Jump to content

Search the Community

Showing results for tags 'windows'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 720 results

  1. JayDee

    Windows 10 Reactivation

    Hello, I recently bought a Lenovo laptop with no operating system. I bought a Windows 10 Home license (v1803), installed it and activated it on my Lenovo. My question is the following. If I perform a clean installation using a bootable usb containing Windows 10 Home (v1903), does my windows activates automatically when connected to the internet or does it ask me to enter the activation code again to activate ? Thank you
  2. All Windows users should update immediately as ‘Complete Control’ hack is confirmed The tool is available on Dark Web for free A couple of weeks back, researchers from cybersecurity firm Eclypsium revealed that almost all the major hardware manufacturers have a flaw that can allow malicious applications to gain kernel privileges at the user level, thereby gaining direct access to firmware and hardware. The researchers released a list of BIOS vendors and hardware manufacturers which included Toshiba, ASUS, Huawei, Intel, Nvidia and more. The flaw also affects all the new versions of Windows which includes Windows 7, 8, 8.1 and Windows 10. While Microsoft has already released a statement confirming that Windows Defender is more than capable of handling the issue, they didn’t mention that users need to be on the latest version of Windows to take benefit of the same. For older versions of Windows, Microsoft noted that it will be using HVCI (Hypervisor-enforced Code Integrity) capability to blacklist drivers that are reported to them. Unfortunately, this feature is only available on 7th generation and later Intel processors; so older CPUs, or newer ones where HCVI is disabled, require the drivers to be manually uninstalled. If this wasn’t enough bad news, hackers have now managed to use the flaw to exploit the users. Remote Access Trojan or RAT has been around for years but recent developments have made it more dangerous than ever. The NanoCore RAT used to sell on Dark Web for $25 but was cracked back in 2014 and the free version was made available to the hackers. After this, the tool got sophisticated as new plugins were added to it. Now, researchers from LMNTRX Labs have discovered a new addition that allows hackers to take advantage of the flaw and the tool is now available for free on the Dark Web. In case you were underestimating the tool, it can allow a hacker to remoting shutdown or reboot the system, remotely browse files, access and control the Task Manager, Registry Editor, and even the mouse. Not only that, but the attacker can also open web pages, disable the webcam activity light to spy on the victim unnoticed and capture audio and video. Since the attacker has full access to the computer, they can also recover passwords and obtain login credentials using a keylogger as well as lock the computer with custom encryption that can act like ransomware. The good news is that NanoCore RAT has been around for years, the software is well known to the security researchers. LMNTRX team (via Forbes) broke down detection techniques into three main categories: T1064 – Scripting: As scripting is commonly used by system administrators to perform routine tasks, any anomalous execution of legitimate scripting programs, such as PowerShell or Wscript, can signal suspicious behaviour. Checking office files for macro code can also help identify scripting used by attackers. Office processes, such as winword.exe spawning instances of cmd.exe, or script applications like wscript.exe and powershell.exe, may indicate malicious activity. T1060 – Registry Run Keys / Startup Folder: Monitoring Registry for changes to run keys that do not correlate with known software or patch cycles, and monitoring the start folder for additions or changes, can help detect malware. Suspicious programs executing at start-up may show up as outlier processes that have not been seen before when compared against historical data. Solutions like LMNTRIX Respond, which monitors these important locations and raises alerts for any suspicious change or addition, can help detect these behaviours. T1193 – Spearphishing Attachment: Network Intrusion Detection systems, such as LMNTRIX Detect, can be used to detect spearphishing with malicious attachments in transit. In LMNTRIX Detect’s case, in-built detonation chambers can detect malicious attachments based on behaviour, rather than signatures. This is critical as signature-based detection often fails to protect against attackers that frequently change and update their payloads. Overall, these detection techniques apply for organizations and for personal/home users, the best thing to do right now is to update every piece of software to make sure it’s running on the latest version. This includes Windows drivers, 3rd party softwares and even Windows Updates. Most importantly, don’t download or open any suspicious email or install any 3rd party software from an unknown vendor. Source: All Windows users should update immediately as ‘Complete Control’ hack is confirmed (MSPoweruser)
  3. Manual Online KMS Activation for Windows, Server & Office Thanks to @november_ra1n Info: KMS Activation last 180 days set by Microsoft however after 180 days you can repeat the activation to gain another 180 days and so on forever. : ) PS: KMS Activation will be succeeded as long as KMS Server Host Address are still online see alternative Working Online KMS servers end of the text.... ====================================================================================== A) Windows & Server Activation: Windows <Type here to search> look for Command Prompt and (Right click and run as administrator) #Keep the Internet Connection on during activation!# 1. Install KMS Client Setup Key according to your Windows: slmgr /ipk <KMS Client Setup Key> NOTE: All Windows & Server KMS Client Setup Keys there (Make sure use right key according to your Windows Edition!): https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj612867(v=ws.11) or https://docs.microsoft.com/en-us/windows-server/get-started/kmsclientkeys 2. Run the following command to point Windows to the KMS server: cscript slmgr.vbs /skms kms.digiboy.ir 3. Run the following command to activate Windows: cscript slmgr.vbs /ato 4. Clear the name of KMS server (Optional) slmgr /ckms 5. Finally to find out & display your license information: cscript slmgr.vbs -dli ====================================================================================== Microsoft Office (2016, 2013, or 2010) Activation: NOTE:Unlike Windows for Office you need Volume License Edition to order to activate via KMS! Download Microsoft Office 2016 Volume License ISO [Original from VLSC]: http://bit.ly/2GLb5yY Windows <Type here to search> look for Command Prompt and (Right click and run as administrator) #Keep the Internet Connection on during activation!# 1. Set KMS Host... x64: cscript "%ProgramFiles%\Microsoft Office\Office16\ospp.vbs" /sethst:kmshostaddress x86 installed in Win x64: cscript "%ProgramFiles(x86)%\Microsoft Office\Office16\ospp.vbs" /sethst:kms.digiboy.ir Note:(Office14 = Office 2010; Office15 = Office 2013; Office16 = Office 2016) 2. Request Activation x64: cscript "%ProgramFiles%\Microsoft Office\Office16\ospp.vbs" /act x86 installed in Win x64: cscript "%ProgramFiles(x86)%\Microsoft Office\Office16\ospp.vbs" /act 3. Clear KMS Host (Optional) x64: cscript "%ProgramFiles%\Microsoft Office\Office16\ospp.vbs" /remhst x86 installed in Win x64: cscript "%ProgramFiles(x86)%\Microsoft Office\Office16\ospp.vbs" /remhst 4. Check Activation Status x64: cscript "%ProgramFiles%\Microsoft Office\Office16\ospp.vbs" /dstatus x86 installed in Win x64: cscript "%ProgramFiles(x86)%\Microsoft Office\Office16\ospp.vbs" /dstatus Note: All Office KMS Client Setup Keys can be find it there: http://sapsan.wclub5.com/archives/1230 ====================================================================================== Alternative Working Online KMS servers: kms.digiboy.ir kms.lotro.cc cy2617.jios.org kms.chinancce.com k.zpale.com m.zpale.com mvg.zpale.com kms.shuax.com ======================================================================================
  4. Cauptain

    Visual Subst 2.0

    VISUAL SUBST 2 Map Virtual Drives Easily, Reduce Long Paths to Just One Letter with Visual Subst Visual Subst is a small tool that allows you to associate the most accessed directories with virtual drives. It solves three main issues with the built-in 'subst' command: it seamlessly creates drives for elevated applications, adds editable drive labels and restores drives after reboots. Also, Visual Subst makes it easier to create, edit and remove virtual drives in a GUI way. Features: Homepage: https://www.ntwind.com/software/visual-subst.html Download Page: https://www.ntwind.com/download/VSubst_2.0-setup.exe Medicine: waiting for a great soul
  5. The Witcher: Enhanced Edition" for Windows PC Get it for free: 1) First create an account on GOG.com, then 2) Go to https://www.playgwent.com/?pp=4b1a62d54f5d635ceffa0118244d63e07779e04a download GOG Galaxy and add GWENT card game to your library (whic is also free), then 3) Go to https://www.gog.com/gwent-welcome-bonus?pp=4b1a62d54f5d635ceffa0118244d63e07779e04a Subscribe and claim your free Witcher Enhanced Edition for Windows PC free.
  6. Critical Windows 10 Warning: Millions Of Users At Risk Millions of Windows 10 users at risk of compromise as critical vulnerability is revealed at DEF CON 27 Getty As the Black Hat security conference comes to an end in Las Vegas, so the DEF CON hacker convention begins. It didn't take long for the first critical warnings for Windows users to emerge as a result. This one is particularly worrying as, according to the Eclypsium researchers who gave the presentation, the issue applies "to all modern versions of Microsoft Windows," which leaves millions of Windows 10 users at risk of system compromise. What did the researchers reveal? In a nutshell, the researcher found a common design flaw within the hardware device drivers from multiple vendors including Huawei, Intel, NVIDIA, Realtek Semiconductor, SuperMicro and Toshiba. In total, the number of hardware vendors affected runs to 20 and includes every major BIOS vendor. The nature of the vulnerability has the potential for the widespread compromise of Windows 10 machines. Eclypsium’s research team were investigating how insecure drivers can be abused to attack a device and gain a foothold on the system it is part of. "Drivers that provide access to system BIOS or system components for the purposes of updating firmware, running diagnostics, or customizing options on the component," the researchers stated during their presentation, "can allow attackers to turn the very tools used to manage a system into powerful threats that can escalate privileges and persist invisibly on the host." The drivers were found to have design flaws that enable what are meant to be "low-privilege" applications to be used by a threat actor in such a way as to potentially compromise parts of the Windows operating system that should only be accessible by "privileged" applications. That includes the Windows kernel at the very heart of the operating system. Certified for trust The dangerous escalation of privileges problem, giving an attacker read and write access at the same level as the kernel, becomes more problematical when you realize the level of trust that can be exploited here. These were not "rogue" drivers, but officially sanctioned ones. They were all from trusted vendors, all signed by trusted certificate authorities and all certified by Microsoft. As the drivers are designed specifically to update firmware, the seriousness of the issue becomes very apparent, very quickly. The flawed drivers not only provide the mechanism to make these changes but also the privileges to do so. If a threat actor can manipulate this combination of bad coding and signed certification, well, the outcome isn't going to look pretty. The researchers stated that there are "multiple examples of attacks in the wild that take advantage of this class of vulnerable drivers." Examples provided included the Slingshot APT campaign which installs a kernel rootkit and "LoJax malware" that installs malicious code in device firmware that can even survive a full Windows reinstallation. Has the problem been fixed yet? Mickey Shkatov, a principal researcher at Eclypsium, told ZDNet that "Some vendors, like Intel and Huawei, have already issued updates." Others, which are independent BIOS vendors, like Phoenix and Insyde, "are releasing their updates to their customer OEMs," Shkatov said. The Eclypsium research reveals that the security issue applies to "all modern versions of Microsoft Windows," and "there is currently no universal mechanism to keep a Windows machine from loading one of these known bad drivers." That said, group policies for Windows Enterprise, Pro and Sever could provide a degree of mitigation to "a subset of users," the researchers stated. The full list of vendors that have issued updates, which you should install as soon as possible, can be found here. What has Microsoft said? A Microsoft statement said, "In order to exploit vulnerable drivers, an attacker would need to have already compromised the computer. To help mitigate this class of issues, Microsoft recommends that customers use Windows Defender Application Control to block known vulnerable software and drivers." As well as turning on memory integrity for capable devices in Windows Security, Microsoft also recommended using Windows 10 and the Edge browser "for the best protection." Source: Critical Windows 10 Warning: Millions Of Users At Risk (Forbes)
  7. Operating systems are dwindling towards irrelevance, and that’s no bad thing When PC Pro was born nearly 25 years ago, it didn't start life under that name: It entered the world as Windows Magazine. Magazines gathered in little tribes. There was PC Pro, PC Magazine, Computer Shopper and several others all vying for the Windows users, and then there were MacUser and MacFormat trying to tempt the Macolytes. Later on, the Linux mags came along, once the writers had managed to unjam their beards from the printer. There wasn't – with the possible exception of the ultra-snobby Wired – one magazine that served all those audiences, because why would they? What would a Mac owner want to know about the new advances in Windows 98? It just didn't compute. A quarter of a century later, the operating system is on the brink of irrelevance. Nothing much is defined by the OS that you use. You could be running macOS, Windows, Android or iOS, even desktop Linux, and to a large extent your day-to-day work would be unaffected. Files flow freely from one OS to another with compatibility rarely raising its ugly head. Computing's tribes have never rubbed along so harmoniously. This outbreak of peace has had a dramatic effect on the computing landscape, and nowhere more so than at Microsoft. The company's mantra used to be "Windows everywhere"; now it's getting harder to find mention of Windows anywhere. New Windows releases used to be huge staging posts, now they're little more than blog posts. The recent Build conference, once the place where we tech journalists flocked to get a full day's advanced briefing on all the new features in the next version of Windows, barely made mention of the W word, according to those who were there. Microsoft's embrace of Linux and its conversion to the Chromium engine for the Edge browser are based on a realisation that Microsoft failed to grasp for too long: despite those billion or so users, the world doesn't revolve around Windows anymore. It's hard to think of anything but niche software packages that could survive by chaining themselves to a single OS anymore. In the process of researching and writing this column, I've gone from Word on my Windows laptop to finishing it off on the train using Word on my iPad Pro. I read the background articles using Chrome on my Android phone, clipped quotes and notes to OneNote mobile, which I've accessed on the other platforms, and saved the copy itself in Dropbox. Had any of these applications or services been tied to a particular OS, I wouldn't be using them. Twenty years ago, Sun boss Scott McNealy used to lose his rag at every press conference when asked about Windows. "Who cares about operating systems?" he would bellow. "Nobody knows what operating system is running inside their car or their mobile phone," he would argue, in the days before iOS and Android were even conceived. They were, to his mind, an irrelevance. He was wrong at the time, but he would be entitled to say "I told you so" if he were still around to swagger into press conferences now. The OS is dwindling in importance. Like a good football referee, you barely notice it's there at all. Even Microsoft has sussed that the operating system just has to get out of the way, which is why it's worked hard to reduce unwanted interruptions from security software and the dreaded Windows Update. To use the favourite phrase of a former editor, Windows has learned to "just deal with it". While a small part of me misses the tribalism and the pub banter with the smug Mac brigade (they probably had reason to be smug, truth be told), the "anything for an easy life" part of me is relieved. I can pick up almost any device and be confident that it will let me get on with the day job. Only a few specialist apps are tied to a particular machine. Windows doesn't really matter any more – it's a good job we changed PC Pro's name all those years ago. Source
  8. Windows goes from cornerstone to just another building block for Microsoft in latest 10-K report Microsoft signified its expansion beyond the flagship operating system, after making a subtle change to their 2019 Form 10-K report; in which a longstanding reference that described Windows 10 as “the cornerstone” of its ambition to make computing more personal, has been removed. Windows 10 is the cornerstone of our ambition, providing a foundation for the secure, modern workplace, and designed to foster innovation through rich and consistent experiences across the range of existing devices and entirely new device categories The report was made public on Thursday in a U.S. Securities and Exchange Commission filing, and now includes language that more broadly describes the context of Windows: We strive to make computing more personal by putting users at the core of the experience, enabling them to interact with technology in more intuitive, engaging, and dynamic ways. In support of this, we are bringing Office, Windows, and devices together for an enhanced and more cohesive customer experience. Windows 10 continues to gain traction in the enterprise as the most secure and productive operating system. It empowers people with AI-first interfaces ranging from voice-activated commands through Cortana, inking, immersive 3D content storytelling, and mixed reality experiences. Windows also plays a critical role in fueling our cloud business and Microsoft 365 strategy, and it powers the growing range of devices on the “intelligent edge.” Our ambition for Windows 10 monetization opportunities includes gaming, services, subscriptions, and search advertising. While Windows is used by hundreds of millions of people around the world, it’s no longer the company’s primary growth engine. The annual filing includes a breakdown of Microsoft revenue by major product lines, which is different from the broader divisional results from the company’s quarterly earnings results. Last year, there was a major reorganisation of Windows engineering teams, in order to put greater emphasis on cloud computing. Microsoft’s server and cloud services business grew by 24% to $32 billion, and for the first time, overtaking Office to become Microsoft’s largest product line by revenue. Microsoft predicted that their Windows OS would be on 1 billion devices within a couple of years. The number turned out to be 800 million, and though revenue gain was only 4% in 2019, the business is still worth a generous $20.4 billion for the year. Hopefully, despite the downgrade, Microsoft will still see fit to invest in the last major public-facing business. Source: Windows goes from cornerstone to just another building block for Microsoft in latest 10-K report (MSPoweruser)
  9. It’s time to install most of July's Windows and Office patches If you’ve been keeping your Windows 7/Server 2008 R2 machines clean with “Security-only” patches, July has an important change to consider. For most people, the coast is clear to install the July 2019 patches. Pashaignatov / Getty Images With one glaring exception, July was a rather benign patching month. The Win10 versions got their usual two cumulative updates (the second considered “optional”). Visual Studio had some hiccups, but they’re fixed now. Folks trying to upgrade from Windows 10 version 1803 or 1809 to 1903 encounter various problems, but for now there’s very little reason to push your machine onto 1903. We’ll be talking a lot more about that later this month. When Win7 Security-only patches aren’t The big pimple on the patching butt this month: The Win7/Server 2008 R2 “Security-only” patch. Without any warning or explanation from Microsoft, the July “Security-only” patch installs a full telemetry kit and hooks things up so information gets sent to Microsoft – precisely what most people are trying to avoid by taking the “Security-only” route. We have late-breaking confirmation from Windows guru @abbodi86 that the July Security-only patch installs the same kind of telemetry found in the Monthly Rollups. Many (dare I say “all”?) of the folks who go to the bother of downloading and manually installing the Security-only patches specifically do so to avoid the snooping. But if you want the July security fixes, telemetry comes along for the ride. Fortunately, there are ways to circumvent the telemetry, or at least minimize it. Details following. McAfee Endpoint Protection conflicts – maybe Again this month there are questions about McAfee Endpoint Protection’s interaction with Windows updates. Kevin Beaumont (@GossiTheDog) kicked off the latest round of suspicion and vituperations by posting: McAfee Endpoint Protection has an interesting one, they've added a rule called RDP which I think is designed around BlueKeep (?), but it stops Windows Update applying July's security patches. Günter Born has taken up the call with an article on his Borncity blog, but I’ve been unable to replicate the problem or find calls for help on the McAfee site. Anyway, if you have trouble installing the July patches and you’re using McAfee Endpoint Protection, you might try turning it off before retrying. Update the safe way Here’s how to get your system updated the (relatively) safe way. Step 1. Make a full system image backup before you install the latest patches. There’s a non-zero chance that the patches — even the latest, greatest patches of patches of patches — will hose your machine. Best to have a backup that you can reinstall even if your machine refuses to boot. This comes in addition to the usual need for System Restore points. There are plenty of full-image backup products, including at least two good free ones: Macrium Reflect Free and EaseUS Todo Backup. For Win7 users, If you aren’t making backups regularly, take a look at this thread started by Cybertooth for details. You have good options, both free and not-so-free. Step 2. For Win7 and 8.1 Microsoft is blocking updates to Windows 7 and 8.1 on recent computers. If you are running Windows 7 or 8.1 on a PC that’s 24 months old or newer, follow the instructions in AKB 2000006 or @MrBrian’s summary of @radosuaf’s method to make sure you can use Windows Update to get updates applied. If you’ve been relying on the Security-only “Group B” patching approach to keep Microsoft’s snooping software off your PC, you’re faced with a tough decision: You can hold off on installing any patches this month. Since Security-only patches are not cumulative, you may be able to skate by this month’s fix and pick up next month – assuming Microsoft doesn’t include telemetry with the patches next month – by no means a given. You can switch over to the Monthly Rollups. I’ve been recommending this approach for quite some time, but realize that there are folks who just don’t feel comfortable running Microsoft’s telemetry termites on their machines. If you’ve been installing the Security-only patches and want to continue doing so, be sure to follow @abbodi86’s advice, turn off the Customer Experience Improvement Program (gotta love the name) and, after the July patch is installed, disable the new scheduled tasks. For most Windows 7 and 8.1 users, I recommend following AKB 2000004: How to apply the Win7 and 8.1 Monthly Rollups. Realize that some or all of the expected patches for July may not show up or, if they do show up, may not be checked. DON'T CHECK any unchecked patches. Unless you're very sure of yourself, DON'T GO LOOKING for additional patches. In particular, if you install the July Monthly Rollup, you won’t need (and probably won’t see) the concomitant patches for June. Don't mess with Mother Microsoft. If you see KB 4493132, the “Get Windows 10” nag patch, make sure it’s unchecked. Watch out for driver updates — you’re far better off getting them from a manufacturer’s website. After you’ve installed the latest Monthly Rollup, if you’re intent on minimizing Microsoft’s snooping, run through the steps in AKB 2000007: Turning off the worst Win7 and 8.1 snooping. If you want to thoroughly cut out the telemetry, see @abbodi86’s detailed instructions in AKB 2000012: How To Neutralize Telemetry and Sustain Windows 7 and 8.1 Monthly Rollup Model. Realize that we don’t know what information Microsoft collects on Window 7 and 8.1 machines. But I’d be willing to bet that fully-updated Win7 and 8.1 machines are leaking almost as much personal info as that pushed in Win10. Step 3. For Windows 10 prior to version 1903 If you want to stick with your current version of Win10 Pro — a reasonable alternative — you can follow my advice from February and set “quality update” (cumulative update) deferrals to 15 days, per the screenshot below. If you have quality updates set to 15 days, your machine already updated itself on July 24, and will update again on August 21. Don’t touch a thing and in particular don’t click Check for updates. Microsoft For the rest of you, including those of you stuck with Win10 Home, go through the steps in "8 steps to install Windows 10 patches like a pro." Make sure that you run Step 3 to hide any updates you don’t want (such as the Win10 1903 upgrade or any driver updates for non-Microsoft hardware) before proceeding. If you see a notice that, "You're currently running a version of windows that's nearing the end of support. We recommend you update to the most recent version of Windows 10 now to get the latest features and security improvements" you can safely chill. Win10 1803 is good through November. If you see a link to “Download and install now,” ignore it – for the same reason. Step 3A. For Windows 10 version 1903 If you’ve already moved to Win10 Pro version 1903, and you set a 15-day deferral on quality updates, you’ll no doubt discover that the settings shown in the screenshot are no longer available on your machine. Microsoft hasn’t yet deigned to tell us what’s going on, but you can rest assured that your 15-day deferral was obeyed – and you got the July patches on July 24. Don’t worry about changing the deferral settings just yet. You’re protected until Aug. 21. We’re still experimenting with all of the settings and seeing how they interact with one another, but at this point my best advice if you’re on 1903 is to click the link on the Windows Update page that says “Pause updates for 7 days,” then click on the newly revealed link, which says “Pause updates for 7 more days,” then click it again. By clicking that link three times, you’ll defer cumulative updates for 21 days from the day you started clicking – if you do it today, you’ll be protected until Aug. 23 – which compares favorably to my preferred 15-day deferral, mentioned earlier. There are several group policies and a handful of registry settings working in the background when you make those changes. It still isn’t clear to me how they interact (@PKCano has some details – and they’re hairy). But if you’re using Pro and set the quality update deferral to 15 days, and punch the “Pause updates for 7 days” button three times (on either Home or Pro), you should be in good shape. Thanks to the dozens of volunteers on AskWoody who contribute mightily, especially @sb, @PKCano, @abbodi86 and many others. We’ve moved to MS-DEFCON 4 on the AskWoody Lounge. Source: It’s time to install most of July's Windows and Office patches (Computerworld - Woody Leonhard)
  10. How to check your Android phone’s notifications on a Windows PC Your phone and PC can work together if you set them up properly Illustration by Alex Castro / The Verge It’s been a long time coming, but Microsoft finally has its own system for managing Android notifications from Windows. This system makes it possible to see notifications from your Android phone on your Windows 10 PC as they arrive and to pull up your entire SMS history along with any pending notifications on demand. You can even reply to messages and compose new texts right from your computer. Here’s how to get started. On your Windows 10 computer First, make sure you have the latest version of the Your Phone app: Open the Microsoft Store, and search for “Your Phone” If the app isn’t already installed, install it If the app is installed, click the three-dot menu button next to the “Launch” command. If “Update” appears as an option, select it. Next, prepare your computer for the connection: Open the Your Phone app Click the Android box, then click “Get started” Enter your phone number in the prompt that appears 1 of 3 Got it? Good. Time to move to the phone side of things. On your Android phone Look for a text from Microsoft with a link to install the Your Phone Companion app (or just find the app in the Play Store on your own), and then install it Open the Your Phone Companion app, and tap “Sign in with Microsoft” Enter your Microsoft credentials. Make sure to use the same account shown in the Your Phone app on your computer. Grant the app the various permissions it requests When the app prompts you to set up the Your Phone app on your PC, tap “My PC is ready” When the app prompts you to allow the connection, tap “Allow” 1 of 12 The final link There’s just one bit of setup left, the part that allows notifications to go through: Open your phone’s system settings, search for “Notification Access,” then select the Notification Access option Find the Your Phone Companion app in the list, and activate the toggle beside it Tap “Allow” on the confirmation window that appears Go back to the Your Phone app on your computer, and click the Notification tab on the left side of the screen. If you don’t see a Notification tab, close the app and then reopen it. Click “Get started,” then click “Open settings for me.” You already manually adjusted your settings (which is the more direct way of doing it — and the only way to do it as of this year’s Android Q release), so you should be taken right to the app’s Notifications screen. 1 of 2 That’s it! Any notifications you get on your phone will now automatically pop up on your desktop and then move into your Windows 10 Notification Center (in the lower-right corner of the screen). Any text messages will include the option to reply — something that’s currently limited to your default Android SMS app but will soon expand to support all apps with reply functions in their notifications. 1 of 3 Any time you want to look through all of your messages and pending notifications, just open the Your Phone app on your computer. While you’re there, click on the “Customize” command within the Notifications tab. That’ll let you selectively mute notifications from specific apps, in case you ever need a little less noise. Source: How to check your Android phone’s notifications on a Windows PC(The Verge) (To view the article's image galleries, please visit the above link)
  11. A Linux kernel developer working with Microsoft has let slip that Linux-based operating systems have a larger presence on Microsoft’s Azure cloud platform than Windows-based ones. The revelation appeared on an Openwall open-source security list in an application for Microsoft developers to join the list, and was apparently part of an evidently credible argument that Microsoft plays an active-enough role in Linux development to merit including the company in security groups. The overwhelming prevalence of Linux on Microsoft’s cloud platform may come as a surprise when viewed in isolation, but it makes complete sense from a business perspective. To start with, it’s simply cheaper to run Linux on Azure, as Microsoft’s own price calculator illustrates as clear as day. In this respect, Microsoft basically forced its own hand in terms of monetizing OS licensing into a consistent revenue stream, since Windows 10 Home is essentially free (if you don’t count the “Windows tax“) and Windows 10 Pro works out to a one-and-done revenue opportunity with many enterprise customers. The fact that Linux conforms closely (enough) to the Unix structure and philosophy also makes Linux instances easier to manage. Because Unix is so prolific, basically any system administrator will instantly be at home in the Linux file system, and the saved time and headaches translate pretty quickly into saved dollars and cents, not to mention fewer complications posed by downtime. Linux’s dominance also fits perfectly in the context of its gradual, deliberate integration into Microsoft’s long-term development and innovation vision. When Microsoft first proclaimed its love for Linux in 2014, many industry professionals, especially in the open-source sphere, were skeptical, but from that point on, Linux has been rolling steadily ahead at Microsoft. Initially, Microsoft’s embrace of Linux manifested as the Windows Subsystem for Linux, a curiosity mostly aimed at developers. Last year, though, the company announced Azure Sphere, a cloud-connected platform for internet of things (IoT) devices which includes Azure Sphere OS, an in-house headless Linux-based operating system. This was a masterstroke for Microsoft — even a stripped-down Windows OS is far too bloated to run on practically any IoT device, but most IoT manufacturers could benefit from a secure, off-the-shelf IoT solution to replace their own ill-conceived attempts. Azure Sphere was designed specifically to fill this void. Taken together, it’s easy to see how the numerous Linux options Microsoft offers on Azure alone — to say nothing of the deeper integration Linux is getting on the Windows 10 desktop — outflanks the comparatively more limited options and higher cost associated with running Windows on Azure. At the rate at which the company finds new and inventive applications for Linux, this trend looks set to continue, and Microsoft seems just fine with that. Updated on July 15, 2019: Revised with additional information from Microsoft regarding Azure Sphere. Source
  12. The launch of AMD's Ryzen 3000 series has been undeniably successful thus far, but early Zen 2 buyers have run up against two curious and vastly different bugs: not being able to play Destiny 2 on Windows 10, and not being able to boot up Linux machines using more recent kernels. Good news for both camps is incoming, as AMD just sent word that a fix is coming within the next few days. An AMD representative just provided this statement via email: "AMD has identified the root cause and implemented a BIOS fix for an issue impacting the ability to run certain Linux distributions and Destiny 2 on Ryzen 3000 processors. We have distributed an updated BIOS to our motherboard partners, and we expect consumers to have access to the new BIOS over the coming days." AMD says it was able to root cause and resolve both issues fairly quickly in its BIOS code with a patch, and the company expects motherboard vendors to distribute the patch (potentially in beta BIOS form) by next week. Earlier this week a growing number of complaints amassed from Windows gamers concerning the inability to launch Activision's Destiny 2 with various Ryzen 3000 CPUs. On the Linux side of the fence, a fairly critical bug emerged that straight up prevented a system from booting with 5.0 or newer Linux kernels. It's nice to have these both addressed and resolved within the first week of launch, and hopefully the motherboard vendors will act quickly to seed this patch to their users. Keep an eye on those BIOS updates! Source
  13. Researchers from the Microsoft Defender Advanced Threat Protection Research Team have issued a warning to confirm that a notorious credential-stealing malware threat is targeting Windows users. What makes this one so dangerous is that it uses an "invisible man" methodology by only running files within the attack chain that are legitimate system tools and so hides in plain sight. The Astaroth Trojan can employ many techniques, including keylogging and clipboard monitoring, to steal login credentials. However, it is the way that it exploits living off the land binaries (LOLbins) that has created a certain level of infamy for the malware. In the case of the threat campaign that the newly published Microsoft report confirms, it was the Windows Management Instrumentation Command-line (WMIC) that was the LOLbin in question. Andrea Lelli, part of the Microsoft Defender ATP Research Team and author of the report, notes that the victim still has to click on a malicious link in an email to initiate the attack chain via a file that runs an obfuscated batch file. This batch file, in turn, runs the legitimate WMIC system tool in such a way that an obfuscated JavaScript file runs automatically. Now, this is where things get necessarily complicated, involving more obfuscated JavaScript code and more legitimate system tools running. The most important in the attack-chain being the Background Intelligent Transfer Service (Bits) admin tool that is used (actually, multiple instances of Bitsadmin are used) to download additional payloads. These kinds of fileless attacks, as they are known, run the malicious payloads "directly in memory or leverage legitimate system tools to run malicious code without having to drop executable files on the disk," Lelli explained. Eli Salem, a security researcher at Cybereason who uncovered another Astaroth attack earlier in the year, told me that these attacks are considered challenging to detect as "the full process of the deployment and execution of the malware" is by way of those Windows LOLBins. "To an average person, this activity can seem like a legitimate Windows activity," Salem says "because it's being executed by Windows processes." However, "using invisible techniques and being actually invisible are two different things," Lelli explained. Because some of the techniques used were so "unusual and anomalous," Microsoft Defender ATP, the commercial version of the Windows Defender Antivirus component that is included free of charge with Windows 10, was able to spot the Astaroth attack. If you are not using Defender ATP, however, then Salem advises Windows users to be extra careful "when opening anonymous or new .lnk and .zip files that came from suspicious mail attachments." I also spoke to Kevin Reed, the CISO of Acronis, this afternoon who says that as fileless malware is a very efficient technique, avoiding detection by many existing anti-malware products, users should choose a solution "that employs advanced malware detection techniques such as memory scanning, stack trace analysis, and system call-based detection as these will expose malware residing in PC memory only." One thing is for sure, and that is I doubt it is the last we will hear of Astaroth and fileless malware. According to a recent WatchGuard threat intelligence report, "fileless threats appeared in both WatchGuard's top 10 malware and top 10 network attack lists. On the malware side, a PowerShell-based code injection attack showed up in the top 10 list for the first time, while the popular fileless backdoor tool, Meterpreter, made its first appearance in the top 10 list of network attacks too." Corey Nachreiner, CTO of WatchGuard Technologies, said at the time that "it's clear that modern cybercriminals are leveraging a bevy of diverse attack methods," and I have yet to see anything to think he's wrong. As Sergeant Phil Esterhaus used to say in every episode of cop drama Hill Street Blues back in the 1980s: "Hey, let's be careful out there." Source
  14. Microsoft Windows Security Updates July 2019 overview Microsoft released security updates and non-security updates for Microsoft Windows (client and server) and other company products on the July 9, 2019 Patch Day. Our overview provides system administrators, organizations, and home users with detailed information on released patches, known issues, and other relevant information. The overview starts with an executive summary; it is followed by the operating system distribution, and the list of security updates for all versions of Windows. The list of known issues, security advisories released by Microsoft, and download information follow. Here is the link to the June 2019 Patch Day in case you missed it. Microsoft Windows Security Updates July 2019 Here is an Excel spreadsheet listing security updates that Microsoft released for its products in July 2019. You can download the archive with a click on the following link: Microsoft Windows Security Updates July 2019 Overview Executive Summary Microsoft released security updates for all client and server versions of the Windows operating system. All versions of Windows are affected by (at least) 1 critical security issue. Security updates were also released for other company products such as Internet Explorer, Microsoft Edge, Microsoft Office, Azure DevOps, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Microsoft Exchange Server The Microsoft Update Catalog lists 212 entries. Operating System Distribution Windows 7: 21 vulnerabilities: 1 rated critical and 20 rated important CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Windows 8.1: 19 vulnerabilities: 1 rated critical and 18 rated important CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Windows 10 version 1703: 24 vulnerabilities: 1 critical and 23 important CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Windows 10 version 1709: 36 vulnerabilities: 1 critical and 35 important CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Windows 10 version 1803: 37 vulnerabilities: 1 critical and 36 important CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Windows 10 version 1809: 36 vulnerabilities: 1 critical and 35 important CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Windows 10 version 1903: 36 vulnerabilities: 1 critical and 35 important. CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Windows Server products Windows Server 2008 R2: 21 vulnerabilities: 1 critical and 20 important. CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Windows Server 2012 R2: 22 vulnerabilities: 2 critical and 20 important. CVE-2019-0785 | Windows DHCP Server Remote Code Execution Vulnerability CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Windows Server 2016: 27 vulnerabilities: 2 critical and 25 important CVE-2019-0785 | Windows DHCP Server Remote Code Execution Vulnerability CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Windows Server 2019: 40 vulnerabilities: 2 critical and 38 are important. CVE-2019-0785 | Windows DHCP Server Remote Code Execution Vulnerability CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability Other Microsoft Products Internet Explorer 11: 6 vulnerabilities: 6 critical CVE-2019-1001 | Scripting Engine Memory Corruption Vulnerability CVE-2019-1004 | Scripting Engine Memory Corruption Vulnerability CVE-2019-1056 | Scripting Engine Memory Corruption Vulnerability CVE-2019-1059 | Scripting Engine Memory Corruption Vulnerability CVE-2019-1063 | Internet Explorer Memory Corruption Vulnerability CVE-2019-1104 | Microsoft Browser Memory Corruption Vulnerability Microsoft Edge: 7 vulnerabilities: 7 critical CVE-2019-1001 | Scripting Engine Memory Corruption Vulnerability CVE-2019-1062 | Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1092 | Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1103 | Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1104 | Microsoft Browser Memory Corruption Vulnerability CVE-2019-1106 | Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1107 | Chakra Scripting Engine Memory Corruption Vulnerability Windows Security Updates Windows 7 Service Pack 1 and Windows Server 2008 R2 KB4507449 -- Monthly Rollup Same as KB4507456. KB4507456 -- Security-only Update Security updates to Windows Server, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Shell, Windows Input and Composition, and Windows Kernel. Windows 8.1 and Windows Server 2012 R2 KB4507448 -- Monthly Rollup Fixed a Bitlocker issue that caused Bitlocker to go into recovery mode. Same as KB4507457. KB4507457 -- Security-only Update Security updates to Windows Wireless Networking, Windows Server, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Input and Composition, Windows Kernel, and Windows App Platform and Frameworks Windows 10 version 1803 KB4507435 Fixed a Bitlocker issue that caused the encryption software to go into recover mode. Security updates to Windows Wireless Networking, Windows Server, Microsoft Scripting Engine, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Kernel, Internet Explorer, Windows Input and Composition, Windows Virtualization, Windows App Platform and Frameworks, Microsoft Edge, Windows Cryptography, and Windows Fundamentals. Windows 10 version 1809 and Windows Server 2019 KB4507469 Fixed a Bitlocker issue that caused the encryption software to go into recover mode. Fixed an issue that caused the camera to become unresponsive. Security updates to Windows Server, Microsoft Scripting Engine, Microsoft Graphics Component, Internet Explorer, Windows Input and Composition, Windows Virtualization, Windows App Platform and Frameworks, Windows Kernel, Microsoft Edge, Windows Cryptography, and Windows Fundamentals. Windows 10 version 1903 KB4507453 Fixes of the preview release plus security updates. Other security updates Known Issues Windows 7 Service Pack 1 and Windows Server 2008 R2 Issue with McAfee Enterprise software that causes slow startup or the system to become unresponsive. Windows 8.1 and Windows Server 2012 R2 Still the long standing issue with Cluster Shared Volumes that throws the error "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". Issue with McAfee Enterprise software that causes slow startup or the system to become unresponsive. Windows-Eyes screen reader may may throw errors on launch or during use, and some features may not work properly. Windows 10 version 1803 Still the long standing issue with Cluster Shared Volumes that throws the error "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". Black screen during first logon after installing updates. Issue with Window-Eyes screen reader app that may not work correctly. Windows 10 version 1809 and Server 2019 Long standing issue with Cluster Shared Volumes. Error "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND" on devices with "some Asian language packs installed". Black screen during first logon after installing updates. Issue with Window-Eyes screen reader app that may not work correctly. Windows 10 version 1903 Windows Sandbox may fail to start. The Remote Access Connection Manager (RASMAN) service may stop working and you may receive the error “0xc0000005” on devices where the diagnostic data level is manually configured to the non-default setting of 0. Security advisories and updates ADV190015 | June 2019 Adobe Flash Security Update ADV190020 | Linux Kernel TCP SACK Denial of Service Vulnerability ADV990001 | Latest Servicing Stack Updates Non-security related updates KB4501375 --Windows 10 version 1903 and Windows Server version 1903 Several fixes, see our coverage of KB4501375 here. KB4509479 -- Windows 10 version 1809 and Windows Server 2019 Fixed a Storage Area Network (SAN) connection issue. KB4501371 --Windows 10 version 1809 and Windows Server 2019 Several fixes, see our coverage of KB4501371 here. KB4509478 -- Windows 10 version 1803 Same as KB4509479 for Windows 10 version 1809. KB4503288 -- Windows 10 version 1803 Several fixes, see our coverage of KB4503288 here. KB4509477 -- Windows 10 version 1709 Same as KB4509479 for Windows 10 version 1809. KB4503281 -- Windows 10 version 1709 Microsoft Office Updates You find Office update information here. How to download and install the July 2019 security updates The July 2019 security updates are distributed through Windows Update, WSUS, and other means. Most client-based Windows systems are configured to check for updates automatically. Windows administrators who don't want to wait may run manual checks for updates. It is generally not recommended as bugs may be discovered after the general availability. Backups are recommended if the installation of updates can't be delayed. Do the following to run a manual check for updates: Tap on the Windows-key, type Windows Update, and select the result. A click on "check for updates" runs a manual check. Updates may be installed automatically or on user request depending on system settings. Direct update downloads Windows 7 SP1 and Windows Server 2008 R2 SP KB4507449 -- 2019-07 Security Monthly Quality Rollup for Windows 7 KB4507456 -- 2019-07 Security Only Quality Update for Windows 7 Windows 8.1 and Windows Server 2012 R2 KB4507448 -- 2019-07 Security Monthly Quality Rollup for Windows 8.1 KB4507457 -- 2019-07 Security Only Quality Update for Windows 8.1 Windows 10 (version 1803) KB4507435 -- 2019-07 Cumulative Update for Windows 10 Version 1803 Windows 10 (version 1809) KB4507469 -- 2019-07 Cumulative Update for Windows 10 Version 1809 Windows 10 (version 1903) KB4501375 -- 2019-07 Cumulative Update for Windows 10 Version 1903 Additional resources July 2019 Security Updates release notes List of software updates for Microsoft products List of the latest Windows Updates and Services Packs Security Updates Guide Microsoft Update Catalog site Our in-depth Windows update guide How to install optional updates on Windows 10 Windows 10 Update History Windows 8.1 Update History Windows 7 Update History Source: Microsoft Windows Security Updates July 2019 overview (gHacks - Martin Brinkmann)
  15. It's time to install the June Windows and Office patches June was a lazy, buggy month with silver bullet patches galore. Things have calmed down now, and it’s time to get the lot installed. If you’re using iSCSI, or you have custom views for the Event Viewer, you get to deal with this month’s bugs. Lucky you. But for most folks the patching coast is clear. Microsoft / IDG May had a hair-raising threat from a worm that still hasn’t emerged, but if you’re using Windows 7, 8.1, XP, Vista, or one of the Server variants and skipped the May patches, you need to drop everything and get the May or June patches installed. BlueKeep is coming. Those of you who blocked a specific port to keep BlueKeep at bay may be in for a nasty surprise. Special shout-out for iSCSI and Event Viewer custom views If you have problems connecting to your iSCSI array after installing this month’s patches, you need to click “Check for Updates” and allow Microsoft to install the fix for iSCSI bugs they introduced in earlier patches. If you have custom views in Event Viewer (which is probably more widespread than you think) and after installing this month’s updates you get a “MMC has detected an error in a snap-in and will unload it” error, you didn’t do anything wrong. If it really, uh, bugs you, there’s a fix in the Monthly Rollup previews, KB 450327 for Windows 7 and KB 4503283 for Windows 8.1. Unless you have those specific problems, I recommend (as always) that you avoid anything called “Preview” like the plague. Pass the Preview problems on to the gullible. About Windows 10, version 1903 The latest version of Windows 10, version 1903, is still on my no-fly list. We’re seeing more odd problems emerge, and the Update advanced options vanishing trick remains unexplained. I’m sorely tempted to keep my production machines on 1809 until we see Win10 version 1903 Service Pack 1 - also known as version 1909. Waiting for the first Service Pack is traditionally good advice. How to update your Windows system Here’s how to get your Windows system updated the (relatively) safe way. Step 1. Make a full system image backup before you install the latest patches. There’s a non-zero chance that the patches — even the latest, greatest patches of patches of patches — will hose your machine. Best to have a backup that you can reinstall even if your machine refuses to boot. This, in addition to the usual need for System Restore points. There are plenty of full-image backup products, including at least two good free ones: Macrium Reflect Free and EaseUS Todo Backup. For Windows 7 users, if you aren’t making backups regularly, take a look at this thread started by Cybertooth for details. You have good options, both free and not so free. Step 2a. For Windows XP, Server 2003, and Embedded POSReady 2009 If you haven’t yet installed the May BlueKeep patch, manually download and install KB 4500331. In the Microsoft Update Catalog listing, find the version of Windows XP that concerns you, and on the right, click Download. Choose the language you’re using, and click the link underneath that language. Click Save File. When the windowsxp-kb4500331-blah-blah.exe file has downloaded, double-click on it and stand back. Step 2b. For Windows 7 and 8.1 If you have McAfee Endpoint Security, make sure it’s up to date. Microsoft says it’s still having problems with McAfee. Microsoft is blocking updates to Windows 7 and 8.1 on recent computers. If you are running Windows 7 or 8.1 on a PC that’s 24 months old or newer, follow the instructions in AKB 2000006 or @MrBrian’s summary of @radosuaf’s method to make sure you can use Windows Update to get updates applied. If you’re very concerned about Microsoft’s snooping on you and want to install just security patches, realize that the privacy path is getting more difficult. The old “Group B” — security patches only — isn’t dead, but it’s no longer within the grasp of typical Windows customers, and you absolutely must install the appropriate May security patch. If you insist on manually installing security patches only, follow the instructions in @PKCano’s AKB 2000003 and be aware of @MrBrian’s recommendations for hiding any unwanted patches. For most Windows 7 and 8.1 users, I recommend following AKB 2000004: How to apply the Win7 and 8.1 Monthly Rollups. Realize that some or all of the expected patches for June may not show up. Or if they do show up, they may not be checked. DON'T CHECK any unchecked patches. Unless you're very sure of yourself, DON'T GO LOOKING for additional patches. In particular, if you install the June Monthly Rollup, you won’t need (and probably won’t see) the concomitant patches for May. Don't mess with Mother Microsoft. If you see KB 4493132, the “Get Windows 10” nag patch, make sure it’s unchecked. Watch out for driver updates — you’re far better off getting them from a manufacturer’s website. After you’ve installed the latest Monthly Rollup, if you’re intent on minimizing Microsoft’s snooping, run through the steps in AKB 2000007: Turning off the worst Win7 and 8.1 snooping. If you want to thoroughly cut out the telemetry, see @abbodi86’s detailed instructions in AKB 2000012: How To Neutralize Telemetry and Sustain Windows 7 and 8.1 Monthly Rollup Model. Realize that we don’t know what information Microsoft collects on Window 7 and 8.1 machines. But I’d be willing to bet that fully-updated Win7 and 8.1 machines are leaking almost as much personal info as that pushed in Windows 10. Step 3. For Windows 10 prior to version 1903 If you're running Windows 10 1803 and want to upgrade to Windows 10 1809, just to put off the inevitable push to 1903, there's good news. @PKCano has gone through the steps to navigate an upgrade from 1803 to 1809, without poking the 1903 dog. If you want to stick with your current version of Win10 Pro, you can follow my advice from February and set “quality update” (cumulative update) deferrals to 15 days, per the screenshot below. If you have quality updates set to 15 days, your machine already updated itself on June 26. Don’t touch a thing; in particular, don’t click Check for updates. Woody Leonhard/IDG For the rest of you, including those of you stuck with Windows 10 Home, go through the steps in "8 steps to install Windows 10 patches like a pro." Make sure that you run Step 3 to hide any updates you don’t want (such the Windows 10 1809 upgrade or any driver updates for non-Microsoft hardware) before proceeding. Step 3a. For Windows 10 version 1903 If you’ve already moved to Windows 10 Pro, version 1903, and you set a 15-day deferral on quality updates, you’ll no doubt discover that the settings shown in the screenshot no longer appear on your machine. Microsoft hasn’t yet deigned to tell us what’s going on, but you can rest assured that your 15-day deferral was obeyed — and you got the June patches on June 26. Don’t worry about changing the deferral settings just yet. Windows 10 version 1903 customers are starting to play with the “Pause updates for 7 days” button, but the results I’ve seen aren’t yet conclusive. When we have more experience with the new settings in Windows 10 1903, I’ll update these steps specifically for 1903. Until then, we’re watching and waiting to see how things really work — and in the interim, these steps should work just fine in 1903. Stay tuned for details. Thanks to the dozens of volunteers on AskWoody who contribute mightily, especially @sb, @PKCano, @abbodi86 and many others. We’ve moved to MS-DEFCON 4 on the AskWoody Lounge. Source: It's time to install the June Windows and Office patches (Computerworld - Woody Leonhard)
  16. Windows 10 Barely Moves the Needle on Global Market Share Data shows Windows 10 records minor share increase New data provided by NetMarketShare shows that while Windows 10 continues to be the leading choice for desktop computers across the world, it barely moved the needle on global market share numbers last month. Windows 10 increased its share from 45.73% to 45.79%, despite the arrival of the May 2019 Update. Microsoft started the rollout of Windows 10 May 2019 Update, or version 1903, in late May. Last month, the company made it available for all seekers on Windows Update, meaning all users are allowed to download the update with a manual check for updates. Windows 7, whose support comes to an end in January 2020, dropped from 35.44% to 35.38%. The 2009 Windows operating system will go dark on January 14, 2020, so Microsoft now recommends users to upgrade to Windows 10 in order to continue to receive updates. The transition from Windows 10 to Windows 7, however, happens at a rather slow pace, so right now, more than 3 in 10 PCs out there still run Windows 7. Windows XP going dark Windows 8.1, which is the third Windows version that still receives support, actually increased its share from 3.97% to 4.51%. At the same time, macOS 10.14 declined from 5.34% to 5.31%. The good news is that Windows XP, the operating system that no longer receives updates since April 2014, is going down at a faster pace and has now reached 1.81% share. Windows XP is mostly used on devices in various organizations and enterprises across the world because of compatibility reasons and the high costs of upgrades to newer Windows. Linux, which has long been considered the main alternative to Windows, is now running on 1.55% of the desktop computers out there, according to the same source. Below is a summary of the June 2019 market share figures: Windows 10 Windows 7 macOS 10.14 Windows 8.1 May 2019 45.73% 35.44% 5.34% 3.97% June 2019 45.79% ↗ 36.38% ↘ 5.31% ↘ 4.51% ↗ Source: Windows 10 Barely Moves the Needle on Global Market Share (Softpedia - Bogdan Popa)
  17. Microsoft Patch Alert: The Windows patching heavens buzz with silver bullets June was one of the buggiest patching months in recent memory – and we still don’t have a straight answer on Win10 1903’s bizarre Update advanced options behavior. Thinkstock/Microsoft How many bugs could a WinPatcher patch, if a WinPatcher could patch bugs? Ends up that June’s one of the buggiest patching months in recent memory – lots of pesky little critters, and the ones acknowledged by Microsoft led to even more patches later in the month. In June, we saw eight single-purpose Windows patches whose sole mission is to fix bugs introduced in earlier Windows patches. I call them silver bullets – all they do is fix earlier screw-ups. If you install security patches only, these eight have to be installed manually to fix the bugs introduced earlier. It’s a congenital defect in the patching regimen – bugs introduced by security patches get fixed by non-security “optional” patches, while waiting for the next month’s cumulative updates to roll around. The Win10 Silver Bullets Every modern version of Win10 except 1903 – which is to say, versions 1607, 1703, 1709, 1803, 1809, Server 2016 and Server 2019 – all got three cumulative updates this month. The third cumulative update for June resolves this one issue: Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4497934. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.” In other words, it’s a silver bullet – an optional patch that fixes a bug introduced in an earlier patch that you’ll only get if you download and install it manually, or if you click on “Check for updates.” What’s strange about this bevvy of patches is the timing. Apparently, the bug arrived with the third May cumulative updates on May 21. I first saw mention of it on a Dell support forum, on June 11 and posted about it on June 19. Microsoft hadn’t acknowledged the bug at the time. (The first official announcement I saw was on June 26, the date all four silver bullets appeared.) That’s more than a little disconcerting because Microsoft should be warning us about these problems quickly on the Release Information Status page. The Win7 and 8.1 silver bullets On June 20, Microsoft released silver bullet patches for Win7, 8.1, Server 2008 R2 SP1, 2012, 2012 R2, and Internet Explorer 11 to fix bugs introduced in the June 11 Monthly Rollups and Security-only patches. The update for 7 SP1 and Server 2008 R2 SP1 KB 4508772, for Windows 8.1 and Server 2012 R2 KB 4508773 and for Server 2012: “Addresses an issue that may display the error, ‘MMC has detected an error in a snap-in and will unload it.’ when you try to expand, view, or create Custom Views in Event Viewer. Additionally, the application may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs.” Cumulative Update for Internet Explorer 11 KB 4508646 “Addresses an issue that causes Internet Explorer 11 to stop working when it opens or interacts with Scalable Vector Graphics (SVG) markers, including Power BI line charts with markers.” The bug fixes are not included in the June Monthly Rollups or Security-only patches (June 11, 2019), but are included in the Preview Monthly Rollups released on June 20. Once again, bugs introduced by security patches are getting the latest fixes in non-security patches. More Win10 1903 bugs The second monthly cumulative update for Win10 1903 appeared late, as usual, on June 27. KB 4501375 includes fixes for several acknowledged bugs, including the MMC error with Custom Views described in the preceding section. Many people are complaining that this particular patch was downloaded without their consent – which is to say, without clicking “Check for updates.” @abbodi86 looked into it and discovered: Based on my tests… KB4501375 (18362.207) behaves exactly the same way that Feature Updates behave on 1809 and 1803 – the “download and install now” behavior. In other words, KC 4501375 will be bundled and offered as [a] secondary update with any available update even if you don’t “Check for updates.” It’s possible that the latest .NET cumulative update will trigger this behavior. That said, deferring Feature Updates (version updates) for just 1 day makes KB4501375 go away. Win10 1903’s disappearing Update advanced Options We’re still in a quandary about the behavior of Win10 1903’s update deferrals. In Win10 1903 Pro, if you go into Windows Update, advanced options, you get a pane that looks like this. Microsoft Windows 10 1903 Pro update advanced settings. Several of you have noted that if you specify deferral options as I have here (non-zero numbers in either of the two bottom boxes), the entire “Choose when updates are installed” part of the advanced options dialog disappears. @abbodi86 has undertaken some experiments with the settings. Here’s what he has concluded: Yep, the Feature Update deferral box disappears once i change the entries to non-zero. Maybe it’s an intentional move so the user cannot change the period frequently? 🙂 Anyway, the Feature Update deferral period can be still controlled with registry setting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings] “DeferFeatureUpdatesPeriodInDays”=dword:0000016d Group policy can be used to show you the feature update deferral period. The box will show up greyed, but at least you can know the period @abbodi goes on to say that he tested changing the Quality Update deferral period the same way, with the same result — if you set it to anything other than zero, the whole section disappears. It may be related to an internal conflict with the way Semi-Annual Channel (Targeted) was removed. Maybe, just maybe, this is the way it’s supposed to work. If so, I’d like to nominate this particular behavior for the “Harebrained Design” hall of fame. Giving a user an option, any option, then forcing them to dig into Group Policy to modify it, stinks. On the radar If you’ve been struggling with the “Intel” microcode updates for Meltdown/Spectre and other “Side Channel vulnerabilities,” you aren’t alone. The latest twist appears with Karl-WE’s enormous leg work, posted on GitHub, that brings some sense to the ongoing litany of patches. In particular, Karl notes – and MS Security Response Center guru Jorge Lopez confirms – that the phrase in KB 4346085 that says: Important Install this update for the listed processors only. is, quite simply, wrong. Some of the updates apply to processors that are not listed. You’re better off trusting Windows Update to pick the ones that are right for your machine. Says Lopez: “The team didn't want to mislead anyone reading this KB in isolation to think that installing this KB/deploying across a fleet would mean they have met the requirement for microcode for these side-channel issues - that is only true for the processors listed on the KB. We will update the line, that's not the right way to provide that warning. So yes, you don’t have to go through some complicated deployment matrix on this KB, but you still have to do so to determine what is protected or not (vuln scanning tools should help). The logic to apply or not a microcode update is part of the boot sequence in the OS - if the processor has a microcode revision that is older than what the OS has, the OS will update the CPU microcode as part of the boot sequence. Expect to see a correction to the KB article shortly. To end on a positive note… remember the BlueKeep vulnerability? The one that had me crying that the sky is falling and you needed to install the May patches, like, right away? Kevin Beaumont (Twitter’s @GossiTheDog) has good news: If anybody is pondering why there’s no public BlueKeep Remote Code Execution exploit, it’s a mix of difficulty [There’s a high bar for exploitation - in theory it is ‘just’ a use after free bug, but to be able to kernel spray you have to reverse engineer the RDP driver. There’s no documentation on how to do it for this.] and a handful of people in the InfoSec world being very responsible. Yes, you still need to make sure you have the fix installed. You should’ve done it in May. When the exploit hits it’ll be painful. But at least we’ve been spared a bloodbath of unprecedented proportions. Join us for more thrilling Tales from the Crypt on the AskWoody Lounge. Source: Microsoft Patch Alert: The Windows patching heavens buzz with silver bullets (Computerworld - Woody Leonhard)
  18. WireGuard on Windows early preview WireGuard for Windows is still in pre-alpha, but it's looking very good. WireGuard is a new peer-to-peer VPN technology that has the potential for greater speed, smaller attack surface, and easier configuration than commonly used and better-established VPN platforms such as OpenVPN and IPSec. It has been available on Linux, FreeBSD, macOS, Android, and even iOS for quite some time now, with Windows being the one platform frustratingly missing. There are good reasons for that—lead developer Jason Donenfeld didn't want to inherit the problems of OpenVPN's OpenTAP adapter code, and when he investigated Microsoft's built-in VPN API, he didn't like that either. So his first move was to take a giant step backward on the Windows platform and develop an extremely simple virtual adapter that could be used not only for WireGuard, but also for other projects that might need the same kind of very basic, socket-and-tunnel functionality. This became Wintun. For the moment, WireGuard for Windows is still in what creator Jason Donenfeld refers to as "pre-alpha," with an alpha build due out sometime in the next week or two. The good news is that it's an easy install now, with no dev-fu required to get it running happily on a Windows 10 (or Server 2016, as seen below) system. There are self-contained, signed MSI installers for both 64-bit and 32-bit builds there; downloading and running them just works, with no complaints from Defender about unsigned or untrusted anything. I was curious about what makes v0.0.14 "pre-alpha" rather than merely "alpha." Donenfeld told me one reason he called it pre-alpha was to keep journalists like me (as well as the generally unadventurous) from writing about it before it's ready. Pressed for more detail, it became clear that he's laser-focused on security—and Windows as a platform diverges far more radically from Linux, Android, macOS, and iOS in that regard than any of them do from one another. There's no access to Windows kernel source code, and the documentation is insufficient for his needs. As a result, he has spent hundreds of hours in a disassembler, reverse-engineering ntoskrnl.exe and ndis.sys to make absolutely sure he understands exactly what's going on at an extremely low level most developers never bother with. The WireGuard-Windows project maintains an attack surface document specifically documenting possible ways to attack the code, and while we were chatting on Twitter, Donenfeld finished a fascinatingly detailed mailing list post about Windows' Network Location Awareness Signatures. All this makes it very clear that the Windows port of WireGuard isn't really "just a port"; it's a ground-up project in its own right, with a level of platform-specific attention to detail that would shame most Windows-native developers. With all my questions about the current and near-future state of the project answered, I downloaded the current version of WireGuard for Windows and took it for a quick spin on a bare metal Windows 2016 instance at Packet. The short version: it's pretty sweet. Once the installer for WireGuard has run, a close facsimile of the mobile interface you'd see on WireGuard for Android, iOS, or macOS pops up. You can easily import, export, activate, deactivate, or destroy tunnel configurations. Tunnel configuration can be imported either directly from a raw .conf file (format just like the ones used in text-based Linux configs in our prior coverage) or from a ZIP file that can contain multiple tunnels. The interface is barebones and offers no hand-holding, but it works very well—even including a context-sensitive text editor that catches and red-underlines many common errors, such as invalid IPv4 or IPv6 addresses. In one last and particularly appreciated touch, it turns out that tunnel states persist across reboot—if you had a tunnel active when you restart your Windows machine, it will automatically activate itself after the reboot; there's no need to run the UI or do anything else to restart it. Similarly, if a tunnel was deactivated at shutdown or reboot, it will still be down after the machine restarts. Beyond all this, if you know how to use WireGuard on other platforms, you know how to use it on Windows. Connection times are still instantaneous, and the throughput is good. I achieved 1.2Gbps upload throughput across a WireGuard tunnel from the Windows 2016 machine above to a Linux machine (also at Packet). Download throughput across the tunnel capped at 380Mbps, but Donenfeld says that's a known bug that has been fixed in master, and the improved, faster code will be available to the general public in the upcoming 0.1 alpha release. Listing image by Jim Salter Previous WireGuard coverage on Ars If you're not sure what the fuss about WireGuard is, we've got you covered. In short, it's a completely new VPN protocol that aims to be completely secure by default, using orders of magnitude fewer lines of code and much simpler configuration files than earlier protocols like OpenVPN or IPSec. For more detail, check out our earlier WireGuard coverage: WireGuard VPN Review Testing WireGuard on iVPN Source: WireGuard on Windows early preview (Ars Technica)
  19. Firefox will use BITS on Windows for updates going forward Mozilla plans to change the updating technology that the organization's Firefox web browser uses on the Windows platform. The organization plans to use BITS, the Background Intelligent Transfer Service, on Windows to handle Firefox updates. BITS is a Windows file transfer service that supports downloading files and resuming interrupted file transfers while being "mindful" of the responsiveness of other network applications and network costs. Current versions of Firefox use a task called Mozilla Maintenance Service and a background update component to push updates to Firefox installations. The functionality was launched in 2012 to improve the updating experience especially on Windows. Firefox 68 could be the first stable version of Firefox to use BITS on Windows devices according to Mozilla's plans. The functionality is still in active development and it is possible that things may get delayed. The use of BITS is just the first step in Mozilla's plan, however. The organization wants to roll out another new component to handle background updates better. The component is called Background Update Agent and it is designed to download and apply updates to Firefox. The background process may download and install updates even if the Firefox web browser is not running on the system. Mozilla hopes that the new updating mechanism will be beneficial to Firefox users with slow Internet connections. The organization noticed that updates would often be terminated prematurely when users exited the browser on slow Internet connections. Mozilla engineer Matt Howell created the bug 2 years ago on Mozilla's bug tracking website. The Update Agent is being planned as a background process which will remain running after the browser is closed to download and apply updates. This should make updating more convenient for everyone and reduce the time to get new updates for users who aren't well supported by the current update process because they don't run Firefox very much and/or they have slow Internet connections. BITS preferences Note that BITS functionality is still in development at the time of writing and that some things may not work correctly right now. Firefox 68 will support two BITS related preferences; one determines whether BITS is enabled and in use, the other whether the Firefox version is part of a trial group. Load about:config in the Firefox address bar and hit enter. Confirm that you will be careful. Search for bits The preference app.update.BITS.enabled determines whether the new update functionality is enabled. True means BITS is used and enabled. False means BITS is not used and not enabled. The preference app.update.BITS.inTrialGroup is a temporary preference used during tests. Restart Firefox. Mozilla plans to add a preference to Firefox's options that gives users control over the background updating process. Firefox users may disable background updating using the preference so that the process won't download and install updates while Firefox is not running. Closing Words The use of BITS should improve Firefox's update process, especially for users on slow connections. Mozilla hopes that the new functionality will leave less Firefox installations behind version-wise. Users who don't want it will be able to disable the background updating in the options. (via Techdows) Source: Firefox will use BITS on Windows for updates going forward (gHacks - Martin Brinkmann)
  20. Microsoft's risky strategy: Develop on Windows, deploy to Linux Visual Studio code with Docker and remoting to Windows Subsystem for Linux 2 Docker has published details of what its container technology will look like for developers working on Windows, after the release of Microsoft's Windows Subsystem for Linux 2 (WSL 2) that is currently in preview. WSL 2 takes a different approach than the existing WSL. Instead of redirecting system calls to run Linux binaries, WSL 2 runs a Linux kernel in a Hyper-V Virtual Machine, but with integration with the host Windows operating system, so you still get most of the features of WSL 1.0. Linux compatibility in WSL 1.0 was insufficient to support Docker containers, but in WSL 2 they will work. Docker is embracing this change. The brief history of Docker on Windows looks like this. First there was Docker Toolbox, released in August 2015, which uses the VirtualBox hypervisor to run Linux in a VM. Then came Docker Desktop, released in 2016, which uses Hyper-V for Linux support, to the relief of developers juggling with incompatible Windows hypervisors. Then in 2017, Docker, working with Microsoft, added support for Windows Server Containers – containers that run Windows rather than Linux applications. At the time, Microsoft enthused that this would "revolutionise the way [customers] build software and modernise existing applications, all with the same platform." The current version of Docker Desktop for Windows installs with Linux containers as the default, but with an option to switch to Windows containers. Diagram showing how Docker works with WSL 2E Now Docker has said it will: Replace the Hyper-V VM we currently use by a WSL 2 integration package. This package will provide the same features as the current Docker Desktop VM: Kubernetes 1-click setup, automatic updates, transparent HTTP proxy configuration, access to the daemon from Windows, transparent bind mounts of Windows files, and more. The big feature this will enable for developers is the ability to use Linux tools to interact with the Linux Docker daemon (service). Docker added: With WSL 2 integration, you will still experience the same seamless integration with Windows, but Linux programs running inside WSL will also be able to do the same. Other advantages include dynamic memory allocation in WSL 2, enabling Docker to make more efficient use of resources, much faster cold start-up which means the Docker daemon does not need to run when not in use, and more reliable container access to files on the Windows side. Docker envisages developers using the "Remote to WSL" extension in Visual Studio Code (VS Code) in order to edit code in Windows while interacting with Linux though the VS Code terminal. All good news? It is from Docker's perspective since it will have less work to do in order to run well on Windows, and the benefits for developers are real. Microsoft dons penguin suit The surprising aspect to all this is the effort Microsoft is making to promote Linux application development to its developers on Windows. The reason for this change of heart is the Azure platform, which means Microsoft can profit almost as much from hosting Linux applications as from Windows, particularly if those applications use other Azure services. Projects like the cross-platform .NET Core and SQL Server for Linux are also part of this trend. The Docker news is of no interest to developers using Windows Containers, but there are not many of them. At Microsoft's Build conference last month, Gabe Monroy, lead program manager for the Azure Container Compute team, was asked whether Windows Containers are for legacy and Linux Containers for new projects. "I think that is a fair description," he said, demonstrating how the company's thinking on the subject has shifted. Similarly, WSL 2 makes life better for developing Linux applications on Windows, but there are downsides. Running Linux in a VM as opposed to redirecting system calls is better for compatibility but inherently worse for integration. One aspect of this is that in WSL 2 I/O performance to files within the Linux VM is much faster, but I/O performance between Linux and the host is worse. Another is that WSL 2 has no access to serial or USB ports. "I primarily want my source of truth (my files) to be on the Windows side of things. WSL1 had the perfect working model for me," said a developer in response to the announcement of WSL 2 previews for those on Windows Insider builds. Microsoft's response? "We understand that this could be a blocker for many people, and so we aren't discontinuing working on WSL 1." This will be a half-truth though; Microsoft will now put most of its effort into WSL 2. Develop on Windows, deploy to Linux is an interesting strategy for Microsoft and one with obvious risks for the future of the Windows side. Source
  21. Collider scopes alternative The Large Hadron Collider at CERN INTERNATIONAL LEAGUE OF BOFFINS CERN is to switch to Linux to save costs. Last year, the company launched the 'Microsoft Alternatives Project' to examine ways that the company could work smarter by switching to Linux-based operating systems. Its initial goal was to "investigate the migration from commercial software products (Microsoft and others) to open-source solutions, so as to minimise CERN's exposure to the risks of unsustainable commercial conditions." Also to 'seek out new life and new civilisations, to bol…. Sorry, that's Star Trek. Moving on then. CERN appears to be one of the first major organisations switching to Linux as an alternative to switching to Windows 10 ahead of Windows 7 reaching end of life next January. The company also refers to 'licence fee increases' as a reason for the change. CERN has traditionally been allowed to take Microsoft products at the 'academic institution' rate but was recently forced to change to a 'by-the-seats' model based on the number of users. According to a ZDNet, the implementation of the scheme will begin this summer with a pilot of an open source mail service, initially for volunteers and the IT staff. This will then be rolled out across the complex later in the year. The change is not completely alien to the boffin brigade - OpenStack is already widely in use and has only recently stopped developing its own 'Scientific Linux' distro with Fermilab, based on Red Hat Enterprise Linux, after it became obvious that CentOS could fulfil the same functions out of the box. At present, there's no indication of what the replacement for Windows will be, or what existing distro (if any) it will be based on, nor when it will be rolled out, but there's little doubt that CERN is setting the tone for the next six months, where we're likely to see a lot more organisations voting with their feet over their future, post Windows 7. Source
  22. Windows 10 users can now access the iCloud app on-the-go. The new iCloud for Windows app is available starting today in the Microsoft Store. ICloud for Windows users can now access their files via iOS devices and Macs, Apple and Microsoft announced Tuesday. The companies said the new iCloud app, listed for the first time in the Microsoft Store, will allow Windows 10 users to be more productive when away from their PC. The cloud system allows users to store files and folders on the internet rather than on their computer's physical hard drive, with iCloud including the ability to view files from File Explorer or the app without absorbing PC space. For those working on projects with different devices, the companies reiterated that edits will be synced across all devices with the cloud. So if you're working on a Microsoft Word document on your iPhone, for instance, your changes will show when you open the same document on your PC. You can also collaborate with others by inviting people to add their own multimedia content in Shared Albums. Additionally, you can share your Microsoft files with someone who has an iOS device. Apple and Microsoft didn't immediately respond to requests for comment. Source
  23. It’s time to install the May Windows and Office patches Win10 version 1903 isn’t yet ready for prime time, but the other Windows and Office patches are reasonably stable. If you haven’t yet installed the XP/Vista/Win7 patches to guard against the “wormable” BlueKeep Remote Desktop hole, better do so now. Thinkstock/Microsoft May 2019 will go down in the annals of Patch-dom as the month we all ran for cover to fend off another WannaCry-caliber worm, but a convincing exploit never emerged. Microsoft officially released Windows 10 version 1903 on May 21, but I haven’t yet heard from anyone who’s been pushed. All of the complaints I hear are from those “seekers” who went to the download site and installed 1903 with malice and forethought. A triumph of hope over experience. This month, if you let Windows Update have its way on your machine, you may end up with a different build number than the person sitting next to you. Blame the gov.uk debacle for that: Folks with Windows set up for U.K. English get an extra cumulative update pushed onto their machines, whilst those who don’t fly the Union Jack will get the fix in due course next month. The ongoing saga of BlueKeep Remember the “wormable” Remote Desktop security hole that was going to bring down all older Windows machines? As of this writing, early Tuesday morning, there are exactly no known exploits. Lots of people have tried. Plenty of people are selling snake oil. But nobody has yet figured out how to exploit BlueKeep in order to run a nasty program. Before you feel too smug, realize that I continue to recommend that you install the latest Windows 7, XP, Vista, Server 2003, 2008 or 2008 R2 patches. I’m convinced a weapons-grade BlueKeep attack is on the way, and your only gold-standard defense is to fix the bug in Microsoft’s Remote Desktop Protocol. Tell your friends. This is the real thing. The one Windows 7 patch to avoid Once again this month, you should studiously avoid KB 4493132, a Windows 7 patch that does nothing but nag you to move to Windows 10. The case against installing Windows 10 version 1903 right now Windows 10 version 1903 has one truly important new feature: The ability to push off updates. That may be the single most important new feature in Windows 10 since it was released almost four years ago. We still haven’t seen the feature in real-life action, and there’s some ambiguity between the descriptions and the settings, but I have great hope. Don’t make the mistake of jumping in right now before Microsoft’s has a chance to iron out the inevitable problems. At the very least, you should wait until Microsoft declares that version 1903 is stable enough for broad deployment in large organizations. There’s supposed to be a “Download and install now” link arriving soon in Win10 1803 and 1809 to give you some control over when the upgrade to 1903 gets pushed onto your machine. Unfortunately, there’s also a promise from Microsoft that it’ll start pushing 1903 onto 1803 machines this month. We still don’t know when the 1803-to-1903 forced upgrades will start, and we don’t know how hard Microsoft will push. Stay tuned. How to update your Windows system Here’s how to get your system updated the (relatively) safe way. Step 1: Make a full system image backup before you install the latest patches. There’s a non-zero chance that the patches — even the latest, greatest patches of patches of patches — will hose your machine. Best to have a backup that you can reinstall even if your machine refuses to boot. This, in addition to the usual need for System Restore points. There are plenty of full-image backup products, including at least two good free ones: Macrium Reflect Free and EaseUS Todo Backup. For Windows 7 users, if you aren’t making backups regularly, take a look at this thread started by Cybertooth for details. You have good options, both free and not-so-free. Step 2a: For Windows XP, Server 2003, and Embedded POSReady 2009 Manually download and install KB 4500331. In the Microsoft Update Catalog listing, find the version of Windows XP that concerns you and on the right, click Download. Choose the language that you’re using, and click on the link underneath that language. Click Save File. When the windowsxp-kb4500331-blah-blah.exe file has downloaded, double-click on it and stand back. Step 2b: For Windows 7 and 8.1 If you have McAfee Endpoint Security, make sure it’s up to date. Microsoft says it’s still having problems with McAfee. Microsoft is blocking updates to Windows 7 and 8.1 on recent computers. If you are running Windows 7 or 8.1 on a PC that’s 24 months old or newer, follow the instructions in AKB 2000006 or @MrBrian’s summary of @radosuaf’s method to make sure you can use Windows Update to get updates applied. If you’re very concerned about Microsoft’s snooping on you and want to install just security patches, realize that the privacy path’s getting more difficult. The old “Group B” — security patches only — isn’t dead, but it’s no longer within the grasp of typical Windows customers. If you insist on manually installing security patches only, follow the instructions in @PKCano’s AKB 2000003 and be aware of @MrBrian’s recommendations for hiding any unwanted patches. For most Windows 7 and 8.1 users, I recommend following AKB 2000004: How to apply the Win7 and 8.1 Monthly Rollups. Realize that some or all of the expected patches for May may not show up, or if they do show up, they may not be checked. DON'T CHECK any unchecked patches. Unless you're very sure of yourself, DON'T GO LOOKING for additional patches. In particular, if you install the May Monthly Rollups or Cumulative Updates, you won’t need (and probably won’t see) the concomitant patches for April. Don't mess with Mother Microsoft. If you see KB 4493132, the “Get Windows 10” nag patch, make sure it’s unchecked. Watch out for driver updates — you’re far better off getting them from a manufacturer’s website. After you’ve installed the latest Monthly Rollup, if you’re intent on minimizing Microsoft’s snooping, run through the steps in AKB 2000007: Turning off the worst Win7 and 8.1 snooping. If you want to thoroughly cut out the telemetry, see @abbodi86’s detailed instructions in AKB 2000012: How To Neutralize Telemetry and Sustain Windows 7 and 8.1 Monthly Rollup Model. Realize that we don’t know what information Microsoft collects on Windows 7 and 8.1 machines. But I’d be willing to bet that fully-updated Win7 and 8.1 machines are leaking almost as much personal info as that pushed in Windows 10. Step 3: For Windows 10 If you want to stick with your current version of Windows 10 — a reasonable alternative — you can follow my advice from February and set “quality update” (cumulative update) deferrals to 15 days, per the screenshot below. If you have quality updates set to 15 days, your machine already updated itself on May 29. Don’t touch a thing and in particular don’t click Check for updates. Woody Leonhard For the rest of you, including those of you stuck with Win10 Home, go through the steps in "8 steps to install Windows 10 patches like a pro." Make sure that you run Step 3 to hide any updates you don’t want (such the Windows 10 1809 upgrade or any driver updates for non-Microsoft hardware) before proceeding. When we have more experience with the new settings in Windows 10 1903, I’ll update these steps specifically for 1903. Until then, we’re watching and waiting, to see how things really work — and in the interim, these steps should work just fine in 1903. Stay tuned for details. Thanks to the dozens of volunteers on AskWoody who contribute mightily, especially @sb, @PKCano, @abbodi86 and many others. We’ve moved to MS-DEFCON 4 on the AskWoody Lounge. Source: It’s time to install the May Windows and Office patches
  24. How to make sense of Windows updates and upgrades with Microsoft's new release dashboard Microsoft's new Windows release health dashboard is a one-stop shop for Windows 10 users seeking information on the status of upgrades and ongoing problems. Thinkstock/Microsoft Making good on a pledge in November, Microsoft has unveiled a site showing the problems that prevent users from receiving Windows upgrades. Dubbed the "Windows release health dashboard," the list of blockers came out of a promise in late 2018 by Microsoft's top Windows executive. Writing upon the re-release of Windows 10 October 2018 Update, aka 1809 in the firm's four-digit yymm code, Mike Fortin, corporate vice president, said: "We will continue to invest in clear and regular communications with our customers when there are issues." Fortin was referring to bugs that Microsoft decided were significant enough to justify withholding one of the twice-annual Windows 10 feature upgrades from relevant machines. Rather than offer an upgrade that might cripple or degrade a system, Microsoft would simply refuse to give those PCs the update. Even though Microsoft has practiced upgrade blocking for decades, it wasn't until last fall that the company detailed the issues preventing some PCs from receiving a Windows 10 upgrade. Those issues were published on the Windows 10 update history support page and included short descriptions of the blocking bugs. That page was a precursor to the health dashboard. "The new Windows release health dashboard is now live, offering timely information on the current rollout status and known issues (open and resolved) across both feature and monthly updates," said John Cable, director of program management on the Windows servicing and delivery team. "The new dashboard provides a single page for each currently-supported version of Windows so you can quickly search for issues by keyword, including any safeguard holds on updates, see the current status of each issue, and find important announcements." (Note: The dashboard, with the latest 1903 feature upgrade front and center, is here. Odd, nowhere does Microsoft label this as "Dashboard.") What the dashboard does Each Windows 10 feature upgrade - from the initial release (1507) to the just-issued (1903) - has its own dedicated page on the dashboard, sometimes shared with an edition of Windows Server. Windows 10's predecessors, including Windows 7 and Windows 8.1, and their Server colleagues, also sport pages. All are listed in the column at the left side of the display. Microsoft Clicking a version of Windows 10 - or one of the earlier operating systems - in the list on the left expands the item, letting users drill down. Click to expand any Windows 10 feature upgrade at the left, or one of the earlier operating systems. Two items - "Known issues and notifications" and "Resolved issues" - appear. The former not only itemizes existing problems in a summary near the top of the page but describes them in greater detail down lower. Among the details, many issues sport a line titled "Next steps" that outlines what action Microsoft has taken and when a fix can be expected. The company also makes recommendations - such as not to manually install the feature upgrade - shows possible workarounds that users can apply and in some cases, classifies the problem as a blocker halting upgrade distribution. Those are typically offered after a heading of "Note." As issues accumulate they are clumped together as months. Whether resolved or not, the problems remain as a record. Fixed bugs are listed on a separate page reached by clicking the "Resolved issues" heading at the left. Notably, each resolution shows an addressed-by date and the support document(s) which first mentioned the problem and possibly later, the solution if it entailed another update from Redmond. Microsoft Problems are described in detail, users are pointed to support documents that accompanied the fix and Microsoft explains what it or a third party did to address the issue. In this case, Microsoft released another update, one determined important enough to distribute outside the normal Tuesday schedule. Although the dashboard may impress some users in its detail, veterans will recognize that most of the information has been copied from individual support documents - identified by the KB prefix, which stands for knowledge base - and pasted here. That's by design. "Finding out about known issues and whether or not they'd been reported, took time and effort," Melissa Martin, a senior program manager, acknowledged in a video posted on Microsoft's website. "It was a multi-step process. Known issues were included in the release notes or support articles, also known as KBs, and once an issue was resolved the original KB was updated with a link to the resolving KB." The dashboard is meant to serve as a one-stop shop for all that already-crafted information, Martin noted. Update comms Microsoft also billed the dashboard as a source of general information about the Windows upgrade process. "One of the most exciting features of the new Windows release health dashboard is the ability to see the current roll-out status, the status of known and recently-resolved issues, and news about Windows updates, all in one place," said Martin (emphasis added). Microsoft Recent feature upgrades, like 1903, prominently show update status information (the part shaded blue), including how users can currently obtain the build and if Microsoft has put it into general distribution. Although Microsoft hasn't said it aloud, it's reasonable to assume that the company will use the status section of an upgrade's page to communicate to commercial customers when testing can be wrapped up and broad deployment begun. That milestone, formerly marked by the labeling change from Semi-Annual Channel (Targeted), or SAC-T, to Semi-Annual Channel, aka SAC, is to be continued, Microsoft has said - but without the transition in nomenclature. (Microsoft ditched SAC-T earlier this year.) Unless Microsoft is misleading users about the dashboard's purpose, the notification should appear here. Also on the dashboard will be links to recent announcements related to updates and upgrades, practices and policies. Microsoft relies almost exclusively on blog posts for such announcements - even major proclamations made at the firm's conferences are usually repeated in blog form - and are to be collected in the "Message center" area of the dashboard. Microsoft In the 'Message center,' the dashboard displays the latest blogged announcements from Microsoft about updates and upgrades. Each feature upgrade's page also offers links to the most recent posts. For a finishing touch, the dashboard also links directly to the Windows 10 release information page, the official list of feature upgrades and their monthly cumulative updates. This page provides a host of nuts and bolts information about Windows 10, including build numbers, date of each update and upgrade, and perhaps most importantly, end-of-support deadlines. Microsoft Microsoft dumps tons of information in the Windows 10 release information page. Putting it on the dashboard may get that information to more users. Source: How to make sense of Windows updates and upgrades with Microsoft's new release dashboard (Computerworld - Gregg Keizer)
  25. It’s been a long time coming Microsoft had a dream with Windows 8 that involved universal Windows apps that would span across phones, tablets, PCs, and even Xbox consoles. The plan was that app developers could write a single app for all of these devices, and it would magically span across them all. This dream really started to fall apart after Windows Phone failed, but it’s well and truly over now. Microsoft has spent years pushing developers to create special apps for the company’s Universal Windows Platform (UWP), and today, it’s putting the final nail in the UWP coffin. Microsoft is finally allowing game developers to bring full native Win32 games to the Microsoft Store, meaning the many games that developers publish on popular stores like Steam don’t have to be rebuilt for UWP. “We recognize that Win32 is the app format that game developers love to use and gamers love to play, so we are excited to share that we will be enabling full support for native Win32 games to the Microsoft Store on Windows,” explains Microsoft’s gaming chief Phil Spencer. “This will unlock more options for developers and gamers alike, allowing for the customization and control they’ve come to expect from the open Windows gaming ecosystem.” This is a big shift for Microsoft’s Windows app store, particularly because games are one of the most popular forms of apps that are downloaded from app stores. Previously, developers were forced to publish games for Windows 10 through the Universal Windows Platform, which simply doesn’t have the same level of customization that game developers have come to expect from Windows over the years. The writing has been on the wall for UWP for months now. Microsoft recently revealed its effort to switch the company’s Edge browser to Chromium and away from UWP to make it available on Windows 7, Windows 8, and macOS. Microsoft’s Joe Belfiore admitted in an interview with The Verge earlier this month that UWP was a “headwind” for Edge. “It’s not that UWP is bad, but UWP is not a 35-year-old mature platform that a ridiculously huge amount of apps have been written to,” Belfiore said at the time. I’ve heard many stories of Microsoft engineers and developers complaining about UWP putting restrictions on their own apps, and third-party app developers have often had to make a choice between creating a UWP app for Windows 10 or a traditional desktop app that will run across Windows 7, Windows 8, and Windows 10. Microsoft has steadily expanded its definition of UWP to allow developers to repackage desktop apps into the Microsoft Store, but the original vision was for new style apps (think back to Windows 8) that would run across PCs, phones, tablets, the Xbox, and HoloLens. With the death of Windows Phone, that original plan for UWP looked unlikely to work out. Microsoft even recently put its touch-friendly UWP versions of Office on hold, preferring to focus on the web, iOS, Android, and its desktop apps instead. Office was always the centerpiece for UWP and a good example of how to build a more demanding app on Microsoft’s new platform. Microsoft is finally listening to app and game developers and not trying to force UWP on them anymore. “You’ve told us that you would like us to continue to decouple many parts of the Universal Windows Platform so that you can adopt them incrementally,” explained Kevin Gallo, Microsoft’s Windows developer platform chief, earlier this month. This means developers will be able to adopt some of the good parts of UWP over time. In a separate interview with ZDNet, Gallo revealed, “by the time we are done, everything will just be called ‘Windows apps.’” Microsoft isn’t there just yet, but it’s aiming to make every UWP feature available to all developers. Ultimately, this is good news for both developers and Windows users. We might now start to see more games in the Microsoft Store that work how PC gamers expect them to and hopefully more apps. The Windows Store has been full of junk over the years, and Microsoft has had a hard time attracting developers. Microsoft’s new approach even impressed Epic CEO Tim Sweeney earlier this year. Microsoft’s previous walled garden approach to the store generated fierce criticism from Sweeney. He wasn’t happy that Microsoft was building a closed platform within Windows 10, and he protested the company’s attempts to force developers to distribute these apps through the Microsoft Store. Microsoft even created S Mode versions of Windows and a Windows RT operating system that were locked to store apps by default. The backing of Sweeney and Microsoft’s new move to bring more of its own games to Steam are good signs that Spencer is changing more than just the Xbox console inside of Microsoft. Now, we’ll have to wait to see what app and game developers do this time around with a Microsoft Store and Windows app platform that’s a lot less restricted. Source
×
×
  • Create New...