Patch Management

Microsoft Rep Says Won’t Fix IE11 Printing Problem Introduced in Security Release

UPDATE: This issue has now been resolved. See: The Fix is in for IE11 Printing Problems After June Security Update   We let you know recently about a printing bug introduced in a Microsoft security update this month: KB4022719 Causes Internet Explorer to Print Blank Pages At the time, the reports stated it was an issue with Internet Explorer 11 in Windows 7. But, new reports show that the issue also exhibits itself in Windows 10. However, a thread on Microsoft’s developer site (https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/12349663/) takes a strange turn after a report is posted. James M from the Microsoft Edge team says this… Hello, Thank you for providing your feedback on IE11. We are not accepting feedback on Internet Explorer through this portal ...

KB4022719 Causes Internet Explorer to Print Blank Pages

UPDATE: This has now been resolved. See: The Fix is in for IE11 Printing Problems After June Security Update   This new issue is starting to track with more customers reporting the problem. Essentially, after KB4022719 is installed (the monthly rollup for Windows 7 SP1), any content that is opened in a frame in Internet Explorer fails to print. Blank pages print out when users attempt to print the content contained in the frame. Uninstalling KB4022719 solves the problems, but that shouldn’t be the ultimate solution. We’re monitoring the situation. A Microsoft answers thread has been started on the issue: Cannot print single frames, iframes, popups after KB4022719 (July 2017 update)    Additionally: Microsoft Rep Says Won’t Fix IE11 Printing Problem Introduced in Secur...

Security Update for Outlook 2016 Could Cause Email Attachment Blocking Issues

A security update release from Microsoft for Outlook 2016 comes with a clear warning… If an email message includes an attached email message, and the attached email message’s subject line ends with an unsafe file name extension as listed in the Blocked attachments in Outlook page, the email attachment will be blocked for recipients. To fix this issue, save the email message to the computer and rename its subject line so that it does not end with an unsafe file name extension. Then, attach it to the email message to be sent. So, unless you read every tidbit of every piece of information that Microsoft releases, you might have missed it. Or, as is the case most often, Microsoft tends to deliver its patches long before its guidance is actually available. However, even with this wa...

Fix for AMD Carrizo DDR4 Processor in Latest Windows 7 Monthly Rollup and How to Apply It

As part of the June 2017 Patch Tuesday, the latest Windows 7 monthly rollup finally includes a fix where an unsupported hardware notification is shown and Windows Updates not scanning, for systems using the AMD Carrizo DDR4 processor. However, the fix requires additional steps: Download KB4022719 from Microsoft update catalog. Extract the CAB file from the downloaded .msu file from step 1. Note the path where you stored the CAB file for use in step 3. Run the DISM /Online /Add-Package command to install the update: DISM.exe /Online /Add-Package /PackagePath: CAB file path from step 2.   Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!

Due to Active Exploits by Nation-state Entities, Microsoft Patches Windows XP Again

The operating system that wouldn’t die. Microsoft is faced, once again, with patching an operating system versions that are no longer in a supported state due to serious vulnerabilities currently being exploited in the wild by nefarious characters. The updates won’t be made available through any automated updating mechanism, but instead Microsoft is providing the updates as downloads for manual installation. Microsoft security advisory 4025685: Guidance for older platforms: June 13, 2017 The updates are for Windows XP, Windows Vista, Windows 8, or Windows Server 2003. Details on delivering updates for older platforms: June 2017 security update release Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Sa...

How to Block Automatic Installations of .NET Framework

Due to an issue, the Exchange team at Microsoft recently warned against installing a .NET update. Additionally, they provided steps to safely remove a .NET update and revert back to a known-good version. But, they also provided a nifty way to block future .NET Framework updates from automatically installing. Here’s the steps: Back up the registry. Start Registry Editor. To do this, click Start, type regedit in the Start Search box, and then press Enter. Locate and click the following subkey: HKEY_LOCAL_MACHINE\Software\Microsoft\NET Framework Setup\NDP After you select this subkey, point to New on the Edit menu, and then click Key. Type WU, and then press Enter. Right-click WU, point to New, and then click DWORD Value. Type BlockNetFramework47, and then press Enter. Right-click Block...

Office Non-Security Update Releases for May 2017

Its the first week of the month, so Microsoft has delivered its first set of monthly updates – but they were overshadowed a bit by the big Education announcement event in NYC. The first week of each month is generally set aside for Office bug fix updates – with the second week of the month for security fixes. Here’s the updates available now for Office… Office 2010 Update for Microsoft Office 2010 (KB3128031) Update for Microsoft Outlook 2010 (KB3191906)   Office 2013 Update for Microsoft Excel 2013 (KB3191877) Update for Microsoft Outlook 2013 (KB3191889) Update for Microsoft PowerPoint 2013 (KB3191871) Update for Microsoft Project 2013 (KB3191878) Update for Microsoft Visio 2013 (KB3178711) Update for Skype for Business 2015 (KB3191873) Update for Skype for B...

Microsoft to Deliver Monthly Non-security Cumulative Updates for Windows 10 Creators Update

With Windows 10, Microsoft moved a cumulative update (CU) model where all security fixes are bundled together and delivered during Patch Tuesday, but these security CUs also contained other fixes. Michael Niehaus has now revealed on his blog (New Update Options for Windows 10 1703) that Microsoft will be separating security fixes from general improvement fixes and delivering each as separate CUs. So, now instead of an all or nothing scenario, customers can choose to deploy security patches and then deliver non-security CUs later. In WSUS, these will also be labeled separately as Security Updates and just Updates. Michael says this will give organizations the flexibility of choice to… Deploy each of them just like the updates on “Update Tuesday.” This enables the organization’s PCs to...

Microsoft Security Response Center PowerShell Module

The Microsoft Security Response Center module gets Microsoft Security Update details and CVRF (Common Vulnerability Reporting Format) documents in either JSON or XML. This module calls the MSRC API (api.msrc.microsoft.com) which requires an API key from: https://portal.msrc.microsoft.com Download: MsrcSecurityUpdates Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!

Microsoft Hears Customer Complaints, Rolling Out Updates to Security Update Guide

When Microsoft decides to make changes in the way it disseminates important information to customers – particularly when that information was a trusted source for security – customers get angry. Such is the case with Microsoft’s recent changes to how it distributes security update information. In November of last year, Microsoft announced that it would end how it distributed security patch information. The company said that it would stop using the old format and would migrate to the new Security Updates Guide which is located here: https://portal.msrc.microsoft.com/en-us/security-guidance Many in the customer community have complained about this change. Some have started to petition the software company to bring back the old ways of supplying information. If a recent anno...

Understanding and Implementing Patch Management

Learn various best practices and common questions associated with Patch Management. See a live demo in action of setup, configuration, as well as testing and deployment phases. Understanding and Implementing Patch Management from Team Cireson on Vimeo. Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!

April .NET Update Breaks PowerShell’s Stop-Computer Command

This issue is currently tracking, but those that applied the .NET update for April 2017 can no longer issue a stop-computer command (used to shutdown the computer) in PowerShell. This happens both when run as a non-administrator or using administrator credentials. A workaround is offered here: https://superuser.com/questions/1199285/stop-computer-privilege-not-held The issue is being investigated by Microsoft and, if this affects you, you are asked to open a support case. Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!