Woody Leonhard

About the Author Woody Leonhard


Buggy Win10 1709 cumulative update KB 4074588 redlining, bluescreening, borking USB

At least it isn’t as bad as last month’s three cumulative updates for the bestest version of Windows 10 — on Jan. 3, Jan. 18, and Jan. 31 — but many people running the latest version of Windows 10, version 1709, are wondering why and how this month’s 1709 cumulative update is messing things up.

Broken USB ports

By far, the most common problem involves broken USB ports: Install this month’s cumulative update for Win10 Fall Creators Udpate, and your USB-connected devices stop working. There’s a lengthy discussion on AskWoody. One anonymous poster says:

To read this article in full, please click here

Read more 0 Comments

Microsoft is distributing security patches through insecure HTTP links

The Microsoft Update Catalog uses insecure HTTP links – not HTTPS links – on the download buttons, so patches you download from the Update Catalog are subject to all of the security problems that dog HTTP links, including man-in-the-middle attacks.

Security researcher Stefan Kanthak, writing on Seclist’s Bugtraq mailing list, elaborates:

Even if you browse the “Microsoft Update Catalog” via the HTTPS link,  ALL download links published there use HTTP, not HTTPS!

That’s trustworthy computing … the Microsoft way!

Despite numerous mails sent to <secure () microsoft com> in the last years, and numerous replies “we’ll forward this to the product groups,” nothing happens at all.

To read this article in full, please click here

Read more 0 Comments

February patches bring ominous Outlook fixes and a rebirth of KB 2952664

The very early reports are in, and it looks like this month’s monstrous panoply of patches isn’t as destructive as last month’s – so far, at least. Aside from a few reported incompatibilities, the big news involves two Outlook security holes that kick in when you download email, or preview a message. There are no known exploits, but if you use Outlook, you need to understand the dangers – and should seriously consider patching sooner rather than later.

First, the blast. Yesterday, Microsoft released its usual Patch Tuesday security updates, which include 50 separately identified security holes (CVEs). Those 50 are in addition to the one Adobe Flash Player security hole, CVE 4074595, that was plugged on Feb. 6. Of the 50, 14 are rated Critical, 34 rated Important (which means they aren’t) and two are Moderate.

To read this article in full, please click here

Read more 0 Comments

Get Windows Update locked down in preparation for this month’s problems

Read more 0 Comments

Surface Pro 4 batteries and TypeCovers are dropping like flies

Many Surface Pro 4 customers are angry as hell. Not only are their screens getting the shakes; their batteries are dying prematurely and, in some cases, their TypeCovers turn into boat anchors.

Surface Pro 4 screen flicker problems persist. Per the Flickergate website:

We are customers of Microsoft who have invested $1500+ on new Surface Pro devices which have developed screen flickering, rendering the devices unusable. The flickering normally occurs 1 year after purchase when the warranty is already expired. This means that owners are forced to pay $800 for an out-of-warranty exchange from Microsoft. However, many users experience the same flickering on their refurbished Surface Pro replacements.   2000+ customers have complained on Microsoft’s support forums and this number is growing by the day.  However, Microsoft has not acknowledged the issue.   We recommend potential buyers to AVOID surface pro devices until Microsoft has fixed this problem because there is a high chance that your device will become unusable within a year.

To read this article in full, please click here

Read more 0 Comments

Hold your breath, avoid the snake oil, and get Windows updated

January 2018 was a month that will go down in patching infamy. Looking back on my notes, we had patches released, yanked, re-released and/or re-re-released on 15 different days in January. Untold thousands of machines were bricked by Microsoft patches. Millions of hours were lost chasing down bad patches and bad advice.

Although there were a couple of real bugs fixed in the January patches — the Equation Editor vulnerability being suspect #1 — most of the angst was completely superfluous. The Meltdown/Spectre patches at the heart of the drama attacked a problem that wasn’t — and isn’t — there. We still have no known Meltdown or Spectre exploits in the wild. None.

To read this article in full, please click here

Read more 0 Comments

Perfect end to a perfect month: Yet another Win10 1709 cumulative update, KB 4058258

Microsoft told us three weeks ago that Win10 Fall Creators Update, version 1709, was ready for enterprise deployment. Since then, we’ve seen the early January patch yanked because it tanked AMD machines. Then, after the first patch was reinstated, we got two more cumulative updates. In the past three weeks.

I guess that’s what Microsoft now means by “Current Branch for Business” and/or “Semi-Annual Channel.”

To read this article in full, please click here

Read more 0 Comments

KBNew: Look behind the scenes at Microsoft’s changing KB articles

If you’ve been playing the cat-and-mouse Microsoft patching game for a while, you know that Microsoft changes its Knowledge Base articles from time to time, without warning and at times without documentation. Now there’s a resource for those who need to know who moved their cheese — and when.

Several times in the past month, the eagle-eyed crew at AskWoody, led by @MrBrian, have found out about new Windows patches before they were announced. They’ve also looked at the raw data showing which KB articles have been changed — even if Microsoft doesn’t document the changes. The secret? A new monitoring program called KBNew.

To read this article in full, please click here

Read more 0 Comments

Windows surprise patch KB 4078130: The hard way to disable Spectre 2

As we crawl deeper down the Meltdown/Spectre bunny hole, Microsoft released on Friday night a weird, download-only patch that disables the “fix” that’s supposed to protect you against one of the Spectre variants. It’s the same patch, that works the same way, on every version of Windows, from Win7 to the latest Win10 beta builds.

I’m tempted to call it an out-of-band patch, but truth is that all of this month’s patches have been out of band.

You’ve no doubt been inundated by the news about Meltdown and Spectre, the two (actually, three) highly publicized security vulnerabilities in essentially all modern computer chips that, at this point, has never been seen on a real, live, in-the-wild computer.

To read this article in full, please click here

Read more 0 Comments

Microsoft Patch Alert: Lots of lingering problems in a very messy month

On the heels of a relatively benevolent December Patch Tuesday, the stream of patches pouring out of Microsoft (and Intel!) in January reached epic proportions. To be fair, it looks as if Microsoft got drawn into releasing its Meltdown/Spectre barrage early – on Jan. 3 – but they were so buggy they were withdrawn for AMD processors on Jan. 8, and gradually re-released in phases over the next two weeks.

To read this article in full, please click here

Read more 0 Comments

When does your Surface support life cycle end? Will it get fixed?

Time was you could go to Microsoft’s website and get a definitive answer as to when your Surface machine’s support life cycle would end. For reasons unknown, that information isn’t where it used to be. It’s an open question whether Microsoft has unilaterally withdrawn support — a particularly important question, given the ultimate availability of Meltdown/Spectre patches.

Let’s say you have a Surface Pro 2 and you want to know if Microsoft will ever fix the Meltdown/Spectre vulnerability on your machine. To date, there’s been no notification one way or the other, but the tea leaves look increasingly bitter.

To read this article in full, please click here

Read more 0 Comments

Belay that order: Intel says you should NOT install its Meltdown firmware fixes

You know how you’re supposed to flash the BIOS or update the UEFI on all of your Intel machines, to guard against Meltdown/Spectre? Well, belay that order, private! Intel just announced that you need to hold off on all of its new patches. No, you can’t uninstall them. To use the technical term, if you ran out and applied your Intel PC’s latest firmware patch, you’re hosed.

In what appears to be a catastrophic curtain call to the “oops” moment that I discussed 10 days ago, it now seems that the bright, new firmware versions — which Intel has had six months to patch — have a nasty habit of causing “higher system reboots.”

To read this article in full, please click here

Read more 0 Comments

Win10 1709’s most irksome ‘feature’: Programs come back from the dead

Here’s a quick question. In Windows, if you have a program running when you reboot your machine, does Windows:

  1. Start up clean, regardless of what was running at the time of shutdown?
  2. Boot, then automatically launch all of the previously running programs?
  3. Give you an option, to choose between 1 and 2?

The answer? In every version of Windows that I’ve used (going back to Windows 286), it’s clearly the first option. Of course you don’t want your old junk to come back. Cleaning out and starting fresh is a, uh, time-honored Windows tradition.

To read this article in full, please click here

Read more 0 Comments

Patching meltdown: Windows fixes, sloppy .NET, warnings about Word and Outlook

On the heels of the Jan. 17 release of 14 Windows and .NET patches, we now have a huge crop of new patches, revised older patches, warnings about bugs, and a bewildered ecosystem of Microsoft customers who can’t figure out what in the blue blazes is going on.

Let’s step through the, uh, offerings on Jan. 18.

Windows 10 patches

Win10 Fall Creators Update version 1709 — Cumulative update KB 4073291 brings the Meltdown/Spectre patches to 32-bit machines. What, you thought 32-bit machines already had Meltdown/Spectre patches? Silly mortal. Microsoft’s Security Advisory ADV180002 has the dirty details in the fine print, point 7:

To read this article in full, please click here

Read more 0 Comments

More Windows patches, primarily previews, point to escalating problems this month

Never give a sucker an even break. Yesterday, on a very out-of-band Wednesday, Microsoft released preview patches for Windows 8.1 (but not 7!), Server 2012, and Windows 10 1709 (for bricked AMD machines only), with preview cumulative updates for Win10 1703 and 1607. There are also nine different .NET preview patches.

What should you do? Nothing. More accurately, make sure you DON’T install any of them. Fortunately, all of these patches require that you download and install them — and you’d have to be crazy (or an admin trying to shore up some critical servers) to dive into the cesspool.

It’s the same advice I’ve been giving all month. There’s nothing here that you need right now — there are no known exploits for Meltdown or Spectre in the wild, in particular — and machines are dropping like flies.

To read this article in full, please click here

Read more 0 Comments

InSpectre: See whether your PC’s protected from Meltdown and Spectre

If you’re wondering whether your computer is susceptible to the latest bête noir, Meltdown and Spectre, you can take the official Microsoft patch and, after a suitable amount of technical drudgery, come away with a result that doesn’t answer much. Or you can try Steve Gibson’s new InSpectre and – with suitable caveats – see some meaningful results and a few hints about catching up.

Microsoft has a complex PowerShell script that details your machine’s exposure to the Meltdown and Spectre security flaws. Running that script on all but the simplest and most up-to-date systems turns into a hair-pulling exercise, and the results are coated in 10 layers of technical gobbledygook.

To read this article in full, please click here

Read more 0 Comments

Microsoft’s mystifying Meltdown/Spectre patches for AMD processors

I’ve seen a lot of bizarre Microsoft patches-of-patches, but the new patches for AMD processors are in a world of their own. The security-only, manually downloadable patches appear to be Meltdown/Spectre patches for machines that were bricked by other bad patches, earlier this month, but they’ve arrived with no instructions — and a strange circular logic.

Last week, Microsoft released two patches, with these official titles:

  • KB 4073578: Unbootable state for AMD devices in Windows 7 SP1 and Windows Server 2008 R2 SP1
  • KB 4073576: Unbootable state for AMD devices in Windows 8.1 and Windows Server 2012 R2

The Win7 KB article says:

To read this article in full, please click here

Read more 0 Comments

Microsoft reinstates Meltdown/Spectre patches for some AMD processors — but which ones?

As we rappel down the Patch Tuesday rabbit hole this month, Microsoft just announced that it’s going to start pushing its January Windows security patches onto AMD processors again. But it neglects to mention which ones. Per a late-night change to KB 4073707:

Microsoft has resumed updating the majority of AMD devices with the Windows operating system security update to help protect against the chipset vulnerabilities known as Spectre and Meltdown.

To read this article in full, please click here

Read more 0 Comments

Surprise! Excel gets a variation of the Word DDE block settings

You  may recall that Microsoft disabled automatic Dynamic Data Exchange (DDE) in Word back in December. I wrote about the problem, and its solution, in “Office as a malware delivery platform: DDE, Scriptlets, Macro obfuscation.” Microsoft stopped automatic DDE, the {DDEAUTO} field in Word, while setting up certain registry entries that can soften that decision.

This month, I was surprised to discover, Microsoft has made a roughly analogous change in Excel. Applying this month’s Excel security patches doesn’t change the DDE server launch and DDE server lookup settings. But it does give admins the ability to stifle both of the user prompts associated with DDE access.

To read this article in full, please click here

Read more 0 Comments

A mess of Microsoft patches, warnings about slowdowns — and antivirus proves crucial

Welcome to another banner Patch Tuesday. Microsoft yesterday released 56 separately identified security patches for every supported version of Windows, Office, .Net, Internet Explorer and Edge. Out of that monstrous pile, only one patch cures a currently exploited problem — a flaw in Word’s Equation Editor that should have been fixed in November.

If you’re a “normal” user, your first priority shouldn’t be Microsoft’s patches, notwithstanding the fabulous PR job performed on Meltdown and Spectre’s behalf. Assuming you don’t open random Word docs with dicey embedded equations, your main concern right now should be getting your antivirus house in order.

To read this article in full, please click here

Read more 0 Comments

Buggy Win7 Meltdown patch KB 4056894 throwing blue screens

Read more 0 Comments

Windows, Meltdown and Spectre: Keep calm and carry on

I’m increasingly skeptical of security holes that have their own logos and PR campaigns. Yesterday’s sudden snowballing of disclosures about two groups of vulnerabilities, now known as Meltdown and Spectre, has led to enormous numbers of reports of varying quality, and widespread panic in the streets. In the case of Intel’s stock price, that’s more like blood in the streets.

While it’s true that both vulnerabilities affect nearly every computer made in the past two decades, it’s also true that the threat — especially for plain-vanilla Windows users — isn’t imminent. You should be aware of the situation, but avoid the stampede. The sky isn’t falling.

To read this article in full, please click here

Read more 0 Comments

High-demand tasks for the Surface Book 2 swamp a plugged-in battery

Mark Coppock at Digital Trends has just published the results of a series of tests that he ran on Microsoft’s flagship Surface Book 2. Running Destiny 2 at high resolution/frame rate, or Adobe Premiere Pro CC 2018 video editing app, caused the battery indicator to drop, even though the SB2 was plugged into the wall and fully charged.

Says Coppock:

The power supply on the 15-inch Surface Book 2 holds it back from being the portable workstation it seems to be at first glance … the Surface Book 2 15-inch comes with a 95-watt power supply. The notebook’s components, however, can consume more power than that when they’re running at full speed.

To read this article in full, please click here

Read more 0 Comments

Time to install Microsoft patches, except KB 4054517 for Win10 Fall Creators Update

December has brought a few surprises in Windows PatchLand, but by and large, the coast is clear. “Clear,” that is, unless you made the mistake of installing the Win10 Fall Creators Update, version 1709 (or got pushed into it), before the nominal four-month testing period lapsed.

In broad terms, it’s safe to install this month’s Windows and Office patches, unless you’re using Win10 1709, although there are a few obscure gotchas that may bite you if you’re using Win7 with encrypted fileshares, or Active Directory app login. For those who installed Win10 1709 before letting the unpaid beta testers skate out on Crait, there’s very little reason to install this month’s security patches, as long as you don’t use Internet Explorer or Edge. Which, if the statistics are to be believed, you probably don’t.

To read this article in full, please click here

Read more 0 Comments