{"id":16248,"date":"2019-09-06T08:30:12","date_gmt":"2019-09-06T16:30:12","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/09\/06\/news-9990\/"},"modified":"2019-09-06T08:30:12","modified_gmt":"2019-09-06T16:30:12","slug":"news-9990","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/09\/06\/news-9990\/","title":{"rendered":"Time to install the August Windows patches \u2014 but watch out for the bugs"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Fri, 06 Sep 2019 08:16:00 -0700<\/strong><\/p>\n

August brought<\/span> loads of drama<\/span><\/a> to the Windows and Office patching scene. Microsoft\u2019s first round of patches killed Visual Basic, Visual Basic for Applications and VBScript in certain situations\u00a0\u2014 on all versions of Windows. Fixes for the bugs dribbled out three, four, six and 17 days after the original infection.\u00a0<\/span><\/p>\n

Those Microsoft-introduced bugs were all the more daunting because the August patches are the ones intended to protect us <\/span>from DejaBlue<\/span><\/a>\u00a0\u2014 the recently announced \u201cwormable\u201d malware infection vector that (thankfully!) has yet to be exploited. The mainstream press picked up the Chicken Little cry to install August patches right away. Then the buggy offal hit the impeller, and the press fell silent.<\/span><\/p>\n

Funny how that works.<\/span><\/p>\n

At any rate, if you\u2019ve been following along here, you\u2019re ready to get the August patches installed. Here\u2019s how to do it.<\/span><\/p>\n

Those of you running Win10 version 1903 have reason to be \u2026 perturbed.\u00a0<\/span><\/p>\n

Microsoft put the “optional, non-security” second August cumulative update through its Insider beta-testing process for an extra couple of weeks. All of the other versions of Windows had their VB\/VBA\/VBScript<\/span> bugs fixed on Aug. 16, 17 and 19<\/span><\/a>. The fix for 1903 sat in the Windows Insider Release Preview ring\u00a0\u2014 supposedly getting a thorough shine\u00a0\u2014 until Aug. 30.<\/span><\/p>\n

Now it looks as if all of that extra delay in delivering the patch didn\u2019t do much.<\/span><\/p>\n

Microsoft <\/span>finally acknowledged<\/span><\/a> the Cortana\/SearchUI.exe redlining bug in the KB 4512941 patch four days after the bug was <\/span>originally reported<\/span><\/a>. We got a single tweet that said:<\/span><\/p>\n

We are currently investigating an issue where users are reporting high CPU usage linked to SeachUI.EXE <\/span>[sic]<\/span><\/i> after installing the optional update on August 30 (KB4512941). We will provide an update in an upcoming release.<\/span><\/p>\n

The next day, the <\/span>KB article<\/span><\/a> was updated to say:<\/span><\/p>\n

Microsoft is getting reports that a small number of users may not receive results when using Windows Desktop Search and may see high CPU usage from <\/span>SearchUI.exe<\/strong>. This issue only occurs on devices that have disabled searching the web using Windows Desktop Search.<\/span><\/p>\n

We are working on a resolution and estimate a solution will be available in mid-September.<\/span><\/p>\n

This isn\u2019t a fringe case. Microsoft has encountered so many complaints about searching the web in Windows Desktop Search that they published a <\/span>Knowledge Base article<\/span><\/a> with step-by-step instructions for disabling it. If you followed those instructions, and installed the second monthly cumulative update, part of your machine is redlining.<\/span><\/p>\n

The July Windows 7\/Server 2008 R2 \u201cSecurity-only\u201d patch brought <\/span>an unwanted surprise<\/span><\/a>: it installs the same kind of telemetry found in the Monthly Rollups. Many of the folks who go to the bother of downloading and manually installing the Security-only patches specifically do so to avoid the snooping, but if you want the July security fixes, telemetry comes along for the ride.<\/span><\/p>\n

I\u2019m happy to report that the August \u201cSecurity-only\u201d patch only includes security patches. Who woulda thought?<\/span><\/p>\n

Here\u2019s how to get your system updated the (relatively) safe way.<\/span><\/p>\n

There\u2019s a non-zero chance that the patches \u2014 even the latest, greatest patches of patches of patches \u2014 will hose your machine. Best to have a backup that you can reinstall even if your machine refuses to boot. This, in addition to the usual need for System Restore points.<\/span><\/p>\n

There are plenty of full-image backup products, including at least two good free ones:<\/span> Macrium Reflect Free<\/span><\/a> and<\/span> EaseUS Todo Backup<\/span><\/a>. For Win 7 users, If you aren\u2019t making backups regularly, take a look at this<\/span> thread started by Cybertooth<\/span><\/a> for details. You have good options, both free and not-so-free.<\/span><\/p>\n

Microsoft is blocking updates to Windows 7 and 8.1 on recent computers. If you are running Windows 7 or 8.1 on a PC that\u2019s 24 months old or newer, follow the instructions in<\/span> AKB 2000006<\/span><\/a> or<\/span> @MrBrian\u2019s summary of @radosuaf\u2019s method<\/span><\/a> to make sure you can use Windows Update to get updates applied.<\/span><\/p>\n

If you\u2019ve been relying on the Security-only \u201cGroup B\u201d patching approach to keep Microsoft\u2019s snooping software off your PC, you\u2019re stuck again this month. You can install the August Security-only patch without bringing in the snooping routines. But unless you install the telemetry-laden July Security-only patch, you\u2019re missing a month of (not really all that important) patches. Think of it as a preview of your January 2020 Win7 end-of-support conundrum.<\/span><\/p>\n

For most Windows 7 and 8.1 users, I recommend following<\/span> AKB 2000004: How to apply the Win7 and 8.1 Monthly Rollups<\/span><\/a>. You should have two Windows patches, one dated August 13 (the Patch Tuesday patch) and the other dated August 17 (the patch for the pernicious Patch Tuesday patch). Say that ten times real fast. They should both be checked.<\/span><\/p>\n

Realize that some or all of the expected patches for August may not show up or, if they do show up, may not be checked. DON’T CHECK any unchecked patches. Unless you’re very sure of yourself, DON’T GO LOOKING for additional patches. In particular, if you install the August Monthly Rollup, you won\u2019t need (and probably won\u2019t see) the concomitant patches forJuly. Don’t mess with Mother Microsoft.<\/span><\/p>\n

If you see<\/span> KB 4493132<\/span><\/a>, the \u201cGet Windows 10\u201d nag patch, make sure it\u2019s unchecked.<\/span><\/p>\n

Watch out for driver updates \u2014 you\u2019re far better off getting them from a manufacturer\u2019s website.<\/span><\/p>\n

After you\u2019ve installed the latest Monthly Rollup, if you\u2019re intent on minimizing Microsoft\u2019s snooping, run through the steps in<\/span> AKB 2000007: Turning off the worst Win7 and 8.1 snooping<\/span><\/a>. If you want to thoroughly cut out the telemetry, see @abbodi86\u2019s detailed instructions in<\/span> AKB 2000012: How To Neutralize Telemetry and Sustain Windows 7 and 8.1 Monthly Rollup Model<\/span><\/a>.<\/span><\/p>\n

Realize that <\/span>we don\u2019t know <\/i><\/strong>what information Microsoft collects on Window 7 and 8.1 machines. But I\u2019d be willing to bet that fully-updated Win7 and 8.1 machines are leaking almost as much personal info as that pushed in Win10.<\/span><\/p>\n

If you want to stick with your current version of Win10 Pro \u2014 a reasonable alternative \u2014 you can follow my<\/span> advice from February<\/span><\/a> and set \u201cquality update\u201d (cumulative update) deferrals to 15 days, per the screenshot. If you have quality updates set to 15 days, your machine already updated itself on August 28, and will update again on September 25. Don\u2019t touch a thing and in particular don\u2019t click <\/span>Check for updates<\/span><\/i>.<\/span><\/p>\n

For the rest of you, including those of you stuck with Win10 Home, go through the steps in “<\/span>8 steps to install Windows 10 patches like a pro<\/span><\/a>.” Make sure that you run Step 3, to hide any updates you don\u2019t want (such as the Win10 1903 upgrade or any driver updates for non-Microsoft hardware) before proceeding.<\/span><\/p>\n

If, after the update, you bump into a message that says \u201cProcedure call error,\u201d realize that <\/span>you didn\u2019t do anything wrong<\/span><\/a>. Microsoft did. If you get that error message, you have to go through the \u201c8 steps\u201d again, but this time install KB 4512509 (for Win10 version 1803) or KB 4512534 (for Win10 version 1809), and curse the patching gremlins. Some day Microsoft will figure out this patching thang. Or maybe not.<\/span><\/p>\n

If you see a notice that “You’re currently running a version of windows that’s nearing the end of support. We recommend you update to the most recent version of Windows 10 now to get the latest features and security improvements” you can safely chill. Win10 1803 is good through November. If you see a link to \u201cDownload and install now,\u201d ignore it\u00a0\u2014 for the same reason.<\/span><\/p>\n

Windows Update in Win10 version 1903 has gone through a <\/span>major makeover<\/span><\/a> in recent weeks. The result, if it works the way it\u2019s been described, will be a major step forward in Windows 10 patching.<\/span><\/p>\n

There\u2019s a legacy fly in the ointment, though. If you\u2019ve moved to Win10 Pro version 1903, and you set 15 day deferral on quality updates (as shown in the earlier screenshot), you\u2019ll no doubt discover that the settings shown in the screenshot are no longer available on your machine. Microsoft hasn\u2019t yet deigned to tell us what\u2019s going on, but you can rest assured that your 15 day deferral was obeyed\u00a0\u2014 and you got the August patches on Aug. 28. Don\u2019t worry about changing the deferral settings. You\u2019re protected until Sept. 25.<\/span><\/p>\n

Long story short, the setting shown in the screenshot <\/span>may not be visible on your machine<\/span><\/a>. Not to worry. You have a belt-and-suspenders kind of second choice. If you\u2019re on Win10 version 1903 (either Home or Pro), click the link on the Windows Update page that says \u201cPause updates for 7 days,\u201d then click on the newly revealed link, which says \u201cPause updates for 7 more days,\u201d then click it again.<\/span><\/p>\n

By clicking that link three times, you\u2019ll defer cumulative updates for 21 days from the day you started clicking\u00a0\u2014 if you do it today, you\u2019ll be protected until Sept. 27\u00a0\u2014 which is typically long enough for Microsoft to work out the worst bugs in its patches.<\/span><\/p>\n

There are several group policies and a handful of registry settings working in the background when you make those changes. But if you\u2019re using Pro and set the quality update deferral to 15 days, <\/span>and <\/i><\/strong>punch the \u201cPause updates for 7 days\u201d button three times (on either Home or Pro), you should be in good shape.<\/span><\/p>\n

If you encounter the \u201cProcedure call error\u201d bug, you need to install the second August cumulative update. Lucky you. To do so, click Check for updates (yes, you read that correctly), then under Optional updates available, look for 2019-08 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB 4512941) (see screenshot) and click Download and install now.<\/span><\/p>\n

That\u2019ll introduce <\/span>even more bugs<\/span><\/a>, but at least it\u2019ll fix the \u201cProcedure call error\u201d bug.<\/span><\/p>\n

Thanks to the dozens of volunteers on AskWoody who contribute mightily, especially @sb, @PKCano, @abbodi86 and many others.<\/span><\/i><\/p>\n

We\u2019ve moved to MS-DEFCON 3 on the<\/span><\/i> AskWoody Lounge<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Fri, 06 Sep 2019 08:16:00 -0700<\/strong><\/p>\n

\n
\n

August brought<\/span> loads of drama<\/span><\/a> to the Windows and Office patching scene. Microsoft\u2019s first round of patches killed Visual Basic, Visual Basic for Applications and VBScript in certain situations\u00a0\u2014 on all versions of Windows. Fixes for the bugs dribbled out three, four, six and 17 days after the original infection.\u00a0<\/span><\/p>\n

Those Microsoft-introduced bugs were all the more daunting because the August patches are the ones intended to protect us <\/span>from DejaBlue<\/span><\/a>\u00a0\u2014 the recently announced \u201cwormable\u201d malware infection vector that (thankfully!) has yet to be exploited. The mainstream press picked up the Chicken Little cry to install August patches right away. Then the buggy offal hit the impeller, and the press fell silent.<\/span><\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[10516,714,10525],"class_list":["post-16248","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-microsoft","tag-security","tag-windows"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=16248"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16248\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=16248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=16248"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=16248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}