Quantcast
Channel: Windows 10 – Born's Tech and Windows World
Viewing all 1335 articles
Browse latest View live

Windows 10: Scanner fails after update

$
0
0

[German]Users of Windows 10 may experience scanner issues after installing a Windows 10 update. For example, after an update to Windows 10 version 1803, scanning from multifunction printer/scanner devices is no longer possible using Easy Document Creator.

Within the text below I will try to explain the various approaches to control scanners and point out the associated problems.

Standards for scanner control

With modern scanners connected to a computer via USB, the scanner is controlled from applications using two standards: Twain and WIA. Here is some background information.

TWAIN, an old standard

TWAIN is is a standard established in 1992 by Aldus Corporation, Eastman-Kodak, Hewlett-Packard and Logitech for exchanging data between image input devices (scanners, digital cameras, etc.) and applications for Microsoft Windows and Apple Macintosh. 

TWAIN 2.4, released December 15, 2015, consists of three elements: The data source, the application program and the source manager. The data source is formed by the scanner or digital camera driver. This must be supplied with the device in a version compatible with the Windows version or may be downloaded and installed at a later date from the manufacturer’s website.

Then application programs such as PhotoFiltre etc. can be used to address the scanner directly and to continue using the image data of the scan. If this does not work, the device’s TWAIN driver may no longer be compatible with the existing Windows version. Here you can only try to uninstall the manufacturer’s Twain driver and reinstall a new driver or the old driver.

The WIA standard, approach with hurdles

This is the interface introduced by Microsoft from Windows Millennium (WIA stands for Windows Image Acquisition). Windows Fax and Scan as well as other functions of the operating system or application programs can use WIA to initiate a scan.

In order to run the scanner under Windows, a WIA driver of the scanner manufacturer suitable for this operating system must be installed. Unfortunately, there is a large hurdle for older scanners. Microsoft has introduced the WIA 1.0 standard for Windows Millennium and also supported it under Windows XP.

Starting with Windows Server 2003, Microsoft switched the model of the WIA service from Local System to Local Service. As a result, all older WIA drivers no longer work under newer Windows versions. This was first noticed on a wider front with Windows Vista, later with Windows 7 and subsequent versions. I had explained this in more detail in my German blog post Scanner unter Windows 7.

Scanning via this interface is not possible without a WIA driver adapted to the currently used Windows version. The scanner is then simply dead. If there is no updated WIA driver, you can only try to scan via the TWAIN interface.

The software Vuescan, occasionally suggested, uses this interface according to my information.

Network scanning to network folders

Meanwhile there are a lot of multifunctional devices on the market, consisting of printer, fax and scanner including network connection. An elegant trick is actually used there: A network share is set up on a computer within the network, on which the scans can then be stored. The multifunction device is then set up to automatically store the scans as files on this network share.

Basically, you only need to configure the network address (URL) and the access data (user name and password). The concept is, because of the access to network shares, independent of the used operating system. 

Pitfall: Windows 10-Updates …

What looks ingenious in theory proves to be a great evil in practice. When searching the Internet, you very quickly come across calls for help in forums, claiming ‘scan to network folders’ no longer works after any update in Windows 10. The HP Forum contains several articles (German entry, cached versions here about the HP LaserJet Pro 400 MFP M425dw, here HP OfficeJet Pro 8720 All-in-One printer series). At hardwareluxx there is an entry here. These postings are all in German, but you should be able to find other posts in English.

… and The SMBv1 problem

In Windows 10 V1709, Microsoft has decided to discontinue support for the SMBv1 protocol. Systems on which the protocol is still installed will retain it. But since Windows 10 version 1709 (Fall Creators Update) there is a dirty trap: Windows 10 checks if the SMBv1 protocol is used. After 15 days without using the SMBv1 protocol it will be uninstalled via DISM command (Susan Bradley pointed this out here some time ago, but Microsoft has also explained this in this KB article).

When scanning to a network share there are then the strangest error messages. Everything from error code 0x80004005 to other messages is included. Here it only helps to reactivate the SMBv1 protocol for test purposes under Windows 10. I had outlined this some time ago in the German blog articleWindows 10: Kein Zugriff auf Freigaben already in another context.

1. Go to control panel (type ‘control’ in Windows 10 search bar and select control panel entry) and invoke Windows features.

SMB 1.0/CIFS-Client

2. Then, in the Windows Features dialog box shown above, enable support for SMB 1.0/CIFS file sharing option (check box).

Once OK is confirmed, Windows must restart. When rebooting, SMBv1 is added to the operating system and scanning to network folders should work again.

Within this english blog post, you will find additional hints, such as how to set up an insecure logon using group policies. But I’m not sure if this still works or if it’s a good idea. In the long term, devices that use SMBv2 for network access should be procured

Windows 10 V1803 and Easy Document Creator

After switching to Windows 10 April Update (version 1803), the forums have seen a series of users who can no longer scan multifunction devices. The common feature is that Samsung Easy Document Creator is used for scanning. I have received requests from Facebook, Microsoft Answers etc. 

Scanning with Samsung Easy Document Creator is described in more detail on this HP page, for example. Windows 10 and Samsung Easy Document Creator, now offered by HP, have been a source of trouble in the past. During the “Scan to PC”, messages such as’The current process has failed’ were displayed.  Or an error message like the following will be displayed.

Easy Document Creator Scan Fehler (Windows 10)

For example, the HP forum now contains the thread After upgrade Win 10 v 1803 Easy Document Creator won’t comunicate with scanner from early May 2018, which describes the dilemma. The Windows 10 April update knocked out the software, the scanning doesn’t work anymore. Even the TWAIN interface is disabled. In this MS Answers forum post, a user reports that scanning with Windows Fax and Scan still works (WIA is used).

A workaround is to use the software NAPS2 (Not Another PDF Scanner 2)) for scanning. This software can scan via TWAIN and WIA. I haven’t found anything at the moment, but Easy Document Creator might try to use the SMBv1 protocols for writing – and that goes wrong for the known reasons.

Similar articles
How to add a scan function to Word 2013
Scanning in Word 2013/2016 – Part I
Scanning in Word 2013/2016 – Part II


Stuipd idea using Windows 10 LTSC or tinkering with V1607

$
0
0

[German]Today I like to discuss within a blog post the question, how reasonable is it, to use a Windows 10 LTSC versions. And I also take a look at the idea of using Windows 10 version 1607 as a poor mans LTSC version.

The initial idea for this article raided from my German blog post Windows 10, geplante Obsoleszenz? Within this article I pointed out some implications of Windows as a service. Furthermore, some blog readers asked why I ‘m not mentions Windows 10 LTSC often. Others asked about a ‘home made’ slimmed-down Windows 10 version wit blocked feature updates and long term support.

On some days, however, the pieces of a puzzle come to light and forces suddenly an image. I’m discussing with some people who are active as administrators in the Windows 10 environment to benefit from their experiences.

Crazy idea Windows Long Term Servicing Channel (LTSC)

I confess, I have occasionally thought about setting up and working with a Windows 10 Enterprise LTSC here. No more feature updates and a operating system base that gets 10 years of support. But Microsoft has made it always clear that Windows 10 LTSC is intended for ‘mission-critical’ applications and not for day-to-day operation in office environments. 

Within the last hours I became aware (via Twitter) of the Microsoft blog entry Say No to Long Term Servicing Channel (LTSC). British consultant Greg Nottage explains why the LTSC of Windows 10 is not a solution for corporate use. And there are a number of disadvantages that users face with an LTSC solution compared to the SAC (Semi-Annual Channel) approach.

  • No new operating system extensions via feature update
  • No new security features via feature update – LTSC does not keep pace with the feature enhancements of Windows Defender ATP.
  • No support for newer hardware – keyword Windows 10 LTSC 2016 does not support Intel chipsets beyond Kaby Lake
  • No Windows Analytics Upgrade Readiness support for LTSC
  • No support for the Edge browser
  • No support for Cortana
  • No support for Windows Store
  • No support for surface hardware
  • LTSC does not support ConfigMgr Express Updates

Nottage wrote that in-place upgrade from Windows 7 to Windows 10 is not supported for LTSC. Also: Microsoft Office 365 on LTSC will no longer be supported from January 2020. How silly. Furthermore, he claims missing support and restrictions in the LTSC area by independent hardware and software manufacturers. And non-security operating system fixes and extensions may not be back ported to LTSC by Microsoft. Loosely defined LTSC release cycles should also make advance planning more difficult. Some people will see it differently, and some arguments a bit silly!

Windows 10 V1607: Poor man’s LTSC?

I still had since long time the idea of installing Windows 10 Anniversary Update (V1607), using DISM or tools to remove Store, Cortana, Telemetry and so on. The background for this idea was the fact, that Microsoft promised to support Windows 10 V1607 until 2023 with security updates (see my blog post Windows 10 support for Clover Trail machines till 2023).

Because Microsoft cannot provide Clover Trail support from Windows 10 V1703 upward, security updates are granted until 2013 for Windows 10 V1607. But I didn’t know, whether Microsoft checks for Clover Trail chipset during update install. This comment confirmed, that updates still install on officially unsupported Windows 10 Anniversary Update. The user downloaded the June KB4287903 flash update manually and was able to install it on Windows 10 Pro V1607. Nevertheless, it is a crazy idea to use Windows 10 V1607 as a basis, as you will see below.

Looking behind the curtain

Let’s go one step further now – I’m not a consultant for Microsoft, so I’m not suspicious of wanting to sell Windows as a service (WaaS). Within the last weeks I received several comments within my blogs. And I had an exchange of ideas with blog reader Karl about the idea of the Windows 10 V1607 LTSC (also the homemade version). So I can lift the curtain of the stage a little and show the dirty floor behind the scenes.

LTSC, just a dead horse …

German blog reader Christian wrote this comment (just scroll down a bit, up to his text) an aspect I wasn’t so familiar with. His message: The LTSC is not intended for office computers. Why?

Quote: I now have software here that requires at least Windows 10 – 1607 if you are using Win 10. With Win 7 and 8.1 the software does not make any restrictions. It is a special software, but the problem is not the software itself but in the background and there it can affect any program..

Christian also provides the explanation, which shows that Microsoft can (and probably will) create a rocky road to users who are installing LTSC builds.

Reason: All Win 10 versions below version 1607 cannot install Net Framework 4.7, which automatically results in an LTSB version below version 1607, e.g. 1511, will be cut off from using current software.

For example, paint.net also requires Net Framework 4.7 in its current versions. And if also the provider of the own standard office software takes this step you are quite nailed with your old LTSB version.

Win 7 and 8.1 do not have this problem, Net Framework 4.7 is still fully supported.

And now .NET Framework 4.8 is already in the pipeline. As soon as Microsoft realizes that people don’t switch to the most recent Windows 10 builds, you fastens the thumbscrews.

A practical experience

I discuss behind the scenes with some administrators. One, I will call him Karl, just gave up his administrative job some year ago and is now an IT service guy. When I asked him for his opinion about using LTSC or a customized Windows 10 V1607, he came up with a clear statement.

I personally don’t believe in LTSC or in cobbling something like Windows 10 V1607 together. What you should ideally do: Install Windows 10 1803 and then use DISM GUI to uninstall the pre-provisioned apps. Or switch off telemetry with local GPOs.

Karl justifies his rejection with the following practical experience, which I cannot reject nor confirm.

Windows 10 V1507, V1511 and V1607 in particular are anything but well designed versions under the hood, which is why I am also not recommending Windows Server 2016 V1607. 

We have 2 well-known customers who have taken this stony path with LTSC and now it is over. All of us wasted money, me included. All clients are now reinstalled and relicensed with Windows 10 Enterprise.

Then he adds the following explanations (that fits with the british consultant’s comments cited above).

Reason 1: With the end of mainstream support, the support claim of the same LTSC build against the OEM manufacturer regarding drivers and security updates expired! But it’s absurd.

Reason 1a: The LTSC does not allow code changes and is therefore out.

Karl notes also that the OEMs do not live an LTSC ideology. He referred to a discussion with me on Google+, where I wrote, OEMs often make little or no effort to test the insiders and see what happens’. I know this argumentation from Microsoft (see Moving from project to process: digital transformation with Windows as a service, from John Wilcox, Microsoft). That was also the point where Karl went into the discussion and we couldn’t find a common sense in the discussion – because Microsoft creates a moving target with Windows 10 semi annual channel (SA)C, which is fundamentally patched one day before the release. And then Karl gave me further reasons for his argument against LTSC:

Reason 2: The updates provided for LTSC are pure security updates, bugs stay in forever if they are not security critical. This is part of the concept.

Reason 3: An LTSC version cannot be upgraded from LTSC to current non-LTSC versions, not even in-place because of other codebase / WIM images .

Reason 4: An LTSC is more expensive to license than other models in the long run. An LTSC is revised approximately every 3 years (LTSC 2015 – 1507,  LTSC 2016 1607,  LTSC 2019 – probably 1809) 

Reason 5: Microsoft does not support Usual Business Use on LTSC, i.e. Office or Office 365 etc. The applications are therefore not road warriors or laptop users, but rather machine controls, telephone systems, devices in the operating room, etc. Devices with little to no changes and high uptime.

Karl argues that the current way with 6 months of upgrades (or if delayed, with 18 months of upgrade support) is the only way to prevent fragmentation like XP, Windows 8 or Windows 7. He told me: By the way, nobody had gotten upset about it at Apple, it had been there since MacOS X.

Note from my side: With macOS you have a closed hardware environment, and still suffer from bugs, but can fix them faster than Microsoft. And Apple recently set itself the internal goal of slowing down the development of new features for higher quality and fewer bugs. Besides (but I’m not 100% in there), it seems to me that the number of collateral damage due to incompatible hardware and software is quite limited with macOS. Eventually a Mac series didn’t made it to a new macOS version, but the software can often be used again. But I may be wrong.

So, this has once again become a much too long blog post. However, I think and hope that the aspects mentioned here will lead to a critical and fruitful discussion or new insights. At least now everyone should realize where the journey with Windows should go. I don’t envy administrators in the Windows environment for their job.

PS: Finally, a reference to the ZDNet.com article by Mary Foley Microsoft looks to add security, stability with Windows 10 IoT Core Services, where she already outlines in the header text: Microsoft is adding a new, paid option to its Windows 10 IoT Core operating system that will prevent it from getting regular feature updates, among other features.

Similar articles:
Windows 10 support for Clover Trail machines till 2023
Windows 10: End of Life for several builds

Patchday: Windows 10 updates June 12, 2018

$
0
0

[German]Microsoft released several cumulative updates for the supported Windows 10 builds on June 12, 2018. Here are some details about these updates.

A list of updates can be found on this Microsoft website. I have pulled out the details below. Some of these updates for Windows 10 versions 1607 to 1709 are also available as delta updates  for the WSUS.

Updates for Windows 10 Version 1803

The following updates are available for Windows 10 April Update (version 1803).

Update KB4284835 for Windows 10 Version 1803

Cumulative update KB4284835 contains quality improvements but no new operating system functions and raises the OS build to 17134.112. The most important changes are the following Specte patch and some other fixes:

  • Provides protections from an additional subclass of speculative execution side channel vulnerability known as Speculative Store Bypass (CVE-2018-3639). These protections aren’t enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use this guidance document to enable mitigations for Speculative Store Bypass (CVE-2018-3639) in addition to the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
  • Addresses an issue in which the 2017 and 2018 versions of Intuit QuickBooks can’t run in multi-user mode on Windows 10 1803 devices. Users will now be offered Windows 10, version 1803.
  • Adds support for the SameSite cookie web standard to Microsoft Edge and Internet Explorer.
  • Addresses an issue with Internet Explorer that prevents it from using an updated version of location services.
  • Addresses an issue that causes certain games to fail to show dialogs when connected to monitors that support interlaced display formats.
  • Addresses an issue with the brightness controls on some laptops after updating to the Windows 10 April 2018 Update.
  • Addresses a reliability issue in which the GameBar may fail to launch.
  • Addresses an issue where firmware updates cause devices to go into BitLocker recovery mode when BitLocker is enabled, but Secure Boot is disabled or not present. This update prevents firmware installation on devices in this state. Administrators can install firmware updates by:
    1. Temporarily suspending BitLocker.
    2. Immediately installing firmware updates before the next OS startup.
    3. Immediately restarting the device so that BitLocker doesn’t remain in the suspended state.
  • Addresses an issue that caused the system to start up to a black screen. This issue occurs because previous updates to the Spring Creators Update were incompatible with specific versions of PC tune-up utilities after installation.
  • Addresses an issue in which customers with a combination of specific Windows display languages and user preferred language list (UPLL) entries receive an extraneous UPLL entry and input language selector entry. This issue occurs after upgrading to Windows 10 version 1803 and, as a result, customers cannot remove this language entry or its keyboard.
  • Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Windows Desktop Bridge, Windows apps, Windows shell, Windows kernel, Windows Server, Windows storage and filesystems, Windows wireless networking, remote code execution, and Windows virtualization and kernel.

Interesting is the fix of the black screen bug that has been available since the Spring Creators update (Windows 10 V1703) and is caused by Tune-Up. The update is distributed via Windows Update, but should also be available via WSUS or may be downloaded from Microsoft Update Catalog.

Unfortunately, Microsoft has not fixed the SMBv1 issue I discussed in the blog post Microsoft plans a Windows 10 V1803 SMBv1 fix on June 2018. The issue that SMBv1 protocol is causing connection errors is described as a Known Issue.

German blog reader Johann H. notified me via e-mail (thanks for that) about a curiosity. He wrote: If you load the update package windows10.0-kb4284835 from the “Microsoft Update Catalog” you will get the OS Build 17134.111. If you do it with the Windows 10 “Update and Security” you will get the OSBuild 17134.112.

Update KB4293701 for Windows 10 Version 1803

Update KB4293701 (Critical compatibility update for upgrading to Windows 10 Version 1803: June 12, 2018) improves the upgrade experience to Windows and will be installed automatially by Windows Update.

Updates for Windows 10 Version 1709

The following updates are available for Windows 10 Fall Creators Update (version 1709)

Update KB4284819 for Windows 10 Version 1709

Cumulative update KB4284819 for Windows 10 Version 1709 (Fall Creators Update) raises the OS build to 16299.492 and includes quality improvements and the following fixes:

  • Provides protections from an additional subclass of speculative execution side channel vulnerability known as Speculative Store Bypass (CVE-2018-3639). These protections aren’t enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use this guidance document to enable mitigations for Speculative Store Bypass (CVE-2018-3639) in addition to the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
  • Includes additional performance improvements.
  • Addresses an issue in Microsoft Edge that causes incorrect responses to XML requests.
  • Adds support for the SameSite cookie web standard to Microsoft Edge and Internet Explorer.
  • Addresses an issue with Internet Explorer that prevents it from using an updated version of location services.
  • Addresses an issue where firmware updates cause devices to go into BitLocker recovery mode when BitLocker is enabled, but Secure Boot is disabled or not present. This update prevents firmware installation on devices in this state. Administrators can install firmware updates by:
    1. Temporarily suspending BitLocker.
    2. Immediately installing firmware updates before the next OS startup.
    3. Immediately restarting the device so that BitLocker doesn’t remain in the suspended state.
  • Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Windows Desktop Bridge, Windows apps, Windows shell, Windows storage and filesystems, Windows app platform and frameworks, Windows virtualization and kernel, Windows wireless networking, and Windows Server.

The update is distributed via Windows Update, but can also be downloaded via Microsoft Update Catalog. The update inherited the known issue from the previous update. Some non-English platforms can display the following string in English instead of the localized language: “Reading scheduled jobs from file is not supported in this language mode.” This error is displayed when Device Guard is enabled and you are trying to read the scheduled jobs you have created. In addition, there are other known bugs with Device Guard activated (e.g. no & or . operator etc., see) Microsoft is working on solving the issues.

Update KB4316692 for Windows 10 Mobile

Cumulative update KB4316692 for Windows 10 Mobile raises the OS build to 15254.489 and includes some improvements listed in the KB article. It is delivered via Windows Update.

Update KB4293700 for Windows 10 Version 1709

Update KB4293700 (Critical compatibility update for upgrading to Windows 10 Version 1709: June 12, 2018) improves the upgrade experience to Windows. It will be installed via Windows Update automatically.

Updates for Windows 10 Version 1507 till 1703

Various updates are available for Windows 10 RTM to Windows 10 Creators Update (version 1703). Here is a short overview.

  • Windows 10 Version 1703: Update KB4284874 is available for Windows Mobile as well as for the desktop. It raises the OS build to 15063.1155 (Mobile 15063.1154) and also contains fixes for the Spectre vulnerabilities. Details can be found in the KB article.
  • Windows 10 Version 1607: Update KB4284880 is only available for Enterprise and Education and Windows Server 2016. Systems with Clovertrail chipset also receive the update. The update raises the OS build to 14393.2312 and also contains fixes for the Spectre vulnerabilities. Details, also to the known problems can be found in the KB article.
  • Windows 10 Version 1507: Update KB428486 is available for the RTM version (LTSC). The update raises the OS build to 10240.17889 and also contains fixes for the Spectre vulnerabilities. Details, also about the known problems can be found in the KB article.

For Windows 10 V1511 there was no update that this version has fallen on the support. Details on the above updates can be found in the respective Microsoft KB articles in case of doubt.

Similar articles:
Adobe Flash Player version 30.0.0.113 available
Flash-Update KB4287903 for Windows released
Flash-Update KB4287903: Install issues with WSUS
Microsoft Office Patchday (June 5, 2018)
Windows 10 V1803: Update KB4338548 released
Microsoft Security Update Summary for June 12, 2018
Windows 10 V1511-1607: Privacy notification update KB4134662, KB4134663 and KB4134659Microsoft Office Patchday (5. Juni 2018)
Patchday: June 2018 Updates for Windows 7/8.1/Server
Patchday: Windows 10 updates June 12, 2018
Microsoft patchday: More updates (June 12, 2018)

Windows 10 Insider Preview Build 17692 released

$
0
0

Microsoft just released Windows 10 Insider Preview Build 17692 for PC in Fast Ring. The announcement has been made within the Windows blog, where you can read about improvements and the bucket of bugs and issues coming with this new build.

Windows 10 V1803 is ‘Semi-annual’ ready – seriously?

$
0
0

[German]Microsoft claims, that 250 Million systems are upgraded to Windows 10 V1803. And as a consequence, Microsoft has declared Windows 10 April Update (V1803) as ‘semi-annual’ ready. So this build is now being rolled out in the business environment. There is also an article from Microsoft that explains how Windows 10 deployment can be ‘accelerated’ by integrating Windows Insider Previews.

Windows 10 V1803 as ‘Semi-annual’ ready

MVP colleague Susan Bradley points out in this article at askwoody.com that Microsoft considers Windows 10 V1803 to be ready for business use.

Microsoft today declared 1803 as “ready for business” and is flipping from the Semi-annual targeted (the old CB) to Semi-annual (the old CBB).

This information has been published from Microsoft in this blog post on June 14, 2018. Microsoft explains there that the rollout of Windows 10 April Update could be completed much faster with the help of Artificial Intelligence (AI) than in previous builds.

250 Million systems on Windows 10 V1803

Microsoft says within the blog post linked above, that more than 250 million machines have already been updated to Windows 10 V1803. Based on the AI data, these Windows 10 versions have been released for all compatible devices worldwide.

250 MillionenWindows 10 V1803 Installationen

So Microsoft claims Enterprise customers can follow the same approach for the Semi-Annual Channel and roll out Windows 10, version 1803.

Windows 10 V1803 business ready? Seriously?

After reading Microsoft’s blog post, I was wondering what they are smoking. Susan Bradley expresses what went through my mind: “It’s a little early to roll out this build in companies”. There are simply still too many bugs (Susan Bradley has summarized some things here – and I have blog posts about many of these topics – see link list at the article’s end).

After posting the German version of this article a few hours ago, I received a couple of comments, where administrators from business environments are making a fuss about Windows 10. One admins wrote, that the Bitlocker AD backup issue hasn’t been fixed – so a rollout is not an option. Luckily IT administrators can decide when to deploy the new operating system build in their organization on a broad basis.

Microsoft: Integrate Insider Preview Builds

When the following tweet came to my attention, I involuntarily looked at the calendar and searched for April 1 as the current date.

Under the premise of speeding up the rollout of Windows 10 releases, an IT Pro article explains how to roll out Windows Insider Preview builds in enterprise environments. That’s because you have a Windows Insider Program for Business. But I can’t help, what stuff they are smoking at Redmond? What does an Insider Preview Build have to do with the deployment of Windows 10? What’s your opinion? Is Windows 10 V1803 business ready? Is it a good idea to deploy Windows 10 Insider Preview builds?

Similar articles
Win10 Wiki
Windows 10 April Update (Version 1803): Upgrade FAQ
Microsoft plans a Windows 10 V1803 SMBv1 fix on June 2018
Windows 10: Scanner fails after update
Windows 10 V1803: Update KB4100403 (with SSD fix)
Windows 10: Scanner fails after update
Windows 10 Version 1803: Network environment empty
Windows 10 V1803: Hotfix for Easy Document Creator Scan
Stuipd idea using Windows 10 LTSC or tinkering with V1607

Windows 10: Update Facilitation Service (KB4056254)

$
0
0

[German]Microsoft provides another new Update Facilitation Service for Windows 10 Home and Pro. Here’s some information on this obscure update, that Microsoft provides for Windows 10 versions that are ‘out of support’ since months.

Windows 10 is broken! At least if you look at the whistles and bells, Microsoft’s developers have added to the update process (see my article Windows 10 Reliability Update KB4023057 (8.2.2018) and this comment). Beside Windows Update there are other task scheduling mechanisms that are designed to ensure that an update, disabled by a user can still be flushed onto the machine. Here’s the ‘next innovation’ from this category.

Update Facilitation Service for Home und Pro

Susan Bradley recognized during browsing some update the new Update KB4056254 (Windows 10 update facilitation service) for Windows 10. Microsoft says:

This update includes a background service to facilitate Windows Update service on devices running Home or Pro editions of Windows 10 Versions 1507, 1511, 1607, and 1703.

This means: Since Windows 10 Version 1709 (Fall Creators Update) this service or feature is already a board. KB article for Update KB4056254 says:

This update includes files and resources to address issues affecting background update processes in the Windows Update servicing stack. Maintaining Window Update service health and performance helps ensure that quality updates are installed seamlessly on your device and help to improve the reliability and security of devices running Windows 10.

That makes me wonder, what Microsoft has in stock. Because the explanation above is a bit ‘windy’ (see below).

These machines get the update

Microsoft writes that only certain builds of Windows 10 versions 1507, 1511, 1607 and 1703 require this update. These are systems on which these builds run on home or pro editions. These devices may not belong to a Windows domain. In other words, it affects the home users and users who run Windows 10 Pro in smaller installations. These systems receive the update automatically via Windows Update downloaded and installed.

Dialogfelder bei Windows Update Vermittlungsdienst-Installation
(Install dialogs, Source: Microsoft)

Microsoft says: Devices not connected to Windows Update may see a User Account Control (UAC) prompt during installation. Microsoft published the two dialog boxes shown above on their KB article. The left dialog box is always displayed. If something like that appeared on my desktop, I would immediately think of a virus.

Obscurity at it’s best …

In the business environment with domains, this update is not (yet) used, Microsoft probably doesn’t dare to do that. In best case we may assume, that Microsoft’s developers try to improve the reliability of old systems that somehow have update problems. But looking under the hood brings another aspect on the topic. Only Windows 10 V1703 is still in regular support and gets updates in the Home and Pro version. All other Windows 10 versions mentioned above are ‘out of support’ for Home and Pro (see my blog post Windows 10: End of Life for several builds). Only Windows 10 Enterprise LTSC-SKUs still receiving updates. Seems to me as an attempt, to use small business and home users as a guinea pig, to test how for force install of reliability updates. What’s your opinion?

Windows 10: No support for Microsoft Store un- and re-install

$
0
0

[German]Important information for users and administrators of Windows 10, Microsoft says in a new KB article that uninstalling the Microsoft Store in Windows 10 and reinstalling it later is not supported.

What we are talking about?

Windows 10 users who don’t need the Microsoft Store can actually remove it with a PowerShell command. The command should be (see here and here) :

Get-AppxPackage *windowsstore* | Remove-AppxPackage

This removes the Store app from Windows 10, but only for the current user account. This article contains also hints, how to remove the Store app. But the article here contains the note NOT RECOMMENDED.

What Microsoft says about uninstalling Store?

Through a tweet from @PhantomofMobile I became aware of the following facts:

Removing, uninstalling and reinstalling the Microsoft Store as an app is not supported by Microsoft. Reference is made to the Microsoft article Removing, uninstalling, or reinstalling Microsoft Store app is not supported(KB4339074). There Microsoft says:

In Windows 10, we do not recommend removing or uninstalling the Microsoft Store app.

Microsoft says that isn’t recommended for Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607 and Windows 10 Version 1511. The explanation from Microsoft:

this behavior is by design.

If you uninstalled Microsoft Store by any means and want to reinstall it, the only Microsoft-supported method is to reset or reinstall the operating system, which will reinstall Microsoft Store.

The KB article is dated/revised on June 19, 2018.

How IT admins can block the store

Administrators in enterprise environments who want to block access to the store can do this in Windows 10 Enterprise using Group Policy. Microsoft has published in October 2017 the article Configuring access to the Microsoft Store. The article describes various methods for restricting access via Group Policy, AppLocker, etc.

Note: Users of Windows 10 Home versions had the option of blocking access via a registry entry (see also here and here). However, this no longer works with Windows 10 Home/Pro V1511 and above – as mentioned implicit within the MS article linked above.  

Similar articles
Windows 10: Issues with WSUS and Store (V1803)
Microsoft bans store apps using ‘Windows’ in name
Windows 10: Store error 0x87AF000B
Windows 10: Store updates with fixes and Microsoft Store
Windows 10 V1709: Store broken (wrong manifest layout)

Outlook 2016: Search doesn’t returns results

$
0
0

[German]Microsoft Outlook users may run into the issue, that a search in all  mailboxes or address books no longer return results. This is probably due to a recently installed update. A search in contacts that doesn’t return results could be related to Windows 10 V1803.

Some details about this error

Outlook 2016 users are faced with the issue, that the search in mailboxes no longer works. No hits are found. A German administrator describes the issue here

recently there have been more and more messages from our users that the Outlook search in the mailboxes no longer delivers any results.

This issue no longer occurs after a system reboot. The problem is that no root cause is known. And therefore no prevention is possible for users not yet affected.

The administrator asked whether a relevant update (06/2016) is known, which could provide the cause. I was not aware of anything in this respect, and especially with regard to the June 2018 updates..

The problem occurs frequently

If you search the internet for terms like ‘Outlook 2016 search no longer works’, there are many hits. The proposed tips that I found:

  • Re-index the Windows search. According to a German Technet forum post, this currently does not work under Windows 10.
  • Another repair method (as of February 2016) is described in the Lookeen-Blog. In addition to re-indexing, the repair of the PST file is proposed.
  • Some forum post pointed out, that a missing access right to Windows search folders may cause this issue.

And I recommended a repair of Microsoft Office via control panel. Another root cause for similar issues and damaged pst files may be using personal folders with pst files over a network. Microsoft has published this article describing the side effects.

Issue caused by March 2018 Update

In the case linked above, I found a hint that Microsoft is aware of the issue. In the support article Fixes or workarounds for recent issues in Outlook for Windows it says in the section ‘Outlook known issues in the March 2018 updates’:

Outlook known issues in the March 2018 updates
 
Last Updated: March 23, 2018
 
ISSUE
 
For some users after updating to 16.0.9001.2171 and later versions, Outlook search returns no search results for POP and IMAP accounts.
 
STATUS: WORKAROUND
 
Until a fix or resolution is determined you can work around the issue by disabling Windows Desktop Search which will cause Outlook to use it’s built in search. The built-in search will display the message below to indicate it is not using the Windows Search service.

The problem is caused by the March 2018 update and can be solved by not using the Windows search service.

Within my German blog post some reader pointed out, that adding the DWORD value PreventIndexingOutlook set to 1 within the registry entry

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search

will force an internal Outlook search.

Windows 10 1803: Searching in Outlook contacts broken

It looks as if when switching to Windows 10 April Update (V1803) the search for contacts in Outlook does not work any more. In this German forum thread an administrator describes the issue:

A customer of us using Windows Server 2012R2, Windows 10 Clients with Office 365, and Exchange Online. They can no longer search for contacts in Outlook since the Windows 10 update to 1803 (was made last week). The contacts are located in a public Exchange folder and are used by all employees. The search then tells me “No elements found”.”.

I see all about 2000 contacts, but the search function does not work. I already had Index rebuilt, but still no contacts in the search. I still have a computer here with Windows 10 version 1709 and with that also the search for the contacts goes as usual.

The error description suggests that the issue is specifically related to Windows 10 April Update, in conjunction with Office 365 (Outlook 2016) and Exchange Online. I had suggested a repair of Office according to this Technet thread. There was also a hint from another user to look at Microsoft’s web page with known issues and fixes for Outlook. However, I did not find any Known Issues regarding the search for the June 2018 update.

Another user reported similar issues on PST files located on network folders. This user wrote, that an Office 365 update from June 18, 2018 has changed Outlook to Version 16.0.9330.2124. That fixed the issue on his system. Maybe it’s helpful.

Similar articles
Fix: Outlook mail issue in KB4011089, KB4011090, KB4011091
Update Outlook due to vulnerability CVE-2018-0950
Update KB4011123 fixes Outlook 2016 attachment bug
Outlook Sept. patch day bug reviews (iCloud, VB-Script…)


Windows 10 V1607-V1709: Updates from June 21, 2018

$
0
0

[German]Microsoft has released several updates for Windows 10 Anniversary Update (V1607), Windows 10 Spring Creators Update (V1703) and Windows 10 Fall Creators Update (V1709) as of June 21, 2018. Here is some information about these updates.

Update KB4284822 for Windows 10 Version 1709

Cumulative Update KB4284822 (June 21, 2018) for Windows 10 Version 1709 changes OS build to version 16299.522. This update improves quality and addresses this topics.

  • Addresses an application performance degradation issue in operating system functions. This degradation locks and frees large blocks of memory (such as VirtualLock and Heapfree) after installing KB4056892 and superseding fixes.
  • Addresses performance regression in App-V that slows many actions in Windows 10.
  • Adds a new MDM Policy, “DisallowCloudNotification”, for enterprises to turn off Windows Notification traffic.
  • Changes the music metadata service provider used by Windows Media Player.
  • Addresses an issue with the placement of text symbols in right-to-left languages.
  • Addresses an issue with editing web password fields using a touch keyboard.
  • Adds a Group Policy that provides the ability to hide recently added apps from the Start menu.
  • Updates the Segoe UI Emoji font to use a water gun to represent a pistol emoji.
  • Addresses a reliability issue with resuming from hibernation.
  • Addresses an issue where SmartHeap doesn’t work with UCRT.
  • Addresses an issue to ensure that Windows Defender Application Guard endpoints comply with regional policies.
  • Increases the user account minimum password length in Group Policy from 14 to 20 characters.
  • Addresses an issue that causes sporadic authentication issues when using Windows Authentication Manager.
  • Addresses an issue where an Azure Active Directory account domain change prevents customers from logging on.
  • Addresses an issue that displays unnecessary “Credential Required” and “Do you want to allow the app to access your private key?” messages. This issue occurs when running a Universal Windows Platform (UWP) application.
  • Addresses an issue that causes the LSASS service to become unresponsive, and the system needs to be restarted to recover.
  • Addresses an issue where client applications running in a container image don’t conform to the dynamic port range.
  • Adds a new registry key that prevents access to the Internet using WWAN if a non-routable ethernet is connected. To use this new registry key, add IgnoreNonRoutableEthernet” (Dword) on HKEY_LOCAL_MACHINE\Software\Microsoft\Wcmsvc using regedit, and set it to 1.
  • Adds a new registry key that allows customers to control access to the Internet using WWAN without using the default connection manager. To use this new registry key, fMinimizeConnections” (Dword) on HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\WcmSvc\Local using regedit, and set it to 0.
  • Addresses an issue that prevented ISO/DVD mounts and eject from working using VM settings and Powershell because of menu transition issues in VMConnect.
  • Addresses an issue where restarting the Hyper-V host with Hyper-V Replica (HVR) enabled could cause replication to stop. It may also require a manual restart to resume the replication from a suspended state. The replication state should be normal after the Hyper-V host/VMMS is restarted.
  • Addresses an issue that might cause the Mitigation Options Group Policy client-side extension to fail during GPO processing. The possible errors are “Windows failed to apply the MitigationOptions settings. MitigationOptions settings might have its own log file” or “ProcessGPOList: Extension MitigationOptions returned 0xea.” This issue occurs when Mitigation Options have been defined using Group Policy, the Windows Defender Security Center, or the PowerShell Set-ProcessMitigation cmdlet.
  • Addresses an issue that causes a connection failure when a Remote Desktop connection doesn’t read the bypass list for a proxy that has multiple entries.
  • Addresses an issue where Windows Defender Security Center and the Firewall Pillar app stop working when opened. This is caused by a race condition that occurs if third-party antivirus software has been installed.

In the list above you can find some interesting fixes for several bugs in Windows 10 V1709. The update is provided via Windows Update (the update search must be initiated), WSUS or via the Microsoft Update Catalog. This update has some Known Issues, which are described in this KB article.

Update KB4135058 for Windows 10 Version 1709

Addendum: Microsoft has also released a dynamic update KB4135058 for Windows 10 Version 1709. This is a ‘Compatibility update for upgrading to Windows 10 Version 1709: June 21, 2018’ and shall improve the upgrade experience to Windows 10 V1709.

Update KB4284830 for Windows 10 Version 1703

Update KB4284830  (June 21, 2018) for Windows 10 Version 1703 changes OS build to version 15063.1182. This update improves quality and addresses this topics.

  • Addresses performance regression in App-V that slows many actions in Windows 10.
  • Addresses an issue with the soft keyboard’s input modes in WPF applications.
  • Addresses an issue where SmartHeap doesn’t work with UCRT.
  • Addresses an issue that causes sporadic authentication issues when using Windows Authentication Manager.
  • Addresses an issue that displays unnecessary “Credential Required” and “Do you want to allow the app to access your private key?” messages. This issue occurs when running a Universal Windows Platform (UWP) application.
  • Addresses an issue that causes the LSASS service to become unresponsive, and the system must be restarted to recover.
  • Addresses an issue where client applications running in a container image don’t conform to the dynamic port range.
  • Addresses an issue in MSXML 3.0 that causes the body of the request to be empty when the IXMLHTTPRequest send() method is called. This issue occurs when URL redirection causes the send() method to be invoked a second time with a different URL.
  • Adds a new MDM Policy “DisallowCloudNotification” for enterprises to turn off Windows Notification traffic.

The update is provided via Windows Update (the update search must be initiated), WSUS or via the Microsoft Update Catalog. Microsoft is not aware of any issues related to this update

Microsoft has also released an update for the Windows Update Client to increase its reliability. Any Windows 10 device configured to automatically receive updates from Windows Update, including Enterprise and Pro Edition, is offered the latest Windows 10 feature update based on device compatibility and the Windows Update for Business policy for delaying updates. This does not apply to LTSC installations.

Update KB4284833 for Windows 10 Version 1607

Cumulative update KB4284833 (June 21, 2018) is available for Windows 10 Version Version 1607 and Windows Server 2016. However, since Windows 10 Home and Pro have been out of support since April 10, 2018, only Windows 10 Enterprise and Windows 10 Education and the LTSC variants receive this update. The update raises the OS build to version 14393.2339 and addresses the following issues.

  • Addresses a performance regression in App-V that slows many actions in Windows 10.
  • Addresses an issue with the placement of text symbols in right-to-left languages.
  • Addresses a system crash (Stop 3B) in win32kfull.sys when cancelling journal hook operations or disconnecting a remote session.
  • Addresses an unexpected logon termination issue with a third-party Remote Desktop Service (RDS) application.
  • Addresses an issue where customers had to press Ctrl+Alt+Delete twice to exit assigned access mode when autologon was enabled.
  • Addresses an issue that causes the full-screen Start menu to stop working when logging in.
  • Addresses an issue that causes the system to log negative events for valid binaries that should be trusted. This issue occurs when running the Windows Defender Application Control (Device Guard) in audit mode.
  • Addresses an issue that causes sporadic authentication issues when using Windows Authentication Manager.
  • Addresses an issue that displays unnecessary “Credential Required” and “Do you want to allow the app to access your private key?” messages. This issue occurs when running a Universal Windows Platform (UWP) application.
  • Addresses an issue that causes the LSASS service to become unresponsive, and the system needs to be restarted to recover.
  • Addresses an issue where client applications running in a container image don’t conform to the dynamic port range.
  • Addresses a memory leak in RtlDosPathNameToRelativeNtPathName. The leak occurs when you turn on LongPathsEnabled in the registry and you call CreateFile or any other name-based Win32 API using a path that is longer than 260 characters.
  • Addresses an issue where chkdsk doesn’t update the file size and the valid data length when it needs to shrink the Master File Table (MFT) attribute list. This prevents the mounting of the next volume because NTFS considers the volume damaged, and rerunning chkdsk won’t fix this.
  • Addresses an issue that causes poor CPU performance when Virtual Switch Ports leaked during a machine’s live migration from one host to another.
  • Addresses an issue where certain VMs with dynamic and startup RAM set at 32 GB restart with a blue screen. The error that appears is “PFN_List_Corrupt 0x4e”.
  • Addresses a Windows 2016 Hyper-V environment issue in which creating a VM on a Server Message Block (SMB) 3.0 share may cause automatic registration to Hyper-V Manager to fail. This issue occurs when performing a backup for restoration to an alternate location. The error is “The Hyper-V Virtual Machine Management service encountered an unexpected error: The file or directory is corrupted and unreadable. (0x80070570).”
  • Addresses a Windows Server 2016 Hyper-V host and guest migration issue in which a 2016 SQL file stream restoration fails with an “Event ID 11” error. The issue also causes the SQL process to stop working.
  • Addresses an issue in which restarting the Hyper-V host with Hyper-V Replica (HVR) enabled could cause replication to stop. It may also require a manual restart to “resume the replication” from a suspended state. The replication state should be normal after the Hyper-V host/VMMS is restarted.
  • Addresses an issue that sometimes prevents users from starting Microsoft Outlook after logging on to a Remote Desktop session.
  • Addresses an issue in dfsutil.exe that occurs when exporting a DFS namespace as an XML file. The issue occurs when the namespace contains a link with a target that points to a shared folder that has an “&” character in its name. As a result, the generated XML does not correctly escape the “&” character, and dfsutil.exe cannot export the namespace.
  • Addresses an issue that causes a connection failure when a Remote Desktop connection doesn’t read the bypass list for a proxy that has multiple entries.
  • Addresses an issue that prevents VMs in an RD Pooled Desktop Collection from being recreated if the VMs are Gen2.
  • Addresses an issue in a Remote Desktop VDI deployment that prevents a mounted UPD from disconnecting, which results in the creation of temp files.
  • Addresses an issue in which the user interface for Windows Server 2016 Server Manager > File and Storage services displays the NVDIMM-N (memory) bus type as UNKNOWN.
  • Addresses an issue in which the system event log receives many error events for IPRIP 29031 when the system receives the ERROR_OBJECT_ALREADY_EXISTS error.
  • Addresses an issue that occurs when running Test-SRTopology between two clusters and their CSV paths. You may receive the error “Could not find file.”

The update is provided via Windows Update (the update search must be initiated), WSUS or via the Microsoft Update Catalog. Microsoft is not aware of any issues related to this update.

Microsoft has also released an update for the Windows Update Client to increase its reliability. Any Windows 10 device configured to automatically receive updates from Windows Update, including Enterprise and Pro Edition, is offered the latest Windows 10 feature update based on device compatibility and the Windows Update for Business policy for delaying updates. This does not apply to LTSC installations.

Similar articles:
Adobe Flash Player version 30.0.0.113 available
Flash-Update KB4287903 for Windows released
Flash-Update KB4287903: Install issues with WSUS
Microsoft Office Patchday (June 5, 2018)
Windows 10 V1803: Update KB4338548 released
Microsoft Security Update Summary for June 12, 2018
Windows 10 V1511-1607: Privacy notification update KB4134662, KB4134663 and KB4134659Microsoft Office Patchday (5. Juni 2018)
Patchday: June 2018 Updates for Windows 7/8.1/Server
Patchday: Windows 10 updates June 12, 2018
Patchday Microsoft Office Updates (June 12, 2018)
Microsoft patchday: More updates (June 12, 2018)
Windows 7/8.1 Preview Rollup Updates (June 2018)

Adobe Acrobat Prof XI kills Internet Explorer favorites

$
0
0

[German]Today still a short contribution, to which a Blog reader drew my attention. The Adobe Acrobat Prof XI probably has side effects with Internet Explorer 11, where the favorites can no longer be edited under Windows 10.

A reader asked me

Recently I received a request from German blog reader Dekre, who had issues with Internet Explorer 11.

I know you don’t give e-mail support. A problem that has been bothering me for quite some time and I haven’t found anything on the Internet.

In IE 11 with Win 10, saving and managing favorites no longer works. I have completely reset the add-ons. Then I used the AdwCleaner for such cases. It’s no use. Do you have another idea?

That was the place where I scratched my head – because I ran out of ideas. Malware would have been removed by the AdwCleaner. Add-ons were supposedly disabled. Such a thing could easily be done with the :

“C:\Program Files\Internet Explorer\iexplore.exe” –extoff

The switch –extoff forces IE 11 launch without browsers add-ins. But the user wrote, that he had already deactivated add-ins.

Other suspects: Virus scanners & Co.

I could think of a foreign virus scanner or a security solution (as I read in several forum posts, mostly references to Kaspersky). My advice:  Remove third party antivirus software and execute a vendor’s clean tool.

The other assumption: A broken user profile with no longer appropriate access rights prevents changes to favorites from being saved. The easiest way to check this is to create a new local user account. And the user can try to reset IE 11. Microsoft has published this article for the case, that favorites can’t be stored.

And the culprit is: Adobe Acrobat Prof XI

After one day blog-reader Dekre has thankfully reported again. He had found the root cause:

I found the problem bear: I recently installed Adobe Acrobat Prof XI. This also installs the add-on in IE11. This add-on from Adobe is the reason that you cannot change, delete, manage or add the favorites in Win10 in IE11. 

The add-ons of Adobe Acrobat always cause problems, also with Outlook 2013 and Outlook 2010. IE11 and Adobe Acrobat are interesting because they work with Win7 and not with Win10.

Adobe Acrobat DC Prof I do not have, too expensive. Foxit is cheaper and better.

Small root cause, big effect. Maybe it helps another affected person and saves the time for troubleshooting. Thanks to Blog Reader Decree for the information.

Windows 10 V1803: Update KB4315567

$
0
0

[German]Microsoft has released an ominous update KB4315567 for Windows 10 V1803 Enterprise on June 26, 2018. But what is behind this ominous update?

I don’t really understand Microsoft’s update description. The update KB4315567 is called a Compatibility update for upgrading to Windows 10 Version 1803: June 26, 2018 and is only available for Windows 10 Enterprise Version 1803. It’s not available within the Microsoft Update Catalog. The description in the KB article is extremely brief:

This update makes improvements to ease the upgrade experience to Windows 10 Version 1803.

You can deduce everything and nothing from it. An update is offered for Windows 10 version 1803 Enterprise to facilitate the upgrade to Windows 10 version 1803? Quite meaningless the explanation from Microsoft, but not quite unusual. 

At askwoody.com you can find a discussion of which I distill a quintessence: Basically, it doesn’t matter if you let a cat run over your computer’s keyboard and read the excerpt – or if you try to understand one of the KB articles with an update description from Microsoft. The result is the same: incomprehensible and meaningless gibberish. Or can one of you elicit something useful from the KB article by Microsoft?

.SettingContent-ms files put Windows 10 at risk

$
0
0

[German]Microsoft has introduced a new file format (.SettingContent-ms) for Windows 10 in 2015. However, this file format proves to be a weak point, as any commands and applications can be defined for execution via the underlying XML structures.

Introduced in 2015 with Windows 10, the.settingContent-ms file format provides shortcuts to the settings managed in the Settings app. This is supposed to replace the Windows Control Panel. 

.SettingContent-ms files can be abused

Normally, all efforts are made to prevent the exploitation of vulnerabilities via various file formats. Therefore, the execution of macros in Office documents or the use of scripts etc. is blocked. Security researcher Matt Nelson at SpecterOps now writes that the SettingContent-ms file format weakens Windows 10 security because it allows commands to be included and executed.

SettingContent-ms
(Source: SpecterOps)

The screenshot above shows an excerpt from the XML structure in which the DeepLink XML node contains a command to call the calculator. The command will be hidden behind a link in the settings. If the user selects such a supposed link, the command is executed. 

An attacker who manipulates the XML file in question has the option of placing virtually any executable commands in DeepLink nodes there. This would allow to insert PowerShell commands. Matt Nelson has published an example of a modified file on GitHub.

 (Source: YouTube)

The video above shows how to call such a file to access the command prompt or the computer. If I understood it correctly, SettingContent-ms files can be integrated into Office documents. This of course enables various attack scenarios via OLE from Office documents. Matt Nelson sent his findings to the Microsoft Security Response Center in February 2018. They have confirmed the findings, but nothing can be fixed. And now it gets interesting: Commands that are called by the user through a modified SettingContent-ms file do not block either the Windows Defender or the security feature ASR (Attack Surface Reduction).

Windows 10 Insider Preview Build 17704 released

$
0
0

Microsoft has released Windows 10 Insider Preview Build 17704 for PCs in Fast Ring. The announcement has been made within the Windows Blog. There are a number of new features for the Microsoft Edge browser, the Diagnostic Data Viewer and, and, and. However, Microsoft has also hidden a bitter pill: The long time hyped sets have been thrown out – Thank you for your continued support of testing Set. The list of bugs is also quite long. If you are interested in this stuff, you can find out about the bugs and known quirks of this build here.

AdDuplex Windows 10 figures June 2018 – not reliable

$
0
0

[German]Marketing firm AdDuplex has released its latest Windows 10 distribution figures for June 2018. Looking at this figures brought me to the decision, that the whole thing is useless – nothing more than bullshit.

The data from the new AdDuplex report of June 2018 says that Windows 10 April Update has been rolled out to 3/4 of all Windows 10 systems.

AdDuplex Windows 10 distribution June 2018
(Windows 10: Distribution June 2018, Source: AdDuplex)

The figure shown above says, that 78,1 % of all Windows 10 Machines are on April Update (V1803). Windows 10 Fall Creators Update (FCU) is at 15,7%, and the other Windows 10 versions are at 2,4% and below 1%.

Sorry, another bullshit bingo

Sorry, that’s not trustable! Going back one month, in May 2018 AdDuplex has posted the diagram below.

Windows 10: Verteilung Mai 2018
(Windows 10: Distribution May 2018, Source: AdDuplex)

AdDuplex claimed, that Windows 10 V1803 has been installed on 50% of all Windows 10 machines. Within my article Windows and OS market share in May 2018 I shed a bit light on absolute figures. When Terry Myerson announced his departure from Microsoft, the number of 700 million Windows 10 systems was already mentioned. So 50% of 700 Million are 350 Million.

Within the article AI powers Windows 10 April 2018 Update rollout dated June 14, 2018, Microsoft published a 2nd figure. They wrote ‘With over 250 million machines on the Windows 10 April Update, we are seeing ….’. Hell, this 250 million Windows 10 V1803 machines, confirmed by Microsoft on June 2018 are far below of the 350 million AdDuplex is claiming End of May 2018. And now they are going to say 3/4 of all Windows 10 machines are already on Version 1803. What these guys are smoking?

Overall they use telemetry data from apps to estimate the amount of a Windows 10 version installed in the wild. This means, the figures they are receiving and reporting monthly are useless – just bullshit. There is no value looking at this figures – so I decided, not to publish additional blog posts about Windows 10 figures released by AdDuplex.  

Windows 10 RS5 Build 17692.1004 in Slow Ring

$
0
0

On June 14, Microsoft released Windows 10 Insider Preview Build 17692[Redstone 5] in the Fast Ring. Microsoft has announced now in Windows Blog that build 17692.1004 has been available in the Slow Ring since July 2, 2018. Details can be found within the Windows Blog.


Windows 10: Test Defender cloud protection

$
0
0

[German]Does anyone use Windows Defender on Windows 10 in an enterprise environment? Then assure that Windows Defender can connect to various cloud services. Otherwise ‘Defender cloud protection’ is not ensured.

Recently I published the article Windows 7 Defender won’t receive updates (June 2018), addressing issues with Windows 7 Defender, which doesn’t receive updates anymore. Either module updates have killed the Defender or there is a server-side problem at Microsoft. This question is unanswered, although this is currently not a big problem under Windows 7 – no one will just rely on Windows Defender, but use a separate antivirus solution.

Under Windows 10, however, Microsoft positions Windows Defender as a complete antivirus solution. And especially in the enterprise environment, Microsoft offers very good protection with Windows Defender Advanced Thread Protection (ATP) and cloud services – provided everything is set up correctly.

Does the Firewall blocks Windows Defender Cloud access?

In corporate networks, outgoing connections are often limited via a firewall. This may prevent Windows Defender from accessing the cloud to detect threats or the servers to download new signatures. Recently I became aware of this topic via Twitter.

Microsoft has published End of April 2018 the article Configure and validate network connections for Windows Defender Antivirus. This article discusses how to set up the enterprise firewall so that the ‘Windows Defender Antivirus Cloud-delivered Protection’, also known as Microsoft Advanced Protection Service (MAPS), works.

In my opinion, the URLs of websites that Windows Defender needs to be able to contact in order for Microsoft Advanced Protection Service (MAPS) to work are of particular interest. 

Windows Active Defense

Whether the function is available and how to activate it can be found on the Windows Active Defense website under ‘Cloud-delivered protection’. 

Similar article:
Windows Defender reports Trojans as false positives
Windows Defender extension for Google Chrome
Windows 7/8.1 receiving Windows Defender ATP support
Windows 10 V 1703: How to disable Windows Defender in Security Center

Windows 10 Insider Preview Build 17711 released

$
0
0

A few minutes ago Microsoft released the Windows 10 Insider Preview Build 17711 (Redstone 5) in the Fast Ring (and Skip Ahead Ring). The announcement was made as usual in the Windows-Blog. There are new features in the Edge, the Fluent Design, the display, the Registry Editor. Details can be found in the linked Microsoft blog post.

Windows 10: Links in Mail app will be allowed to open in 3rd party browsers

$
0
0

[German]Microsoft seems to allow links in mails that are displayed via mail app to be opened in any browser. This is a fundamental change, because Microsoft announced earlier this year, that such links will be opened in Edge browser only.

Microsoft has announced Windows 10 Insider Preview Build 17623 in Windows Blog, that the Windows Mail app will open links only in Microsoft Edge:

For Windows Insiders in the Skip Ahead ring, we will begin testing a change where links clicked on within the Windows Mail app will open in Microsoft Edge, which provides the best, most secure and consistent experience on Windows 10 and across your devices. With built-in features for reading, note-taking, Cortana integration, and easy access to services such as SharePoint and OneDrive, Microsoft Edge enables you to be more productive, organized and creative without sacrificing your battery life or security. As always, we look forward to feedback from our WIP community.

Now it seems, that the feedback wasn’t too overwhelming. Now italien web site postet a screenshot of an early Mail app update, that showns an option to change that association (see also here).

Mail-App-Optionen(Options in Mail app)

The screenshot shows an option within the mail app settings that can be used to specify whether or not mail links should be opened in Microsoft Edge. With Edge option disabled, links in Windows Mail app should reopen in the default browser of the operating system.

Patchday: Windows 10-Updates July 10, 2018

$
0
0

[German]Microsoft released several cumulative updates for the supported Windows 10 builds on July 10, 2018. Here are some details about the updates.

A list of updates can be found on this Microsoft website. I have pulled out the details below. Some of these updates for Windows 10 versions 1607 to 1709 are also available as delta updates  for the WSUS.

Updates for Windows 10 Version 1803

The following updates are available for Windows 10 April Update (version 1803).

Update KB4338819 for Windows 10 Version 1803

Cumulative update KB4338819 contains quality improvements but no new operating system functions and raises the OS build to 17134.165. Here is a list of addressed issues:

  • Improves the ability of the Universal CRT Ctype family of functions to correctly handle EOF as valid input.
  • Enables debugging of WebView content in UWP apps using the Microsoft Edge DevTools Preview app that’s available in the Microsoft Store.
  • Addresses an issue that may cause the Mitigation Options Group Policy client-side extension to fail during GPO processing. The error message is “Windows failed to apply the MitigationOptions settings. MitigationOptions settings might have its own log file” or “ProcessGPOList: Extension MitigationOptions returned 0xea.” This issue occurs when Mitigation Options has been defined either manually or by Group Policy on a machine using Windows Defender Security Center or the PowerShell Set-ProcessMitigation cmdlet.
  • Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
  • Security updates to Internet Explorer, Windows apps, Windows graphics, Windows datacenter networking, Windows wireless networking, Windows virtualization, Windows kernel, and Windows Server.

The update is distributed via Windows Update, but should also be available via WSUS or the Microsoft Update Catalog. Microsoft is not aware of any problems with the update.

Important: The Servicing Stack Update (SSU) KB4343669must be installed before installing the package from the Microsoft Update Catalog.

Servicing Stack Update KB4343669 for Windows 10 Version 1803

Update KB4343669 (Servicing stack update for Windows 10, version 1803: July 10, 2018) improves the stability of the servicing stack. The update is available via WSUS or in the Microsoft Update Catalog.

Addendum: Update KB4343669 has been re-released in Microsoft Update Catalog for Windows Server (see this Tweet).

Compatibily Update KB4339277 for Windows 10 Version 1803

Compatibily update KB4339277 is a dynamic update, used during install or factory reset to improve the upgrade experience to Windows 10, version 1803.

Updates for Windows 10 Version 1709

The following updates are available for Windows 10 Fall Creators Update (version 1709).

Update KB4338825 for Windows 10 Version 1709

Cumulative updateKB4338825 for Windows 10 Version 1709 (Fall Creators Update) raises the OS build to 16299.547 and includes quality improvements and the following fixes:

  • Addresses an issue that, in some cases, causes the wrong IME mode to be chosen on an IME-active element.
  • Addresses an issue with form submission in Internet Explorer.
  • Addresses an issue where DNS requests disregard proxy configurations in Internet Explorer and Microsoft Edge.
  • Addresses additional issues with updated time zone information.
  • Addresses an issue that causes the latest versions of Google Chrome (67.0.3396.79+) to stop working on Cobalt devices.
  • Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
  • Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Windows apps, Windows graphics, Windows datacenter networking, Windows virtualization, Windows kernel, and Windows Server.

The update is distributed via Windows Update, but can also be downloaded via Microsoft Update Catalog.

Important: The Servicing Stack Update (SSU) KB4339420 must be installed before installing the package from the Microsoft Update Catalog.

This cumulative update has the same known issues as the previous month’s patch. Some non-English platforms can display the following string in English instead of the localized language: “Reading scheduled jobs from file is not supported in this language mode.” This error is displayed when Device Guard is enabled and you are trying to read the scheduled jobs you have created. In addition, there are other known bugs with Device Guard activated (e.g. no & or . operator etc., see) Microsoft is working on solving the problems.

Servicing Stack Update KB4339420 for Windows 10 Version 1709

Update KB4339420 (Servicing stack update for Windows 10, version 1709: July 10, 2018) improves the stability of the servicing stack. This SSD update is available via WSUS or in the Microsoft Update Catalog.

Compatibily Update KB4338852 for Windows 10 Version 1709

Compatibily update KB4338852 is a dynamic update, used during install or factory reset to improve the upgrade experience to Windows 10, version 1709.

Updates for Windows 10 Version 1703

The following updates are available for Windows 10 Creators Update (version 1703).

Update KB4338826 for Windows 10 Version 1703

Cumulative update KB4338826 for Windows 10 Version 1703 (Creators Update) raises the OS build to 15063.1206 and includes quality improvements and the following fixes:

  • Addresses an issue with form submission in Internet Explorer.
  • Updates Internet Explorer’s Inspect Element feature to conform to the policy that disables the launch of Developer Tools.
  • Addresses an issue that, in some cases, causes the wrong IME mode to be chosen on an IME-active element.
  • Addresses an issue in which DNS requests disregard proxy configurations in Internet Explorer and Microsoft Edge.
  • Addresses additional issues with updated time zone information.
  • Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
  • Security updates to Internet Explorer, Microsoft Edge, Windows apps, Windows graphics, Windows virtualization, Windows kernel, and Windows Server.

The update is distributed via Windows Update, but is also available in the Microsoft Update Catalog. No known issues.

Windows Update Improvements

Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 Feature Update based on device compatibility and Windows Update for Business deferral policy. This does not apply to long-term servicing editions.

Updates for Windows 10 Version 1507 and 1603

Various updates are available for Windows 10 RTM to Windows 10 Creators Update (version 1703). Here is a short overview.

  • Windows 10 Version 1607: Update KB4338814 is only available for Enterprise and Education and Windows Server 2016. This update fixes the OS build to 14393.2363. Details, also about the known problems can be found in the KB article. See also DHCP-Bug in Update KB4338814 (Windows 10 Version 1607)
  • Windows 10 Version 1507: Update KB4338829 is available for the RTM version (LTSC). The update removes the OS build to 10240.17914. Details, also about the known problems can be found in the KB article.

For Windows 10 V1511 there was no update that this version has fallen on the support. Details on the above updates can be found in the respective Microsoft KB articles in case of doubt.

Similar articles:
Adobe Flash Player Version 30.0.0.134
Microsoft Office Patchday (July 3, 2018)
Patchday: Windows 10-Updates July 10, 2018
Patchday: Updates for Windows 7/8.1/Server July 10, 2018
Patchday Microsoft Office Updates (July 10, 2018)
DHCP-Bug in Update KB4338814 (Windows 10 Version 1607)
Microsoft Patchday: Other Updates July 10, 2018

Windows 10 Insider Preview Build 17713 released

$
0
0

Microsoft released the Windows 10 Insider Preview Build 17713 (Redstone 5) in Fast Ring and Skip Ahead Ring. The announcement was made as usual in the Windows-Blog. This build is already part of the RS5_RELEASE fork, the Skip Ahead ring will soon be changed to the Fast Ring. New features include Edge, Fluent Design, Display, Notepad Editor, Remote Desktop, Web Login, Windows Defender Application Guard, and more. Details can be found in the Microsoft blog entry.

Viewing all 1335 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>