This month’s patch watch includes one area to keep a vigilant eye upon. There are issues with Outlook KB4011086 being tracked at this time. See the Office patch section below. Adobe Flash at a Priority 3 Adobe released updates to Flash, RoboHelp, and Adobe Connect and categorized the updates as “Priority 3.” Given our recent Hurricanes in the news, I honestly had to look up what “Priority 3” meant in terms of Adobe patches. In weather-speak, a 3 storm still packs a heavy punch. In Adobe-speak the updates “resolves vulnerabilities in a product that has historically not been a target for attackers. Adobe recommends administrators install the update at their discretion.” For those on Windows 10 and 8.1, as usual you will receive the flash update in the form of KB4038806. Recently I’ve been having to install the Firefox Flash update on my Windows 10 machines in order to watch some Flash-based videos. Even though I had Flash enabled on my Chrome and Edge browser, the video would not play. So all Flash versions are not created equal and you may need to download a few more to get things to work as they should on Windows 10. What to … Read More
The side effects of August updates aren’t quite over yet. Windows 10 1703 release of KB4034674 is not installing for some – but not all – Windows 10 users. In my personal case where I had an issue installing this update, I solved it in two ways to work around the issue. The first way was to manually install the update from the Microsoft catalog site, downloading the update to the computer and then letting it install. Another method: go into the control panel, then to services, stopped the Windows update service and then drilled down to the following folders and deleted the contents: C:\windows\SoftwareDistribution\DataStore C:\windows\SoftwareDistribution\Download Reboot the computer which in turn will restart the Windows update service. Now attempt to install the update again. You can see others having this same issue in this thread. If you’d like a graphical view of what to do, I would follow this guide and stopping at the second step. I’m unsure if Microsoft is aware of this issue, but in the meantime we can get these updates installed and work around the issue. I will be monitoring and see if Microsoft follows up with any fix for this issue. What to do: Attempt to … Read More
I have a phrase I often use with technology: Keep the children on the playground the same age. This means not mixing older and younger groups; they have different skill levels and abilities. The same goes for .NET 4.7, applications and Windows 7. If you dig into various locations on the web you will see post install side effects such as the following: Impacting Autocad and earlier versions as noted in a forum .NET 4.7 crashing Quickbooks as noted on a blog Possible issues with Arcgis Pro May have issues with touchscreen inputs as notes in this post Techsmith Snagit impact with .NET 4.7 as noted in this forum I’ll be investigating and see if the 4.7 update is the trigger for these issues but in the meantime if you are impacted and want to block .NET 4.7 you can use a registry key as noted on the Ghacks site. Tap on the Windows-key, type regedit.exe, and hit the Enter-key on the keyboard. This should start the Windows Registry Editor. Go to the key: HKEY_LOCAL_MACHINE\Software\Microsoft\NET Framework Setup\NDP Right-click on NDP and select New > Key. Name that key WU. Right-click on WU, and select New > Dword (32-bit) Value. Name … Read More
Surprisingly, there’s nothing to worry about as of right now. So let’s assess what patches you should look at. Adobe Flash and Reader Review A priority this month should be to prioritize the August Flash update. Adobe has released the August flash update so expect updates to Chrome to support the Flash update. For Windows look for KB4034662 to update the Flash in Windows 10 and 8.1. I still use and see many sites that use flash, and thus it’s still wise to ensure flash is up to date before doing any major surfing in any browser. Also expect an Adobe reader update in the form of an Adobe patch fixing 43 critical issues. What to do: Check your Flash and Adobe reader versions and review your browsers to ensure they are up to date. Do you need SMBv1? Included in this month’s updates for all versions of Windows is an issue with Windows Search. With this bug a malicious attacker can come through a smb connection and take control of a system. In a network this could lead to ransomware attacks like we’ve recently seen so if you are in a firm, please either review if you’ve disabled SMBv1 … Read More
So did you end up with Windows 10, version 1703 installed on your machine last week? Or did you have a computer where it attempted and failed? Were you as surprised as I was by the installation? Am I admitting that I, Susan Bradley, the Patch Watch lady, was totally caught off guard that last week 1703 was declared Current Branch for Business (CBB) and thus would be widely released to everyone who chose to defer the feature release? Am I admitting that I, Susan Bradley, the Patch Watch lady, was, or rather, still is confused about the new updating cadence, new name for the feature releases and new patching options? Yes and yes. I’m still trying to figure out the new normal for patching Windows 10. Let me tell you what I am sure of: Microsoft loves to keep changing the rules, we need to roll with the flow and hopefully this will be the last major change in updating naming and timing. The names and timing we used to have was called Current Branch (what Home version computers are on) or Current Branch for Business (what Pro versions can opt to do). Last week if you had Windows 10 … Read More
It’s the end of July and we finally have some out of band fixes for the issues introduced by the June updates. I’m using the Office known issues page to keep track of issues. To remind you the following problems were introduced by the June updates: Issues opening attachments When you open an attachment in an email, contact, or task formatted as Rich Text you get the following error: “The program used to create this object is Outlook. That program is either not installed on your computer or it is not responding. To edit this object, install Outlook or ensure that any dialog boxes in Outlook are closed.” Both Outlook 2010 and Outlook 2007 still has no workaround or patch at this time. The underlying issue was caused by the following updates: KB3191898 Outlook 2007 KB3203467 Outlook 2010 This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.
Included in the July 2017 cumulative update are several fixes precipitated by last month’s June updates. The 1703 release of KB4025342 includes the following fixes: It addresses an issue introduced by KB4022716 where Internet Explorer 11 may close unexpectedly when you visit some websites – this issue introduced by June’s security updates. It addresses an issue to improve MediaCreationTool.exe support for Setup Tourniquet scenarios. It addresses an issue with CoreMessaging.dll that may cause 32-bit apps to crash on the 64-bit version of the Windows OS. It addresses an an issue where Visual Studio or a WPF application may terminate unexpectedly (stops responding, followed by a crash) when running on a pen and/or touch enabled machine with Windows 10 Creators Update. It addresses an issue that causes the system to crash when certain USB devices are unplugged while the system is asleep. It addresses an issues with screen orientation that stops working after lid close and lid open transitions. It addresses an issue that causes .jpx and .jbig2 images to stop rendering in PDF files. It addresses an issue where users could not elevate to Administrator through the User Account Control (UAC) dialog when using a smart card. It addresses an issue where input using … Read More
Ransomware Hits the Same Vulnerabilities Keep calm: While the news is grim over the latest ransomware, the steps we’ve taken earlier will most likely keep most of us secure. It’s key that you have March’s Windows updates installed to protect from the SMBv1 vulnerabilities and April’s Office updates installed to protect from the RTF (Rich Text Format) vulnerability being used in the attacks. In addition, the vulnerability is specifically targeting networks and using some additional tricks up their sleeves as noted in PTSecurity blog post. The attackers are utilizing various network tools such as Windows Management Instrumentation (WMI) and PsExec to distribute the ransomware throughout a network. It further uses password retrieval tools to gain the local administrator passwords on the workstations in the network. For home and small businesses the best protection is to be vigilant in not opening suspicious emails, and to ensure the March and April updates are installed. What to do: Ensure your systems have the March’s Windows updates installed to protect from the SMBv1 vulnerabilities and April’s Office updates installed. Windows Fixes for IE Printing and Indexing Microsoft has released updates to Windows 7, 8.1, and 10 to fix issues introduced by the June 13th Windows … Read More
NOTE: For the second time in two months, Windows users are susceptible to a global malware attack. To protect yourself against this one, called Petya, I recommend reviewing my articles “What You Need to Know to Protect Yourself from Ransomware” and “When You Should Disable Server Message Block v1.” Signs You’ve Been Hacked It’s either easy or hard to determine if you’ve been hacked. In the case of ransomware, it’s extremely easy to know when you’ve been hacked: You get a request for money. However, the goal of most of the best hackers is to leave you blissfully ignorant of any wrongdoing. This way, your machine and your network access remains a resource for them to exploit. For example, the NSA tools that were recently released to the public were designed to allow for silent access to a system. The exploits released back in April have been patched by Microsoft, but they point out the goal of these nation-state attackers is to be stealthy and covert. So then if the goal of these tools are to be silent, how can you then know when you have been attacked? This is often the hardest of all – often you only know if … Read More
Outlook Updates Are Causing Multiple Issues I’m tracking several issues with the June Outlook updates that were released last week. Unfortunately I don’t have a fix for these issues, just a lot of recommended workarounds from Microsoft. The known issues have been documented in a web page showcasing the Office known issues, which also showcases that there will be an update expected on June 27th fixing the issue. If you are impacted by the issues noted, try any of the below solutions. Issues opening attachments: When you open an attachment in an email, contact, or task formatted as Rich Text you get the following error: “The program used to create this object is Outlook. That program is either not installed on your computer or it is not responding. To edit this object, install Outlook or ensure that any dialog boxes in Outlook are closed”. To work around the issue, save the attachment to your local drive and open it from there. This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.