Windows

Mid-February Slated for Microsoft to Fix Virtual Machines for Windows 7

As has often been the case, Microsoft has introduced a new gotcha this month in the cumulative update for Windows 7. After installing this update, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).” This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures. Microsoft is aware of the issue and has set mid-February as a tentative time to see a fix. Stay close, we’ll keep a watchful eye out and let you know when the fix is available.

February 2019 .NET Update Contains Security Fixes for Domain Spoofing and Remote Code Execution

Many customers try hard not to have to update the .NET code for Windows. These days, some consider every Windows update as a potential timebomb, but the .NET updates have a long history of being a difficult problem child. Microsoft delivered .NET updates for February 2019 and these updates come with some fixes that may cause some to do a double-take. These may warrant some heightened attention. Here is what’s up… CVE-2019-0613 – Remote Code Execution Vulnerability This security update resolves a vulnerability in .NET Framework software if the software does not check the source markup of a file. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on by using administrative user rights,...

Microsoft Officially Ends Support for Windows 10 Mobile in 2019

Microsoft has now posted an FAQ so customers can get more information about a recent decision. According to the FAQ: As of December 10, 2019, Windows 10 Mobile users are no longer eligible to receive new security updates, non-security hotfixes, free assisted support options, or online technical content updates from Microsoft for free. Third parties or paid support programs may provide ongoing support, but it is important to recognize that Microsoft support will not publicly provide updates or patches for Windows 10 Mobile. Only device models that are eligible for Windows 10 Mobile, version 1709 are supported through the end date. For Lumia 640 and 640 XL phone models, Window 10 Mobile version 1703 was the last supported OS version and will reach end of support on June 11th, 2019. 

CVE-2019-0543 Changes How Windows PowerShell and PowerShell Core 6 WinRM Based Remoting Works

If you’re attempting to do loopback remoting for Windows PowerShell or PowerShell Core 6 after applying January security updates, you may have run into problems. Per Microsoft… The breaking change is not in PowerShell but in a system security fix that restricts process creation between Windows sessions. This fix is preventing WinRM (which PowerShell uses as a remoting transport and host) from successfully creating the remote session host, for this particular scenario. There are no plans to update WinRM. Further… The breaking change only affects local loopback remoting, which is a PowerShell remote connection made back to the same machine, while using non-Administrator credentials. Details and workaround: Windows Security change affecting PowerShell

Microsoft Delivers Out-of-Band Security Update for Internet Explorer

Microsoft has identified a vulnerability in Internet Explorer and is delivering an update today to close a remote code execution hole. CVE-2018-8653 | Scripting Engine Memory Corruption Vulnerability A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or de...

Cisco Releases December Warning About a July Bug for Windows Servers

Someone at Cisco just woke up in time for the holidays. On December 13, 2018, a Cisco Field Notice was issued to warn customers that… Multiple processes that run on a Microsoft Windows 2012 R2 server can crash or fail to start because of KB4338815.  The solution is to install KB4338831 on the affected servers. But, both updates (KB4338815 and KB4338831) are from July 2018. For those Cisco customers waiting for a fix for this, its been available since July – you just didn’t know it until now.

Microsoft Ends Its Program to Deliver Instant Fixes to Windows Problems

In a redirect from a KB article, Microsoft gives more evidence that it’s truly serious that it wants cumulative updates to be the go-to solution for updates. One page, originally titled “How to use Microsoft easy fix solutions” is now brandished in bold letters: Microsoft Easy Fix solutions are no longer supported It goes on to say… You might have tried to download a Microsoft Easy Fix solution (formerly referred to as a “Fix It”). Easy Fix solutions are no longer supported or offered for download.    

Tip: Malicious Software Removal Tool Command-line Switches

Microsoft distributes the Malicious Software Removal Tool (MSRT) through Automatic Updates once a month. MSRT is designed to find and remove threats and it can reverse the changes made by these threats. MSRT is generally released monthly as part of Windows Update but it’s also available as a standalone tool. 32-bit and 64-bit versions downloads:  Malicious Software Removal Tool The standalone tool is developed for those tasked with protecting the company’s computer assets and can be used through remote automation tools such as scripts or Configuration Manager. The tool can be configured to utilize command-line switches to alter how the tool runs. Here are the available command-line switches: /Q or /quiet =       Uses quiet mode. This option suppresses the user interface of the ...

Why is Microsoft interested in PWA’s?

In this series, Aaron answers various questions about Progressive Web Apps (PWAs) – what they are, how to create them, what you can use them for.   Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

Microsoft Delivers the First Version of its Security Servicing Criteria for Windows

In June this year, Microsoft delivered a draft copy of its very first Security Servicing Criteria for Windows. This policy document was to serve as transparent evidence on how the company will work with security researchers and customers to display the criteria used for determining when reported vulnerability will be addressed through a security update. After feedback and modifications, today, Microsoft has delivered the first version of the Security Servicing Criteria for Windows. Full doc:  Security Servicing Criteria for Windows And, as part of this release, Microsoft is also releasing the Microsoft Vulnerability Severity Classification for Windows document. That document is available for download from HERE. Looking for an awesome, no-nonsense technical conference for IT Pros, Developer...

Tip: Using PowerShell to Get the Running Windows 10 Power Plan

If you want to know the Power Plan that is running on a Windows 10 PC, use the following PowerShell query: Get-WmiObject -Namespace root\cimv2\power -Class win32_powerplan In the image example above, the Power Plan is Balanced. The following options are available: Balanced – Offers full performance when you need it and saves power when you don’t. This is the best power plan for most people. Power saver – Saves power by reducing PC performance and screen brightness. If you’re using a laptop, this plan can help you get the most from a single battery charge. High performance – Maximizes screen brightness and might increase PC performance. This plan uses a lot more energy, so your laptop battery won’t last as long between charges. Ultimate Performance –...

Tip: Windows Servicing – What Releases When

Microsoft regularly delivers updates outside of its servicing model, but its intent is to adhere to the following regimen. For a regular cadence expectation, the following is what will be delivered each month: Security-only quality update – Releases on Patch Tuesday, i.e., the second Tuesday of each month. Security monthly quality rollup – Also releases on Patch Tuesday, i.e., the second Tuesday of each month. Preview of the next month’s quality rollup – Releases on the third Tuesday of the month. This “preview” is exactly as the name suggests.  It contains those non-security fixes that will be included in the next monthly rollup. In addition to these intended updates, Microsoft can deliver new updates outside of this regimen usually to solve problems in...