AuthorWoody Leonhard

Microsoft Patch Alert: October’s been a nightmare

This month’s bad patches made headlines. Lots of headlines. For good reason.

You have my sympathy if you clicked “Check for updates” and got all of the files in your Documents and Photos folders deleted. Even if you didn’t become a “seeker” (didn’t manually check for updates) your month may have been filled with blue screens, odd chicken-and-egg errors, and destroyed audio drivers — and Edge and your UWP (“Metro” Store) apps might have been kicked off the internet.

You didn’t need to lift a finger.

Worst Windows 10 rollout ever

Hard to believe that Windows 10 version rollouts could get any worse, but this month hit the bottom of a nearly bottomless barrel. Some folks who clicked “Check for updates” wound up with a brand spanking new copy of Win10 version 1809 — and all of the files in their \Documents, \Pictures, \Music, \Videos and other folders disappeared. I have a series of articles on that topic, arranged chronologically:

To read this article in full, please click here

Microsoft Patch Alert: Despite weird timing, September’s Windows and Office patches look good

As we near the end of patching’s “C Week” (which is to say, the week that contains the third Tuesday of the month), there are no show-stopping bugs in the Windows and Office patches and just a few gotchas. As long as you avoid Microsoft’s patches for Intel’s Meltdown/Spectre bugs, you should be in good shape.

Why a Patch Monday?

On Sept. 17, Microsoft released two very-out-of-band cumulative updates for Windows 10:

To read this article in full, please click here

SharePoint Workflows go belly-up when you install the September .Net Security Only patch

‘Softie Rodney Viana has posted details and a workaround for the “System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized” bug.

Apparently, installing last Tuesday’s KB 4457916 Security Only updates for .Net Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1 and Server 2012 R2 causes a hard stop with any SharePoint Workflows. (Workflows are set up by an admin to handle the flow of documents through a series of steps.)

To read this article in full, please click here

Time to turn off Windows Automatic Update and brace for impact

August 2018 was a relatively innocuous patching month, although the final resolution to the August problems didn’t appear until late Friday night just as the month was coming to a close — on a three-day weekend in the US.

We’ve seen the same pattern repeat itself almost every month since the beginning of the year: The first round of Microsoft security patches (notably including Win10 patches) introduce bugs, while subsequent rounds of patches each month squash most of them. If we’re lucky.

To read this article in full, please click here

Get caught up on your July and August Windows/Office patches

With the arrival of “Fourth Week” patches on the last working day of August, and having had a few days to vet them, it looks as if we’re ready to release the cracklin’ Kraken.

The steaming pile of Windows Intel microcode patches

Microsoft continues to unleash microcode patches for Meltdown and Spectre (versions 1, 2, 3, 3a, 4, n for n >=4). You won’t get stung by any of them, unless you specifically go looking for trouble.

To read this article in full, please click here

Windows and .Net finally get their ‘D Week’ patches, as Intel microcode fixes go wacko

Time for the final August patching shoe to drop.

Late last night Microsoft released a flurry of patches, posting them on the Microsoft Update Catalog. Some are available through Windows Update, some aren't.

As of early Friday morning, the Win10 patches are not available through WSUS, the update server service. It’s not clear if that’s a mistake, a hesitation — or if somebody just went home last night and forgot.

Let’s hear it for patching predictability. And transparency.

To read this article in full, please click here

Microsoft Patch Alert: Mainstream August patches look remarkably good, but watch out for the bad boys

So far this month we’ve only seen one cumulative update for each version of Windows 10, and one set of updates (Security only, Monthly Rollup) for Win7 and 8.1. With a few notable exceptions, those patches are going in rather nicely. What a difference a month makes.

We’ve also seen a massive influx of microcode updates for the latest versions of Windows 10, running on Intel processors. Those patches, released on Aug. 20 and 21, have tied many admins up in knots, with conflicting descriptions and iffy rollout sequences.

Big problems for small niches

At this point, I’m seeing complaints about a handful of patches:

  • The original SQL Server 2016 SP2 patch, KB 4293807, was so bad Microsoft yanked it — although the yanking took almost a week. It’s since been replaced by KB 4458621, which appears to solve the problem.
  • The Visual Studio 2015 Update 3 patch, KB 4456688, has gone through two versions — released Aug. 14, pulled, then re-released Aug. 18 — and the re-released version still has problems. There’s a hotfix available from the KB article, but you’d be well advised to avoid it.
  • Outlook guru Diane Poremsky notes on Slipstick that the version of Outlook in the July Office 365 Click-to-Run won’t allow you to start Outlook if it’s already running. “Only one version of Outlook can run at a time” — even if the “other version” is, in fact, the same version.
  • The bug in the Win10 1803 upgrade that resets TLS 1.2 settings persists, but there’s an out-of-the-blue patch KB 4458116 that fixes the problem for Intuit QuickBooks Desktop.
  • The Win10 1803 cumulative update has an acknowledged bug in the way the Edge browser interacts with Application Guard. Since about two of you folks use that combination, I don’t consider it a big deal. The solution, should you encounter the bug, is to uninstall the August cumulative update, manually install the July cumulative update, and then re-install the August cumulative update — thus adding a new dimension to the term “cumulative.”
  • The Win7 Monthly Rollup has an old acknowledged bug about “missing file (oem<number>.inf).” Although Microsoft hasn’t bothered to give us any details, it looks like that’s mostly a problem with VMware.

The rest of the slate looks remarkably clean. Haven’t seen that in a long while.

To read this article in full, please click here

2 undocumented patches from Microsoft may solve the 1803 TLS 1.2 blocking problem

Microsoft’s KB 4458166, released on Tuesday, explains that the push to Win10 version 1803 has been halted for machines running .Net applications that use the TLS 1.2 security protocol. Presumably, effective Tuesday, if you have a Win10 1709 or 1703 machine that’s running one of those programs (including, notably, QuickBooks Desktop), Microsoft won’t try to push 1803 on it.

To read this article in full, please click here

Patch Tuesday fallout: Bad docs, but so far no major problems

Microsoft may have fixed July’s horrible, no good, very bad patches. Although the initial documentation for this month’s patches included warnings about many of the bugs that persisted from July, it ends up that the docs were wrong, and most of the known problems seem to be fixed.

As of early Reboot Wednesday morning, the patches seem to be behaving themselves. Of course, it frequently takes days or even weeks for bugs to appear, so you’d be well advised to avoid jumping into the unpaid battle zone for now.

To read this article in full, please click here

Patch Tuesday’s coming: Block Windows Update and pray we don’t get fooled again

July 2018 patches for both Windows and Office brought bugs and bugs of bugs — many of which haven’t been solved, even now. We have even reached the unprecedented stage where the .NET team openly warned people against installing buggy updates, and the Monthly Rollup previews got shoved down the Automatic Update chute to fix bugs in the primary Monthly Rollup.

July was more galling than most months because the patches caused widespread problems for many, while plugging security holes for exactly zero widespread infections.

To read this article in full, please click here