More

    This month’s Windows and Office security patches: Bugs and solutions

    With a lot of the fanatical Windows fan base now circling the trough on the just-released improve to Windows 10 model 2004, it’s time for these of us who depend on steady PCs to think about putting in the May patches.While the final outlook now could be good, we’ve been via some tough patches – which you will, or could not, have observed.Unannounced Intel microcode patch triggers rebootsOn May 20, Microsoft launched one other of its ongoing collection of “Intel microcode updates,” all named KB 4497165. Ostensibly meant to repair the Meltdown/Spectre safety holes, lots of them have a historical past of issues and hassles not commensurate with the quantity of safety they supply (except you’re operating a financial institution transaction system or decrypting prime secret emails).This incarnation has confirmed comparatively benign. The principal issues:Microsoft pushed it out the Automatic Update chute (and thus triggered a reboot) with out warning anyone.
    The Knowledge Base article nonetheless doesn’t describe this specific model.
    Many machines that shouldn’t obtain the patch – together with AMD-based machines, which clearly don’t want an Intel patch – obtained it.
    If you permit your machine set to put in Automatic Updates, you get what you paid for. And then some.The 5 scary new zero-daysGiven the sensationalistic flip Windows patching has taken, I’m shocked we haven’t seen a rash of headlines, “Run for the hills! FIVE new Windows zero-days published!” But that’s what occurred late final week. Trend Micro’s Zero Defense Initiative, ZDI, revealed descriptions of 5 new Windows zero-days. Four of them are the dread Privilege Escalation Vulnerabilities. Microsoft didn’t patch them rapidly sufficient, so ZDI acted based on its conventions – waited 4 months to provide Microsoft time to repair the outlet – after which revealed “a limited advisory.”Truly tempest in teapot territory. The holes aren’t significantly gaping. In reality, they’re simply barely fascinating.The zero-day that wasn’t introducedWindows observers – particularly safety people with out a lot Windows expertise – are inclined to leap on the “OMG! There’s a zero-day you have to patch RIGHT NOW!” bandwagon. In reality, when Microsoft releases a repair for a zero-day safety gap (recognized with “Exploited = Yes” within the related CVE article), it’s exceedingly uncommon for a brand new, widespread associated safety breach to seem in brief order. Sometimes Microsoft identifies safety holes as zero-days, then with none fanfare goes again a few days later and adjustments the “Exploited” setting to “No.”I’ve searched excessive and low for “Exploited” zero-days that quickly became working, widespread malware. The worst case I discovered was the Sasser worm, which was patched, then exploited, two weeks later.That was 16 years in the past.This month noticed the scenario in reverse: Microsoft launched a patch for the CVE-2020-1048 Windows Print Spooler elevation of privilege bug. It was (and nonetheless is) marked “Publicly disclosed: No” and “Exploited: No.” Immediately after the patch got here out on Patch Tuesday, two safety researchers revealed a prolonged paper on the safety gap, full with working exploit code.Rob VandenBrink, writing on the SANS Internet Storm Center, says:“This vulnerability was actually disclosed to Microsoft by the research community, so the code to exploit it absolutely does exist and was disclosed, and a full write-up was posted as soon as the patch came out.”For some time I used to be involved {that a} fully-formed exploit was imminent. Silly me. I nonetheless haven’t seen any extensively out there menace – though the oldsters at 0patch have launched a repair for this “PrintDemon” safety gap in Windows 7.Temporary person profile bugs proceedWe’ve had issues with this for months – and Microsoft nonetheless hasn’t confirmed the difficulty, or given any hints as to its supply or repair. As I mentioned final month:“In some set of circumstances, as yet undiagnosed, the Win10 Cumulative Update installer hits a ‘race condition’ on reboot, with the user coming back up in a temporary profile. That sounds like a lot of buzz words, and it is, but the net result is that the user runs the update, reboots, and returns to a clean desktop, without their desktop customizations, while files in their customary folders (such as Documents) have disappeared.“It’s disconcerting, even if you’re savvy enough to realize you’ve been pushed into a temporary profile. The desktop customizations are still there, as are the files, but they behave as if they belong to a different user.”Yep, Microsoft is aware of all about it. Nope, they haven’t formally acknowledged – a lot much less mounted – the issue.Ongoing audio issuesIn addition to all the normal issues we’ve seen – Mayank Parmar has a well-researched record of failed installations, efficiency issues, blue screens and black screens on Windows Latest and Lawrence Abrams has a second, detailed take at BleepingComputer – I’m seeing many studies of tousled audio that could be associated to the most recent updates. Or perhaps not.AskWoody poster @LoneWolf discovered an answer for among the bugs:“This issue occurs with people who have Realtek audio; which of course, means 3/4 of those with on-mainboard audio out there. It’s likely that you had a driver update from Microsoft, and there’s an issue there. Symptoms:Your Device Manager once showed “Realtek High Definition Audio;” now it shows “Realtek(R) Audio” as a substitute.
    You additionally see in Device Manager a brand new Audio Device entitled “Nahimic mirroring device” or comparable
    Realtek’s newest driver consists of these Nahimic software program drivers for some future 3D audio enhancement (probably achieved in software program and offered by this third-party vendor). What didn’t occur with the driving force replace is that the Nahimic management panel wasn’t put in. This is a UWP utility you may get from the Microsoft Store; seek for “nahimic” and also you’ll get this app that’s a blue sq. with a squiggly white N.In my case, putting in this app and rebooting the system resolved the difficulty. Also word that Realtek has gone to a UWP utility as effectively; if you happen to don’t have this, chances are you’ll want to put in theirs from the Microsoft retailer as effectively.Sadly, Realtek’s personal newest driver obtain from their web site appears to have the identical drawback, which explains why my putting in it didn’t repair the difficulty both. I believe it’s the very same bundle Microsoft bundled of their driver updates.”(Also word @EP’s feedback on the assorted boards, chips and errors.) No manner the Nahimic app will clear up all of the audio issues on the market, however for a lot of it’s a godsend.HP’s KMODE_EXCEPTION_NOT_HANDLED Blue Screen Early this month, HP pc house owners began encountering Blue Screens that say KMODE_EXCEPTION_NOT_HANDLED. Ends up that the BSoDs had been triggered by a battle between the assist software program for HP’s OMEN collection of computer systems, and one of many latest Windows Defender updates.HP launched an replace final week known as “HP Software Component 4.1.4.3079” that appears to resolve the issue. The patch got here out via Windows Update, despite the fact that it’s listed as a driver replace. (Thx, @FAKramer.)Thumbs down for Fast StartupEarlier this week, Microsoft revealed that, “Windows updates might not be installed on your system after you shut down your computer. This behavior occurs when the Fast Startup feature is enabled. This behavior doesn’t occur when you restart your computer.”The wrongdoer, Fast Startup, intercepts your request to close down your pc and fudges issues a bit by making a backup copy of sure system information, that are used to start out the following time. As Microsoft says, “When you shut down your computer, your computer actually enters a hibernation state instead of a full shutdown.” So in case your updates require a full shutdown, chances are you’ll not get them as a result of your shutdown isn’t a shutdown.Try explaining that to a Chromebook person.Nope, it hasn’t been mounted. Microsoft says it’ll get round to fixing the issue “in a future Windows version.”Office 365 Click-to-Run bug obtained fixedYet one other bug in Office 365 Click-to-Run despatched some people operating for pitchforks. Per an nameless poster on AskWoody:“Outlook would open in tiny window slightly larger than close icon and then crash. Usual fix was deleting Outlook profile and recreating. This particular machine / user I had done that twice and the fix no longer worked. I initiated an online repair via Add Remove programs and clicking Modify in Office. The repair failed during the reinstall phase. This left the machine with no Office install. I went to Office.com and attempted new install from C2R download. It got stuck on initial download screen once launching. I rebooted and tried multiple times.“I tried office cleanup tool but all it did was say Office wasn’t installed. I got fed up and starting ripping things out myself. Deleted Office reg keys from HKCU and HKLM. Then deleted Office dir from Program Files. After all of that it seemed to install properly.”Microsoft mounted the bug the following day. No telling what number of admin-hours had been wasted.Next up: Windows 10 model 2004As anticipated, Microsoft launched the most recent Windows 10 replace. As anticipated, it’s filled with issues.For starters: If you personal considered one of Microsoft’s newest PCs – the Surface Pro 7, Surface Laptop 3, or Surface Pro X – you received’t even see the improve supplied. Microsoft has improve blocks in place for all three.Keep in thoughts that Microsoft has had 5 months to beta take a look at this newest, biggest model of Win10 – and that the customer-facing a part of Windows and the whole Surface effort report back to the identical man. That has to provide you pause.We’re following the most recent model 2004 foibles intentlySee some other issues? Hit us on AskWoody.com.

    Recent Articles

    Google Voice deserves your attention (again)

    If you'd advised me 5 years in the past that I'd sooner or later write one other article in regards to the significance of...

    The Last of Us Part 2: All 127 Artifact Locations | Digital Trends

    The Last of Us Part II has numerous collectibles, from buying and selling playing cards and cash to safes and workbenches. Out of all...

    Related Stories

    Stay on op - Ge the daily news in your inbox