Windows 10?

[Rick Danger]

Woody Leonhard has implemented his own rating chart for Windows Updates. He calls it the "MS-DEFCON System".

This week we are at MS-DEFCON 2.

Check it out for yourself at: http://www.askwoody.com/ms-defcon-system/

MS-DEFCON System

I have a rating system that lets individual Microsoft consumers know when it’s safe to install patches. I call it the Microsoft Patch Defense Condition Level, or MS-DEFCON for short. It’s modeled after the US armed forces DEFCON system.

MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.

MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.

MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.

MS-DEFCON 5: All’s clear. Patch while it’s safe.

Windows 10 doesn’t include the ability to turn off Automatic Updates. I’ll mention problems that people are having with Windows 10 patches, just so you can commiserate, but MS-DEFCON doesn’t really apply to Windows 10. At least, not until Microsoft changes its policies.

[Rick Danger]

Now Windows 10 is even bricking (or borking, take your pick) Windows Phones.

This is hardly going to convince the handful of Windows Phone users that they should stick around and either upgrade to Windows 10 Mobile or buy a brand new Windows 10 phone. Not when there are plenty of alternatives and apps available for Android Phone and iPhone platforms. And given Microsoft's announced October 6th big rollout, the timing of this latest SNAFU couldn't have been worse.

Microsoft working on fix for phones borked by Windows 10 update
By Sean Buckley | September 17th 2015 at 6:19pm
Engadget.com

When Microsoft released Windows 10 Mobile build 10536 to Insider users earlier this week, it probably didn't expect it to break user's phones. It did. Turns out,the update was only meant for certain devices, but a device check glitch allowed non-support devices to see, download and apply the new build. That's bad -- but Microsoft is trying to fix it.

@iamcadz @cherrymobilePH DO NOT INSTALL unless your phone is on the list of supported devices. Won't work and you'll need to reflash.
— Gabriel Aul (@GabeAul) September 15, 2015

This is a high priority for us to solve and have a team dedicated to it. We will let you know as soon as we have info on recovery.
— Gabriel Aul (@GabeAul) September 17, 2015

According to Microsoft's Gabriel Aul, installing the update on non-supported devices will essentially break the phone -- and the only way to fix it is to reflash back to the factory image, which most users probably don't have. There's no fix available for users who have already installed the mislabeled build, but Microsoft says it's on the case. ""We're working on repair options for the devices that were not supported but got the latest build," Aul said on Twitter. "This is a high priority for us to solve and have a team dedicated to it. We will let you know as soon as we have info on recovery." Best course of action right now? Turn off Windows Insider updates, follow @GabeAul on Twitter, and wait.

[Rick Danger]

I was able to cobble together some information about the laundry list of Optional updates I mentioned in my previous post.

While it is clear that these updates are not the "hidden" Windows 10 payload that was pushed down to Windows 7 and 8.x users, I would seriously question how many of these Updates are actually necessary. I applied none of them.

For better or worse, here's my analysis:

KB2999226 - Update for Universal C RunTime in Windows, The Windows 10 Universal CRT is a Windows operating system component that enables CRT functionality on the Windows operating system. This update allows Windows desktop applications that depend on the Windows 10 Universal CRT release to run on earlier Windows operating systems. Also Microsoft Visual Studio 2015 creates a dependency on the Universal CRT when applications are built by using the Windows 10 Software Development Kit (SDK). Installing this update on earlier Windows operating systems enables these applications to run correctly.

KB3073874 - Compatibility update for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2: September 2015 - Apparently related to MicroChip hub products. Possibility that certain applications (unnamed) may be impacted.

KB3080042 - Fixes CHM file freezes when you enter characters in Search box on the Index tab in Windows 8.1 or Windows Server 2012 R2. This happens when you enter characters in the Search box on the Index tab in a Compiled HTML Help (.chm) file in Windows 8.1, Windows RT 8.1, or Windows Server 2012 R2

KB3080800 - Access violation (c0000005)" error if the NcdAutoSetup service crashes in Windows 8.1 or Windows RT 8.1.Network Connected Devices Auto-Setup service monitors and installs qualified devices that connect to a qualified network.

KB3082353 - Windows 8.1 or Windows Server 2012 R2 hosts crash when they set up IPSec tunnel. This is used when establishing a VPN connection.

KB3084905 - Trusted Platform Module (TPM) lockout occurs unexpectedly in Windows 8.1 or Windows RT 8.1. This only would impact computers with TPM microchips and using encryption keys.

KB3087041- You can't select the first item in a list by touching in Windows 8.1. Obviously if you aren't using Windows 8.1 with a touchscreen, this has no meaning for you.

KB3087137 - Fixes Gradient rendering issue when an application has nested transformed geometries in Windows 8.1. To be blunt, I don't know what this is.

KB3087390 - Fixes Application crash with 0x8002801D error in Windows 8.1 or Windows Server 2012 R2

KB3092627 - Fixes application freeze issue related to security update 3076895. Products affected: Attachmate Secure IT File Transfer, IBM Tivoli Storage Manager, Microsoft Forefront Endpoint Protection (FEP), Symnatec Endpoint Protection Small Business Edition (Hosted only, On-Premises not affected)

[9876543210]

Just been thinking.

I'm certainly no fan of MS. Over the years they've done plenty of things to just really piss me off royally. To the point where, several years ago, I pretty much figured there would come a day when I didn't need to use Word, AutoCAD and a few other applications. And when that day came, that would be the day Windows and MS would be gone.

Until this last week I agreed with Woody Leonhard in that I really didn't believe MS would really do some of the things like forcing this Win 10 crapware down our throats. But then I saw it happening to my mom's machine and, really, I'm a bit stunned. They're really doing this! I thought people were just being alarmist.

So the big question is; why? Why are they gambling the OS division (at least) on this tactic? Are they really that short sighted and self important? They really think people won't rebel against this? Over the years I've known MS to be complete assholes and really uncaring for their customers. But this is really over the top. I'm finally beginning to understand a idea that this could be the end of MS unless they change their attitude.

Btw, I just received a Win 7 machine from a friend which I got rid of the crapware (for the time being) and which I'm installing Ubuntu on. My friend is a very casual user (she basically only uses the machine for internet, email and basic gaming for an hour a day) and can't deal with all this. She just doesn't understand.

So, granted, she's just a single user but, after doing her research, she wanted me to install Linux on her machine and will probably get rid of Windows within the next few months. And I'm sure there are millions more people making the same exact decision right now.

And MS is OK with this?

[highwayman274]

Many thanks to Rick Danger, and a435843 for their ongoing service to the VEF community on the subject of Windows 10.

For those of us who are not tech savvy, but who are currently hand-cuffed to Microsoft devices, it is important to have someone scanning and filtering the massive amount of op-ed and technical commentary flooding the media and www.

Thanks to their "heads-up" in the early pages of this thread, I was able to get rid of the two MS updates that contained the kernel for the Win10 upgrade, and also turned off the Windows automatic update feature on my Win 7 laptop, and Win 8.1 desktop. So far, so good!

At the risk of incurring the mirth and scorn of VEF subscribers to this thread, I confirm that I have now turned off the automatic update feature on my Nokia Lumia 635 cell phone; currently running Windows 8.1. I have been very happy with this device, since I am still in the cell-phone stone age in terms of utilizing apps and advanced phone features. I pretty much use it for talk and text, and seldom turn it on unless I am leaving the house.

Will continue to avoid installing updates of any kind on any device until a couple of weeks have passed, and the world has had a chance to evaluate them.

Please keep up the good work, gents!

[Rick Danger]

I am subscribing to a newsletter called Patch Management.

I received this email today. If you are having problems with Windows Apps you may find this information useful. The context is a corporate rollout where the IT team tried to remove certain apps that were not on their "Whitelist" of approved applications. This email lists Windows Updates to specific apps.

Quote:

To Patch Management Mailing List
Today at 3:26 AM

On the systems we roll-out with Win8.1 we removed some App-X package (metro app’s). We did that by removing them from the Wim image.

Now we got problems with the following packages.

Previous updates on the App-X package we removed didn’t gave error’s

We had to deside to set it to “not Approved”

KB3081397 - Provides a Windows 8.1 update that contains the latest Bing Finance app update.

KB3081403 - This update provides the latest Microsoft Bing Health & Fitness app update for computers that are forbidden to access the Windows Store.

KB3081402 - Provides a Windows 8.1 update that contains the latest Bing Maps app update.

KB3081401 - Provides a Windows 8.1 update that contains the latest Bing News app update.

KB3081399 - This update provides the latest Microsoft Bing Sports app update for computers that are forbidden to access the Windows Store.

KB3081405 - Provides a Windows 8.1 update that contains the latest Bing Weather app update.

KB3080457 - Provides a Windows 8.1 update that contains the latest Communications Apps update.

KB3081398 - Provides a Windows 8.1 update that contains the latest Bing Travel app update.

[Rick Danger]

Expect an advisory for Microsoft as seen below and another cumulative update for Windows 10

Microsoft security advisory: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge: September 21, 2015:

https://support.microsoft.com/en-us/kb/3087040

[Rick Danger]

To Patch Management Mailing List
Today at 12:21 PM
Adobe has now released a security bulletin covering Flash Player & Air

https://helpx.adobe.com/security/pro...apsb15-23.html

[Rick Danger]

If at this late date in this thread you STILL need a reason for turning off Automatic Update on your Windows machine, here we go again.

No sooner did Windows 10 users start applying the security update to Flash Player in IE 10, 11 and Edge than the Internet got lit up with reports of problems. The Patch Management mailing list has been going crazy all day.

Applying the update manually appeared to be the solution. Now I am seeing traffic that the new version of Flash Player (19.0.0.185) actually doesn't remove the older version, leaving two versions of Player installed. Also, apparently Microsoft has not provided this update to Windows 7 users, so you might need to go to the Adobe Update webpage to get this fix.

GROAN.

For your reference, here's the URL to the Adobe Flash Player Help page: https://helpx.adobe.com/flash-player...r-windows.html

Woody on Windows
By Woody Leonhard

Windows 10 Internet Explorer update KB 3087040 fails with error 0x80004005
Somebody at Microsoft should have tested the patch before releasing it, but fortunately there's an easy fix

Yesterday Microsoft rolled out a patch for Adobe Flash Player running in Internet Explorer 10 and 11 and Microsoft Edge on Windows 8.x and Windows 10 PCs. Known as KB 3087040, the patch incorporates numerous security fixes that Adobe released in Flash Player version 19.0.0.185 -- the first publicly released version of Flash Player 19.

Since IE10 and IE11 now include Flash Player, every time Adobe hiccups, IE sneezes. Apparently the same bug-infested code now resides in Edge, so it too needs to be updated.

There's one little problem with this patch: It looks like Microsoft didn't test it on Windows 10 systems. Judging by the hue and cry, I would guess that at least a third of the people trying to install KB 3087040 on their RTM Windows 10 systems (build 10240) are getting this message:

There were problems installing some updates, but we'll try again later. If you keep seeing this and want to search the web or contact support for information, this may help:

Security Update for Internet Explorer Flash Player for Windows 10 for x64-based Systems (KB3087040) - Error 0x80004005

Surprisingly, those users in the Insider Fast ring -- running Windows 10 build 10547 -- aren't seeing the patch at all. At least, that's the case on my PCs. The patch isn't offered to Windows 7 customers running Internet Explorer 10 or 11, either. I have no idea why.

If you see the error message and figure you can ignore it -- who uses IE any more, right? -- be aware that Microsoft advises that "other applications, such as Microsoft Office 2007 and Microsoft Office 2010, can invoke Adobe Flash Player in Internet Explorer."

This is 2015, yes? You'd think Microsoft would've figured out a way to block that problem half a decade ago. But what do you expect from a company that still uses hex numbers for errors.

Anyway, there's a simple workaround if you don't want to wait for Microsoft to fix its latest patching problem. Download the Windows 10 build 10240 patch (available in a 32-bit or 64-bit version) and install it manually. If there's an official Microsoft Download page for the Windows 10 patches, I can't find it.

Details about the Flash Player fixes are to be found in Adobe's Security Bulletin APSB15-23. Details on the Microsoft side are found in Security Advisory 2755801.

[Rick Danger]

This article by Woody Leonhard on the InfoWorld.com website details the latest information on Windows 10.

The article is too large to reproduce here. Here's the link:

http://www.infoworld.com/article/291...right-now.html

According to Woody:

Quote:

Build 10240 isn’t as stable as I would hope, the built-in apps are woefully underpowered, and upgrading can be a monumental pain, especially if you don’t follow Microsoft’s largely unwritten rules about transferring licenses. Rolling back to a previous version of Windows -- an option for 30 days -- usually goes well, but for some, all sorts of odd problems appear.

Looking at the fixes in the upcoming beta release (10547):

Quote:

Here's what's coming down the pike for Windows 10, based on beta build 10547, released Sept. 18, compared to build 10240, the “RTM” build released on July 29:

Start menu: Blocks of tiles on the right side of the Start menu can be organized four-wide, instead of the RTM version’s three. Start will accommodate up to 2,048 apps in the All Apps list.
Cortana: Internal changes to allow programs to show video and audio directly in Edge, without requiring plug-ins. Lots of promises, little to show for it.
Continuum and Tablet Mode: Tablet Mode lets you pack tiles a bit more densely. Change in how snap works, to make it more like Windows 8.1.
Virtual desktops and task view: No noticeable changes.
Windows Settings: Spotlight (shuffling Bing-generated pictures on the lock screen) returns, with ads sure to follow.
Other Windows apps: Numerous changes to essentially all Win10 “universal” apps. Store greatly improved, major improvements to Mail stability; Conversation view now optional; Maps has many worthwhile improvements; Photos adds separate folders for OneDrive and local photos; minor improvements to Groove and Movies & TV. For beta testers, Mail has a dark theme that puts white text on black; Maps works better. Also for beta testers: a new easy capability to turn encryption on for all messages, and for adding digital signatures

Fast forwarding to the end, Woody speaks to the primary concerns with Windows 10:

Quote:

Most Windows 10 observers still have three major concerns.

First, there’s no way to hold back a bad patch, although there is a way to remove and block a bad patch once it’s been installed, and in some cases you can hold off on all patches by using a metered connection trick.

Second, Microsoft isn’t telling us anything about the Windows 10 patches. A few of the Cumulative Updates (patches) have had links to Microsoft Security Bulletins, but other than that, there’s exactly nothing coming from Microsoft. It’s an intolerable stance which, I’m convinced, Microsoft will have to change. But how? And when?

Third, there doesn’t appear to be any way to tell Windows 10 that you don’t want to send any information about you to Microsoft’s servers. The spying -- you can call it monitoring -- bothers a lot of experienced Windows users. There are a few good articles on how to disconnect the myriad settings that pump your information to Microsoft (in particular, this one from the How to Geek, and this one from Ars Technica. But I still don’t know of any way to prevent the kind of round-the-corners leak first described by Peter Bright in Ars Technica in August.