Woody Leonhard

About the Author Woody Leonhard


Windows, Meltdown and Spectre: Keep calm and carry on

I’m increasingly skeptical of security holes that have their own logos and PR campaigns. Yesterday’s sudden snowballing of disclosures about two groups of vulnerabilities, now known as Meltdown and Spectre, has led to enormous numbers of reports of varying quality, and widespread panic in the streets. In the case of Intel’s stock price, that’s more like blood in the streets.

While it’s true that both vulnerabilities affect nearly every computer made in the past two decades, it’s also true that the threat — especially for plain-vanilla Windows users — isn’t imminent. You should be aware of the situation, but avoid the stampede. The sky isn’t falling.

To read this article in full, please click here

Read more 0 Comments

High-demand tasks for the Surface Book 2 swamp a plugged-in battery

Mark Coppock at Digital Trends has just published the results of a series of tests that he ran on Microsoft’s flagship Surface Book 2. Running Destiny 2 at high resolution/frame rate, or Adobe Premiere Pro CC 2018 video editing app, caused the battery indicator to drop, even though the SB2 was plugged into the wall and fully charged.

Says Coppock:

The power supply on the 15-inch Surface Book 2 holds it back from being the portable workstation it seems to be at first glance … the Surface Book 2 15-inch comes with a 95-watt power supply. The notebook’s components, however, can consume more power than that when they’re running at full speed.

To read this article in full, please click here

Read more 0 Comments

Time to install Microsoft patches, except KB 4054517 for Win10 Fall Creators Update

December has brought a few surprises in Windows PatchLand, but by and large, the coast is clear. “Clear,” that is, unless you made the mistake of installing the Win10 Fall Creators Update, version 1709 (or got pushed into it), before the nominal four-month testing period lapsed.

In broad terms, it’s safe to install this month’s Windows and Office patches, unless you’re using Win10 1709, although there are a few obscure gotchas that may bite you if you’re using Win7 with encrypted fileshares, or Active Directory app login. For those who installed Win10 1709 before letting the unpaid beta testers skate out on Crait, there’s very little reason to install this month’s security patches, as long as you don’t use Internet Explorer or Edge. Which, if the statistics are to be believed, you probably don’t.

To read this article in full, please click here

Read more 0 Comments

Microsoft confirms stalled downloads, bogus errors in Win10 FCU update KB 4054517

Microsoft has just fessed up to a couple of the known bugs in this month’s Win10 version 1709 cumulative update, KB 4054517 – in particular, the stall at 99% download, and the completely bogus warning that the patch had failed to install with error 0x80070643. Sadly, several other problems with KB 4054517 have not been acknowledged. Yet.

In addition, we have new mea culpas for the November Patch Tuesday security update for Excel 2016, KB 4011220, which throws a “Cannot run the macro” warning, and for this month’s Patch Tuesday security fix for Microsoft Exchange, KB 4045655.

As usual, I’m seeing reports thatMicrosoft tech support staff don’t know about the problems, haven’t read the KB articles, and are recommending that people re-install Windows.

To read this article in full, please click here

Read more 0 Comments

Microsoft Patch Alert: Few problems in December, unless you’re running Win10 version 1709

It’s hard to remember the last time we had a Patch Tuesday as inoffensive as this month’s. February 2017 comes to mind — but then again, we didn’t have a Patch Tuesday in February, as Microsoft called it off.

Part of the reason for the relatively easy going this month, I’m convinced, is the lack of attention showered on Windows 7 and earlier versions of Windows 10 (including the Fall Creators Update, version 1703, which has become more-or-less fully baked and remains my version of choice). Aside from a few lackluster security patches, the December update for Win10 1607 fixed the “CDPUserSvc_XXXX has stopped working” bug introduced in a security patch two months ago, and the rest is largely routine.

To read this article in full, please click here

Read more 0 Comments

Office as a malware delivery platform: DDE, Scriptlets, Macro obfuscation

I, for one, thought that Office-based malware reached its zenith in the late 1990s, with the likes of Melissa. Sure, we’ve seen macro-based pain-in-the-neckware over the past two decades, including some macro malware that specifically attacks Macs, but by and large, Word, Excel and, to a lesser degree, PowerPoint now throw warning dialogs into the middle of just about any attack. Those with malevolent intent have moved on to greener fields.

To read this article in full, please click here

Read more 0 Comments

New patch KB 4057291 fixes last month’s buggy Radeon driver 22.19.128.0

I don’t know why Microsoft insists on pushing buggy driver patches out Windows Update, but we saw another one late last month. Folks running Windows 10 on PCs with older Radeon video cards who had Automatic Update enabled got trashed. They found that their monitors could no longer display resolutions higher than 1,280 x 1,024, and that multi-monitor hookups would only mirror each other.

The cause? A buggy driver identified by Windows Update as “Advanced Micro Devices, Inc. – Display – 7/25/2017 12:00:00 AM – 22.19.128.0.” There’s a lengthy discussion about the driver transgressions on the Microsoft Answers forum, and another on the AMD forum.

To read this article in full, please click here

Read more 0 Comments

Win10 FCU December patch KB 4054517 fails big time

Some subset of users of Windows 10 Fall Creators Update, version 1709, report persistent bugs with this month’s Patch Tuesday missive, KB 4054517. Many of those reporting problems are using recent Surface devices. Microsoft has not acknowledged any problems. Official sites only offer the old “Gawrsh, you need to Restore/Restore/Reinstall” pabulum — and it doesn’t help.

What kinds of problems? They run quite a gamut. @jwhiz56 reports on AskWoody:

This KB installed on my MS Surface Pro 3, my HP HPDV8T laptop but refuses to install on my 2017 Surface Pro (purchased just before Thanksgiving). I’ve reset it multiple ways (the OS) and the update either sits at 99% downloaded, or it fails on installation. my C:\windows\logs\CBS directory eats up ALL of my disk free space. I’ve tried all hints/suggestions on the Microsoft forums related to this KB. when I downloaded the standalone version for my computer x86/windows 10, it says it’s not applicable to my computer.

To read this article in full, please click here

Read more 0 Comments

Microsoft’s December Patch Tuesday a real yawner, so far

Microsoft released its Patch Tuesday passel a couple of hours ago, and it looks like we can all go home and enjoy some eggnog. There were two fixed vulnerabilities for Win7, and two for Win 8.1, and the (five) supported Win10 versions had three fixes apiece, all of them bundled into cumulative updates.

There were no “critical” patches for Windows this month, although Internet Explorer with 13 patched vulnerabilities (9 critical) and Edge with 13 vulnerabilities (12 critical) should certainly turn your head. Assuming you still use either or both. Not many folks do.

To read this article in full, please click here

Read more 0 Comments

It’s time: Make sure Windows Auto Update is turned off

It’s time to make sure your computer is locked down. If history is any indication, we’re going to be in for a rocky ride over the next week or two.

In September, folks who were set to update Windows automatically were greeted by Word docs and Excel spreadsheets that wouldn’t display merged cells, switched languages and intentionally broke one-click printing on custom forms. In October, admins who let patches go through automatically were greeted by oceans of blue screens and failures in Microsoft’s own Dynamics CRM. Last month, every version of Windows was hit with a patching bug that blocked Epson dot matrix printers — and those who had told Win10 Creators Update to wait to upgrade found themselves “accidentally” upgraded to Win10 Fall Creators Update, version 1709.

To read this article in full, please click here

Read more 0 Comments

Microsoft quietly repairs Windows Defender security hole CVE-2017-11937

Many malware researchers were surprised to find an unexpected patch on their machines yesterday. It didn’t arrive through the front door — Windows Update wasn’t involved. Instead, the new version of mpengine.dll arrived automatically, around the back, even if you have Windows Update turned off.

This vulnerability is particularly nasty. If the Malware Protection Engine scans a jimmied file, the file can take over your computer and run whatever it wants. Since the MPE routinely runs all the time, in the background, that means a bad file could infect your computer in myriad ways. To quote Microsoft’s Security Vulnerability notice:

To read this article in full, please click here

Read more 0 Comments

Windows Update for Win7 broken, throwing error 80248015

Reports are piling in from afar that Windows Update in Win7 is broken. My first sighting was late Sunday afternoon, when KarenS posted on the AskWoody Lounge:

When I clicked on the Windows Update icon today to start the updates it said that my computer was up to date and that there were no updates available which I know was not the truth because I hadn’t installed any of the [recent ones]

KarenS reported that the machine would only regurgitate the message shown in the screenshot.

win7 no updateWoody Leonhard/IDG

There was an attempt to isolate the problem on KarenS’s computers, to no avail — the update service was working fine.

To read this article in full, please click here

Read more 0 Comments

Retro Start menu star Classic Shell heads out to pasture

Hundreds of millions of downloads just doesn’t cut it, apparently. Ivo Beltchev, who first released the Start Menu replacement in 2009, has decided it just isn’t worth the effort any more. Yesterday he posted this on his official web blog:

After months of deliberation, I have decided to stop the development of Classic Shell…

There were few factors that led to my decision:

1) Lack of free time.

2) Windows 10 is being updated way too frequently

3) Each new version of Windows moves further away from the classic Win32 programming model… The new ways things are done make it very difficult to achieve the same customizations

To read this article in full, please click here

Read more 0 Comments

Reports of IE 11 failing to start linked to icon font size

Throughout history, there have been a million reasons why Internet Explorer won’t start: You click on the icon in the taskbar, and nothing happens. Thanks to some stellar sleuthing by @PKCano on AskWoody, it now appears that there’s an identifiable cause for some of the failures. If you’ve recently installed any of the Win 7 or 8.1 Monthly Rollups from September onward and you can’t get IE to start, check your icon font size. Yes, you read that right.

Earlier this week I received an email from reader JB:

Have you heard of or seen an issue with Internet Explorer 11 crashing when the cumulative update for the Win 7 OS KB4048957 is installed? (not the IE patch mind you – the OS cumulative patch. Weird right?)

To read this article in full, please click here

Read more 0 Comments

Reports of IE 11 failing to start linked to font size

Throughout history, there have been a million reasons why Internet Explorer won’t start: You click on the icon in the taskbar, and nothing happens. Thanks to some stellar sleuthing by @PKCano on AskWoody, it now appears that there’s an identifiable cause for some of the failures. If you’ve recently installed any of the Win 7 or 8.1 Monthly Rollups from September onward and you can’t get IE to start, check your icon font size. Yes, you read that right.

Earlier this week I received an email from reader JB:

Have you heard of or seen an issue with Internet Explorer 11 crashing when the cumulative update for the Win 7 OS KB4048957 is installed? (not the IE patch mind you – the OS cumulative patch. Weird right?)

To read this article in full, please click here

Read more 0 Comments

Get November Windows and Office updates installed — carefully

The list of complaints about this month’s patches goes on forever. I covered the high points a couple of days ago. We’ve seen people who are running Win10 Creators Update and who specifically said they didn’t want to upgrade to Fall Creators Update get pushed into an upgrade anyway. Those using Epson dot matrix or POS printers lost them for a couple of weeks. Add to that a heaping handful of hooey and there were enough problems to keep most Windows customers shaking their heads. Or quaking in their boots.

To read this article in full, please click here

Read more 0 Comments

Microsoft Patch Alert: November’s forced upgrades, broken printers and more

There are so many issues with this month’s security patches that it’s hard to decide where to begin. Let’s start with the problems that have been acknowledged, then move into the realm of what’s not yet fully defined.

Forced upgrades

Many users have remarked about how much the forced 1703-to-1709 Windows 10 upgrades feel like Microsoft’s detested forced upgrades from Win 7 and 8.1 to 10 – the “Get Windows X” campaign. Although the situation’s different on the surface, the net result is the same. Many people who were happily using Windows 10 Fall Update – version 1703 – were forcibly upgraded this month to the Fall Creators Update – version 1709 – even on systems that were not supposed to be upgraded.

To read this article in full, please click here

Read more 0 Comments

HP stealthily installs new spyware called HP Touchpoint Analytics Client

Hard to imagine in this age of privacy scandals, but HP is installing a telemetry client on its customers’ computers — and it isn’t offering any warning, or asking permission, before delivering the payload.

Dubbed “HP Touchpoint Analytics Service,” HP says it “harvests telemetry information that is used by HP Touchpoint’s analytical services.” Apparently, it’s HP Touchpoint Analytics Client version 4.0.2.1435.

There are dozens of reports of this new, ahem, service scattered all over the internet. According to Günter Born, reports of the infection go all the way back to Nov. 15, when poster MML on BleepingComputer said:

To read this article in full, please click here

Read more 0 Comments