying that if a box is checked, uncheck it. Click OK, then Install updates. Reboot.

  Windows 8.1: Follow the instructions for Windows 7, but in Step 3 go into Windows Update by right-clicking on the Start icon and choosing Control Panel. (If you’re running Hyper-V, don’t check KB 3161606. It shouldn’t be offered, as it’s been replaced by KB 3172614. See this scathing report from Aidan Finn.)

  Windows 10: If you’re using the metered connection trick to block updates (still highly recommended), unblock the metered connection long enough to get caught up. If you’re using the wushowhide approach from Noel Carboni, it’s OK to unhide KB 3172985 and KB3173428 (the servicing stack update).

  Office: The latest round of Office security patches broke Excel. Microsoft hasn’t fixed the problem. If you (or your friends or clients) can no longer open Excel files the way they used to — double-clicking on the file brings up a blank spreadsheet — you can blame Microsoft. We’ve been promised a fix, some day, some how. The workaround is abysmal.

  In short, if you have Excel files generated by your own programs (using the technique described in the article), think two or three times before you install KB 3115322 or KB 3115262. If you’re using Office 365 Click-to-Run version 1606, keep it from updating.

  Everybody: Either watch here on AskWoody.com, or follow me on Twitter (@woodyleonhard) or Facebook to keep up on the latest. Microsoft’s releasing patches at a breathtaking rate. It’s a jungle out there. And if you catch something, shoot me email (click on the mail icon in the upper right corner of this page), or post a reply to this blog.

  I’m putting us at MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.

  My usual boilerplate advice:

  For those of you who are new to this game, keep in mind that… You should always use Windows Update to install patches; downloading and installing individual patches (other than the Win7 speedup patch) is a clear sign of impending insanity. I never install drivers from Windows Update (in the rare case where I can actually see a problem with a driver, I go to the manufacturer’s web site and download it from the original source). I use Chrome and Firefox, and only pull out IE when I feel very inclined — but even if you don’t use IE, you need to keep up with its patches.

  Thanks, as always, to Susan Bradley and her in-depth work in Windows Secrets Newsletter.

  Windows Patches/Security July 2016 Black Tuesday, KB 3115262, KB 3115322

• If Excel refuses to open files the way it used to, look at KB 3115322, 3115262

  Posted on July 24, 2016 at 08:05 CDT by woody • Comment in the Forums

  It’s a developer’s nightmare – MS pulls the rug out from under custom Excel solutions.

  InfoWorld Woody on Windows

  Windows Patches/Security Excel opening problems, KB 311526, KB 3115322, KB 3170008, MS16-088