So did you end up with Windows 10, version 1703 installed on your machine last week? Or did you have a computer where it attempted and failed? Were you as surprised as I was by the installation? Am I admitting that I, Susan Bradley, the Patch Watch lady, was totally caught off guard that last week 1703 was declared Current Branch for Business (CBB) and thus would be widely released to everyone who chose to defer the feature release? Am I admitting that I, Susan Bradley, the Patch Watch lady, was, or rather, still is confused about the new updating cadence, new name for the feature releases and new patching options? Yes and yes. I’m still trying to figure out the new normal for patching Windows 10. Let me tell you what I am sure of: Microsoft loves to keep changing the rules, we need to roll with the flow and hopefully this will be the last major change in updating naming and timing. The names and timing we used to have was called Current Branch (what Home version computers are on) or Current Branch for Business (what Pro versions can opt to do). Last week if you had Windows 10 … Read More
It’s the end of July and we finally have some out of band fixes for the issues introduced by the June updates. I’m using the Office known issues page to keep track of issues. To remind you the following problems were introduced by the June updates: Issues opening attachments When you open an attachment in an email, contact, or task formatted as Rich Text you get the following error: “The program used to create this object is Outlook. That program is either not installed on your computer or it is not responding. To edit this object, install Outlook or ensure that any dialog boxes in Outlook are closed.” Both Outlook 2010 and Outlook 2007 still has no workaround or patch at this time. The underlying issue was caused by the following updates: KB3191898 Outlook 2007 KB3203467 Outlook 2010 This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.
The latest financial reports showcase that Redmond’s bet on the cloud is paying off. But there’s one place that I think Microsoft could do better: Selling subscriptions to small businesses. I’ve personally found that buying various different cloud subscriptions can be confusing and in some cases, if you buy a cloud service from one vendor it may impact what you can buy from another vendor. Recently I wanted to buy a single copy of Windows 10 Enterprise including the Advanced Threat Protection service. But before I get into the particulars of my story, let’s step back a bit and explain what these new additional services do and why I wanted to purchase them. Microsoft has added to Office 365 and to Windows 10 desktops services that allows a savvy end user or a small business to have some interesting forensic tools at their disposal in the form of advanced threat protection service. When it’s added to Office 365, it allows the Outlook user to have additional protections from malware, ransomware and other targeted attacks. It filters urls in messages and filters email attachments. As noted in the literature, it can be added to the following products: Exchange Online Plan 1 Exchange … Read More
Included in the July 2017 cumulative update are several fixes precipitated by last month’s June updates. The 1703 release of KB4025342 includes the following fixes: It addresses an issue introduced by KB4022716 where Internet Explorer 11 may close unexpectedly when you visit some websites – this issue introduced by June’s security updates. It addresses an issue to improve MediaCreationTool.exe support for Setup Tourniquet scenarios. It addresses an issue with CoreMessaging.dll that may cause 32-bit apps to crash on the 64-bit version of the Windows OS. It addresses an an issue where Visual Studio or a WPF application may terminate unexpectedly (stops responding, followed by a crash) when running on a pen and/or touch enabled machine with Windows 10 Creators Update. It addresses an issue that causes the system to crash when certain USB devices are unplugged while the system is asleep. It addresses an issues with screen orientation that stops working after lid close and lid open transitions. It addresses an issue that causes .jpx and .jbig2 images to stop rendering in PDF files. It addresses an issue where users could not elevate to Administrator through the User Account Control (UAC) dialog when using a smart card. It addresses an issue where input using … Read More
Ransomware Hits the Same Vulnerabilities Keep calm: While the news is grim over the latest ransomware, the steps we’ve taken earlier will most likely keep most of us secure. It’s key that you have March’s Windows updates installed to protect from the SMBv1 vulnerabilities and April’s Office updates installed to protect from the RTF (Rich Text Format) vulnerability being used in the attacks. In addition, the vulnerability is specifically targeting networks and using some additional tricks up their sleeves as noted in PTSecurity blog post. The attackers are utilizing various network tools such as Windows Management Instrumentation (WMI) and PsExec to distribute the ransomware throughout a network. It further uses password retrieval tools to gain the local administrator passwords on the workstations in the network. For home and small businesses the best protection is to be vigilant in not opening suspicious emails, and to ensure the March and April updates are installed. What to do: Ensure your systems have the March’s Windows updates installed to protect from the SMBv1 vulnerabilities and April’s Office updates installed. Windows Fixes for IE Printing and Indexing Microsoft has released updates to Windows 7, 8.1, and 10 to fix issues introduced by the June 13th Windows … Read More
NOTE: For the second time in two months, Windows users are susceptible to a global malware attack. To protect yourself against this one, called Petya, I recommend reviewing my articles “What You Need to Know to Protect Yourself from Ransomware” and “When You Should Disable Server Message Block v1.” Signs You’ve Been Hacked It’s either easy or hard to determine if you’ve been hacked. In the case of ransomware, it’s extremely easy to know when you’ve been hacked: You get a request for money. However, the goal of most of the best hackers is to leave you blissfully ignorant of any wrongdoing. This way, your machine and your network access remains a resource for them to exploit. For example, the NSA tools that were recently released to the public were designed to allow for silent access to a system. The exploits released back in April have been patched by Microsoft, but they point out the goal of these nation-state attackers is to be stealthy and covert. So then if the goal of these tools are to be silent, how can you then know when you have been attacked? This is often the hardest of all – often you only know if … Read More
Outlook Updates Are Causing Multiple Issues I’m tracking several issues with the June Outlook updates that were released last week. Unfortunately I don’t have a fix for these issues, just a lot of recommended workarounds from Microsoft. The known issues have been documented in a web page showcasing the Office known issues, which also showcases that there will be an update expected on June 27th fixing the issue. If you are impacted by the issues noted, try any of the below solutions. Issues opening attachments: When you open an attachment in an email, contact, or task formatted as Rich Text you get the following error: “The program used to create this object is Outlook. That program is either not installed on your computer or it is not responding. To edit this object, install Outlook or ensure that any dialog boxes in Outlook are closed”. To work around the issue, save the attachment to your local drive and open it from there. This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.
In an unprecedented move from Microsoft, more XP patches were released to prevent attacks from Nation states. You’ll need to go to the download center to get patches for these older versions. This is a serious issue and a sign that cyberwarfare is getting serious. Older Operating Systems Get Patches Too In an unexpected move, Microsoft released several updates for older computer systems due to current or expected attacks from nation-state actors according to a Microsoft blog post. The post went on to urge us to still update these older platforms to supported operating systems but it’s good that Microsoft has made the decision to update these unprotected systems nonetheless. Microsoft deems that we need these updates due to a “heightened risk of exploitation due to past and threatened nation-state attacks and disclosures”. For Windows XP make sure you have the following updates installed: KB958644 — a 2008 update that you should already have installed. KB2347290 — a 2010 update that may already have been installed back then. KB4012598 KB4012583 KB4022747 KB4018271 for IE8 KB4018466 KB3197835 KB4024323 KB4025218 KB4024402 KB4019204 For Server 2003 sp2 (64bit) please make sure you have the following updates installed: KB958644 — a 2008 update that you should already … Read More
The recent ransomware attacks have had a inadvertent side effect at my home and office: It has pointed out to me how much I’m still dependent on Server Message Block v1 (SMB v1). Microsoft’s workaround for the recent ransomware attacks have recommended the following workaround as noted in KB2696547: disabling SMB v1, and leaving SMB v2 and SMB v3 alone unless you need to troubleshoot your security settings. As noted in a September 2016 blog post, SMB v1 is a 30 year old protocol that has seen better days. The recent ransomware attacks using this protocol to amplify their mayhem have some security researchers still unsure of exactly how the initial attack vector took place. It’s unclear at this time if this ransomware came through targeted email attacks (like many other ransomware attacks), or, if this was a unique attack that possibly infected a workstation, which then brought the attack into the impacted networks through some network access point previously used to bring in other worm like attacks. While it’s unclear how the initial infection started out, it’s clear that once the infection got into the network, it relied on vulnerabilities in SMB v1 to basically run rampant through the network. This is why so … Read More