windows

One week after Patch Tuesday, and would-be Windows Updaters are facing a handful of bugs. Some will find them minor annoyances. Others … not so much. Here are the known bugs, and where we stand in the struggle to resolve the problems.

Worthy of note: Microsoft is now acknowledging many bugs that in the past would’ve gone without comment. There’s hope.

Here are the known, significant buggy security patches:

• Windows 10 Anniversary Update, version 1607 – Cumulative update KB 4034658 wipes out Update History, unhides hidden updates, and effectively disconnects some updated computers from WSUS. Microsoft has acknowledged all three of those bugs in the KB 4034658 article with the usual “Microsoft is investigating this issue and will provide an update as soon as possible.”
• The first undocumented buggy driver this month for the Surface Pro 4, “Surface – System – 7/21/2017 12:00:00 AM – 1.0.65.1,” was released on August 1. It was replaced by a second driver “Surface – System – 7/31/2007 12:00:00 AM – 1.0.75.1” on August 4. The second one was documented. But then we saw four more undocumented Surface Pro 4 drivers — “Intel driver update for Intel(r) Dynamic Platform and Thermal Framework Generic Participant,” “Power Participant,” Processor Participant” and “Manager” — all released on Saturday, August 12. Sometime late on August 14, Microsoft posted information about two of the drivers.
• Both the Windows 7 August Monthly rollup KB 4034664 and the manually installed security-only patch KB 4034679 are causing problems with two-screen systems: The second screen starts showing gibberish with many applications, including Office. The problem has been widely reported — even replicated with a Proof of Concept program — but Microsoft hasn’t yet acknowledged it.
• The only bug reported by Microsoft in its August Windows 7 security patches is an old bug, continuing from July, in which a buggy LDAP plugs up TCP dynamic ports. That bug hasn’t been fixed.
• The Windows 8.1 Monthly rollup listing mentions a known bug: NPS authentication may break, and wireless clients may fail to connect. The solution is to manually set a registry entry on the server.

Dozens of patches were made to Office earlier this month but, so far, I’m not aware of any bugs.

To read this article in full or to leave a comment, please click here

Microsoft has added rapid reaction to a year-old subscription service that will automatically shut down accounts – logging a user out of all managed apps and services, including those delivered by a third-party – at the first hint of suspicious activity.

The new feature in Cloud App Security (CAS), a security service launched in August 2016, collaborates with Azure Active Directory (AAD), another subscription service, to automatically bump off users behaving unusually and shut down accounts suspected of having been hijacked. CAS is built, at least in part, on technology Microsoft acquired in 2015 when it bought the Israeli cloud security vendor Adallom for $250 million.

To read this article in full or to leave a comment, please click here

It’s still much too early to tell if we’re going to have problems with this month’s Patch Tuesday trove, but one irksome bug has cropped up with the Win10 Anniversary Update cumulative update, KB 4034658 — the one that brings Win10 version 1607 up to build 14393.1593.

When you install KB 4034658, the installer wipes out your Update History (see before and after screenshots).

Woody Leonhard/IDG

We’ve had tons of problems with Automatic Update patches so far this year. If you’ve followed along here, you’ve seen them roll out in real time. With Patch Tuesday coming tomorrow, now is an excellent time to make sure that you have Automatic Update turned off on all of your machines.

What kinds of problems? No patches at all in February, except a surprise late IE/Edge patch for Flash. In March, we got the Win10 patch that broke Microsoft’s Dynamics CRM 2011. In April, there were a host of problems, especially with the .Net patches. Then in June, we saw 16 bad Office security patches roll out of Automatic Update chute, and an IE patch that broke iFrame printing. Last month, Surface Pro 4 customers were treated to a rogue driver patch that broke Windows Hello.

To read this article in full or to leave a comment, please click here