Ransomware was once again in the news. This time it was due to WannaCry, an attack that stretched across 150 countries and nearly 57,000 countries. The attackers used a Windows vulnerability only recently patched (March 2017), formerly used by the National Security Agency to secretly take control of computers. Determine If You Are Protected First off, check and make sure you are protected. If you are running Windows 10, click on Start, then Settings, click on Windows Update, click on Update History. If you have installed either the May 2017, April 2017 or March 2017 cumulative update for any of the Windows 10 that is in the market today, you are protected. If you are running Windows 7, click on Start, then Control Panel, then on Windows Update. Now click on View Update History. Scroll down and look for either March 2017, April 2017 or May 2017 updates to have been installed on your machine. If any of these monthly rollups have been installed, you are protected from this vulnerability. What If You’re Running Windows XP and Server 2003? For businesses still running XP in critical locations that did not have a custom support agreement from Microsoft, this attack brought them to their knees. … Read More
For those of you with Intel processors, it’s time to see if you are vulnerable. Meanwhile we’re business as usual for Windows updates and Flash updates. And if you use Microsoft’s native antivirus protection, be sure that you’ve received the latest engine update to fix a critical flaw. Intel’s Processors May Need Fixing Intel’s processors are vulnerable to a flaw in Intel’s Active management technology, Small Business Technology or Intel Standard Manageability software, and although I read that this “did not impact consumer PCs” I honestly ignored the warnings: “I follow security best practices. This can’t impact my workstations.” And then I used the Intel Detection Tool and determined that many of my workstations – especially in my office – did have the vulnerable code in my systems. So much for best security practices! Fortunately, while I may have the vulnerable code, the Active management technology is and was not ever enabled, and I don’t have it set to be accessible from outside of my office. Thus I am not vulnerable to attack even though I may have the vulnerable code on my system. Nevertheless, I recommend that you scan your own system and see if it can detect what chipset you have and … Read More
The Windows 10 creator’s release is off to a slow start. But that’s a very good thing. This slow release means we’re not getting updates once a week. Windows 10 Creators Update I’m an unusual guest. Invite me for the weekend, and I often poke under the hood of any Windows 10 machine at my hosts to see how well-patched it is and if it needs any maintenance. One thing I’ve been surprised by is how slowly and carefully Microsoft is pushing out the Windows 10 Creators Update. In fact, in my anecdotal review of home PCs, I’ve come across very few that have actually received the update. Those that have received it, in fact, most have requested the update directly. It hasn’t been pushed on them. That slowness has a good side effect: We’re not getting the once a week updates that 1607 was subject to when it came out. As I said earlier, so far I’ve seen several reports and blog posts of issues with Internet access, missing Power options and issues with Logitech webcams, especially the Brio range of webcams, but nothing majorly trending that I can see. I’m still watching various locations such as reddit forums to follow what post-release issues folks … Read More
We’re still following some post patching issues that cropped up after the March patches were released. Some, like the interaction with CRM 2011, have been fixed. Others impacting Outlook 2016 searching need a rollback. March Office Click-to-Run Causing Issues For those with Outlook 2016 and click to run (retail)installations, you will probably note that searching in Outlook is broken after the March click to run release. At this time there is no other workaround other than to roll back to a prior version of Office click to run. As noted on the Microsoft forum this is a known issue as noted by a Microsoft staff. If you connect to a POP account or you are searching PSTs there is a bug in the latest updates. To roll back to a prior release do the following steps: Open a command prompt and run the following commands in order: cd %programfiles%\Common Files\Microsoft Shared\ClickToRun officec2rclient.exe /update user updatetoversion=16.0.7571.2109 Open Outlook and click File, Office Account and set Update Options to Disable Updates Add an appointment on your calendar for a month or more out to remind you to re-enable updates. What to do: Roll back to a prior release if you are impacted. … Read More
The lack of patches in February means that March’s updates are numerous. Not helping the situation: While Windows 10 updates are cumulative, Office updates may not be depending on your install. Thus we are getting an extra set. It’s a lot to sort through. Microsoft finally got back to a bit of normal with this month’s release. Windows 10, 8 and 7 all received their normal large cumulative updates, most with a security bent. For Windows 10, the cumulative update also included many fixes for other issues on that platform. And in a bit of trivia only patch-a-holics like me love to keep track of, we have now jumped to Knowledge Base articles that begin with 4. For example, the Windows 10 1607 update is KB4013198. In addition we received double the amount of Office updates, but remember, if you are running any of the Office 365 versions that support click-to-run, you won’t see the masses of Office updates, you’ll merely get the click to run update dribbled to you over time. March also meant changes to Microsoft’s communication regarding security bulletins, with the all new Security Portal as the new location for security guidance and information. However, they are still … Read More
March’s updating appears to still be in limbo. No previews of February updates means a smaller expected update for Windows 7. The Patch Day That Still Wasn’t Microsoft still seems to be recovering from whatever caused them to skip releasing Office and Windows security updates on the second Tuesday of the month. Normally on the third week of the month they will release a preview of the following month’s non security updates. This time they only released the overdue Flash update that Windows 8.1 and Windows 10 machines need to be protected as Flash is embedded in that platform. Remember that Flash for Windows 7 is an independent update that comes directly from Adobe. For Windows 8.1 and 10, Flash has to come from Microsoft’s updating mechanism for those platforms. March will also mean changes to Microsoft’s communication regarding security bulletins, with all new Security Portal will be the new location for security guidance and information. What to do: Look for more changes to updating to come. Sha-1 Changes This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.
All other Microsoft updates are still on hold at this time, but we may see some non security preview updates for next month. While Microsoft isn’t saying anything public at this time, several reputable sources have informed me that Microsoft will release the overdue Adobe flash update for Windows 8.1 and Windows 10 on Tuesday, February 21, 2017. I will recommend that you go ahead and install this as soon as possible due to the potential for web based attacks from Flash. While Chrome is deemphasizing Chrome in recent browser releases as noted in the Chrome blog, Windows 10 and 8.1 still have flash as part of the operating system. In the creators release expected this spring, Flash will become of less importance in the operating system. Until then we need to update our browsers with any Flash update as soon as we can. It’s unclear if we’ll see any other non security preview updates for the Windows operating system on Tuesday. If you do I’ll recommend you do not install these updates at this time. Microsoft is still not releasing any security updates that we expected in February and will wait until March to do so. Keep in mind … Read More
In a very unusual move for Microsoft, they held off on releasing updates on Tuesday, February 14th. As noted in their MSRC blog, something happened to cause them to hold off on releasing updates on Patch Tuesday. There was no word if the underlying problem was due to something in the updates or something in the delivery service. Not only were there no Operating system updates released, there were no Office security updates released as well. As a result of this very unusual move, this will be a very abbreviated Patch Watch column for this week. If the updates come out between now and when this newsletter gets sent to you, I’ll be recommending that you hold off on updating just until we get more information as to what the root problem was. For those still suffering from the Windows 10 1607 bug that causes the workstation to hesitate when making new folders on file servers, as noted in this blog post, the good news the fix is in a hotfix available via the Microsoft catalog site. The bad news is the fix was supposed to be in Tuesday’s releases which got delayed. If you go to the catalog site, … Read More
Microsoft has announced that the original release of Windows 10 will fall out of support on March 26, 2017 Meanwhile, those that deferred 1607 should be seeing that update being offered up and trying to install if you have not installed it already. January’s lack of non-security updates means that February won’t have any non-security releases. NEW: Critical Update KB3211320 for Windows 10 Version 1607 On Tuesday night (January 24, 2017), Microsoft released an out-of-band patch for PCs running Windows 10 v. 1607. The Windows 10 build number will remain the same after installation. This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.
As Microsoft releases a new Windows 10 beta, we get a patching break. Windows 8.1 in fact only has a Flash update to install. Meanwhile, Redmond has been busy with changes to the upcoming Creator’s release. Upcoming Windows 10 changes Dona Sarkar announced a beta release that makes quite a few changes to Windows update. As she noted on the blog site, the following changes are expected in the next large feature release expected around April of 2017: A feature in the GUI to pause updates for 35 days. We’ve added an option that will enable you to pause updates on your computer for up to 35 days. While this feature already exists for Windows pro and above now, it’s only available via group policy or the registry. This capability will unfortunately only be available on Professional, Education, and Enterprise editions of Windows. A feature to allow you to decide whether or not to include driver updates when you update Windows. Once again, this capability will be available on Professional, Education, and Enterprise editions of Windows. A new icon to the Windows Update Settings page to make easier to see your update status at a glance. Improvements to the logic … Read More