windows

Results are starting to roll in about this month’s Patch Tuesday, and it’s quite a mixed bag. For those of you struggling with the new Windows 10 April 2018 Update, version 1803, there’s good news and bad news. The hand wringing about a new VBScript zero-day, thanks to our good old friend baked-in Internet Explorer, looks overblown for now. And if you can’t get RDP working because of “An authentication error has occurred” messages, you missed the memo.

Windows 10 version 1803

First, the good news. As I anticipated earlier this week, this month’s cumulative update for 1803 is a must-have, warts and all. The new build 17134.48 replaces the old 17134.1 (which went to those who installed 1803 directly or fell into the seeker trap) and the old 17134.5 (for those upgrading with the Windows Insider builds). As Susan Bradley explains, 17134.48 claims to fix both the Chrome and Cortana freeze, as well as a major VPN bug.

To read this article in full, please click here

Good things come to those who wait. If you resisted the drill sergeant scream of “GET THOSE PATCHES INSTALLED AS SOON AS THEY’RE OUT, MAGGOT!” you’re about to reap your just reward.

As is so often the case, the Patch Tuesday screams are something you should consider, but they’re hardly the final word. At this point, there’s a credible threat forming for Win7 and Server 2008 R2 machines — Total Meltdown is definitely coming — but the sky hasn’t fallen. There are no known Meltdown or Spectre exploits in the wild, and all of the hell unleashed by this month’s series of patches and re-patches and pre-appended re-re-patches primarily served as demonic theater to those of us who chose to wait.

To read this article in full, please click here

People think I’m joking when I refer to bug fixing as Microsoft’s next billion-dollar business. I’m not. This month woefully demonstrated why patching Windows has become much bigger – and more critical – than developing new versions. Microsoft’s hell-bent move to bring out new versions of Windows twice a year “as a service” makes things worse, but quality control problems dog patches to every version of Windows. Except, arguably, Windows 8.1.

In April, we’ve seen a return to two massive cumulative updates per month for all supported versions of Windows 10. The second cumulative update, with luck, fixes the bugs in the first cumulative update. Windows 7 turned into a fiery pit when it was discovered in late March that every patch to Win7 (and Server 2008R2) pushed out this year enables the Total Meltdown bug. Fortunately, by April 23, we finally saw some stability return to the process.

To read this article in full, please click here

Remember the Total Meltdown security hole? Microsoft spread the vulnerability in every 64-bit Win7 and Server 2008 R2 patch released this year, prior to March 29. Specifically, if you installed any of these patches:

• KB 4056894 Win7/Server 2008 R2 January Monthly Rollup
• KB 4056897 Win7/Server 2008 R2 January Security-only patch
• KB 4073578 Hotfix for “Unbootable state for AMD devices in Windows 7 SP1 and Windows Server 2008 R2 SP1” bug installed in the January Monthly Rollup and Security-only patches
• KB 4057400 Win7/Server 2008 R2 Preview of the February Monthly Rollup
• KB 4074598 Win7/Server 2008 R2 February Monthly Rollup
• KB 4074587 Win7/Server 2008 R2 February Security-only patch
• KB 4075211 Win7/Server 2008 R2 Preview of the March Monthly Rollup
• KB 4091290 Hotfix for “smart card based operations fail with error with SCARD_E_NO_SERVICE” bug installed in the February Monthly Rollup
• KB 4088875 Win7/Server 2008 R2 March Monthly Rollup
• KB 4088878 Win7/Server 2008 R2 March Security-only patch
• KB 4088881 Win7/Server 2008 R2 Preview of April Monthly Rollup

… your machine was left in an exposed state. Microsoft made changes to your PC that makes it easy for a running to program to look at, or modify, any data on your computer.

To read this article in full, please click here

Late last night — on a Monday, mind you — Microsoft released its second big cumulative update for Win10 version 1709. This completes the triumvirate of second cumulative updates, since last week, on the third Tuesday of the month, Microsoft released second cumulative updates for Win10 1703 and 1607. 

There’s a pattern emerging. Microsoft is now showering Win10 customers with two (sometimes more) cumulative updates a month, and they’re big. The first cumulative update contains security patches and a big hodgepodge of additional bug fixes. The first one is (usually) released on the second Tuesday of the month. The second cumulative update arrives, uh, whenever, and it contains massive amounts of bug fixes in addition to those in the first — including, if we’re lucky, fixes for the bugs introduced by the month’s first cumulative update.

To read this article in full, please click here

Reports of tech support scams jumped by 24% last year, Microsoft said, with loses by the bilked averaging between $200 and $400 each.

“Scammers continue to capitalize on the proven effectiveness of social engineering to perpetrate tech support scams,” Erik Wahlstrom, Windows Defender research project manager, wrote in a post last week to a Microsoft blog. “These scams are designed to trick users into believing their devices are compromised or broken. They do this to scare or coerce victims into purchasing unnecessary support services.”

To read this article in full, please click here