Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • MS-DEFCON 2, October Windows updates, and KRACK

    Posted on October 17th, 2017 at 10:21 woody Comment on the AskWoody Lounge

    I’m moving us down to MS-DEFCON 2. No, installing this month’s patches isn’t a good idea. But the situation that caused me to run up to MS-DEFCON 1 has been fixed.

    Microsoft fed the wrong updates to Windows Update servers (WSUS and SCCM) for four hours on Tuesday. Those bad updates – actually, combination of updates – caused many machines to throw blue screens. All of the affected machines were on Update servers. And by now all of those Update servers have been cleaned up. I hope.

    Still, the enormous number of problems with this month’s patches looms, with some new bugs just now coming to light.

    Many of you have written, asking if you need to apply the October Windows patches to protect against the KRACK Wi-Fi WPA2 security hole.

    Microsoft released a Security Alert yesterday that says, in effect, not to worry about KRACK because the hole was plugged in last week’s patches. Which is fine. But that’s no reason to run out and install the October Patch Tuesday patches right away. As of this moment, there are no known active breaches using KRACK, and there aren’t likely to be any anytime soon.

    KRACK is a real, significant threat, but it isn’t something you have to fix right away. Somebody may figure out a way to insert themselves into your Wi-Fi conversations using the KRACK approach, but “general availability” of that kind of exploit is a long way off — certainly months, possibly years.

    Stay cool. Keep calm. And let’s see if Microsoft fixes any more of the October bugs.

  • MS-DEFCON 1: Patches failing at a phenomenal rate

    Posted on October 12th, 2017 at 09:59 woody Comment on the AskWoody Lounge

    Blue screens, bungled releases, stealthy NET upgrades, CRM blocks and complex manual fixes. It’s shaping up to be one hell of a patch-encumbered month, with KB 4041676 and KB 4041691 and the error INACCESSIBLE BOOT DEVICE leading the downward spiral.

    Computerworld Woody on Windows.

    Oh, and I switched over to MS-DEFCON 1. You’d have to be a certified masochist to install this month’s patches.

  • Patch Tuesday patches are out

    Posted on October 11th, 2017 at 06:30 woody Comment on the AskWoody Lounge

    Two detailed reports: Tuesday’s report on Computerworld Woody on Windows, and a Wednesday morning update. There’s a whole lot going on.

    Of course, we’re at MS-DEFCON 2, so you shouldn’t install any of these.

    I count 151 separate security patches, and 48 Knowledge Base articles. Nothing unexpected.

    The Release Notes point to four known bugs:

    The cumulative update for Win10 Creators Update, version 1703 – which sports dozens of fixes — has a couple of problems: Systems with support enabled for USB Type-C Connector System Software Interface (UCSI) may experience a blue screen or stop responding with a black screen when a system shutdown is initiated, and it may change Czech and Arabic languages to English for Microsoft Edge and other applications.

    The cumulative update for Win10 Anniversary Update, version 1607, has a handful of problems: downloading updates using express installation files may fail, after installing a delta update package, the KB numbers appear twice under Installed Updates, package users may see an error dialog that indicates that an application exception has occurred when closing some applications. 

    The cumulative update for the original version of Win10, usually called 1507, has a similar problem: package users may see an error dialog that indicates that an application exception has occurred when closing some applications. Apparently this fix is only for the LTSC version.

    The Monthly Rollup for Win7 also has an acknowledged bug: an error dialog that indicates that an application exception has occurred when closing some applications.

    Anybody see any other bugs?

    NOTE: There may be a big flaw in DNS being patched this month. CVE-2017-11779 Kelly Jackson Higgins on the DarkReading site has some details. From the definitive post by Nick Freeman at Bishop Fox:

    if an attacker controls your DNS server (e.g., through a man-in-the-middle attack or a malicious coffee-shop hotspot) – they can gain access to your system. This doesn’t only affect web browsers – your computer makes DNS queries in the background all the time, and any query can be responded to in order to trigger this issue.

    With all that doom and gloom, Microsoft says the flaw hasn’t been exploited, and rates it as “Exploitation Less Likely.”

    UPDATE: Martin Brinkmann has his usual exhaustive list on ghacks:

    • Windows 7: 20 vulnerabilities of which 5 are rated critical, 15 important
    • Windows 8.1: 23 vulnerabilities of which 6 are rated critical, 17 important
    • Windows 10 version 1607: 29 vulnerabilities, 6 critical, 23 important
    • Windows 10 version 1703: 29 vulnerabilities of which 6 are rated critical, 23 important

    I stand in awe of Brinkmann’s ability to turn this around so quickly!

    ANOTHER UPDATE: Looks like several of the Office patches are to fix CVE-2017-11826, a bug in Word discovered by Qihoo 360. Catalin Cimpanu at Bleeping Computer has details. Apparently there’s an exploit already in the wild, dating back to August.

    There’s a long list of related fixes in KB 4011217, Description of the security update for SharePoint Enterprise Server 2016: October 10, 2017

    The Office update list is out: 27 non-security patches, 26 security patches, including key end-of-life patches for Word 2007, Word Viewer, and the Office Compatibility Pack.

    Adobe has told Brian Krebs that they have no security updates today.

  • MS-DEFCON 2: Check to see that Auto Update is turned off

    Posted on October 10th, 2017 at 04:27 woody Comment on the AskWoody Lounge

    Looks like there’s a slew of patches waiting, for a dozen different platforms, including all versions of Windows (even RT 8.1!), Office, IE, Skype and more.

    So much fun.

    Computerworld Woody on Windows.

  • Office non-security patches for October 2017 are available

    Posted on October 3rd, 2017 at 14:00 PKCano Comment on the AskWoody Lounge

    These are October patches. They are NOT covered under the current MS-DEFCON 3 umbrella for September patches. You do NOT want to install them yet (unless you want to be an unpaid Beta tester).

    Office 2013

    Update for Microsoft Access 2013 (KB3172543)
    Update for Microsoft Excel 2013 (KB4011181)
    Update for Microsoft Office 2013 (KB4011148)
    Update for Microsoft Office 2013 (KB4011169)
    Update for Microsoft Project 2013 (KB4011156)
    Update for Microsoft Visio 2013 (KB4011149)
    Update for Microsoft Word 2013 (KB4011150)

    Office 2016

    Update for Microsoft Access 2016 (KB4011142)
    Update for Microsoft Excel 2016 (KB4011166)
    Update for Microsoft Office 2016 (KB4011036)
    Update for Microsoft Office 2016 (KB4011135)
    Update for Microsoft Office 2016 (KB4011139)
    Update for Microsoft Office 2016 (KB4011144)
    Update for Microsoft Office 2016 (KB4011158)
    Update for Microsoft Office 2016 (KB4011167)
    Update for Microsoft PowerPoint 2016 (KB4011164)
    Update for Microsoft Project 2016 (KB4011141)
    Update for Microsoft Visio 2016 (KB4011136)
    Update for Microsoft Word 2016 (KB4011140)

    Office 2007 is on extended support. It no longer receives non-security updates. There were no updates listed for Office 2010. Security patches for all current supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday)