Woody Leonhard

About the Author Woody Leonhard


When does your Surface support life cycle end? Will it get fixed?

Time was you could go to Microsoft’s website and get a definitive answer as to when your Surface machine’s support life cycle would end. For reasons unknown, that information isn’t where it used to be. It’s an open question whether Microsoft has unilaterally withdrawn support — a particularly important question, given the ultimate availability of Meltdown/Spectre patches.

Let’s say you have a Surface Pro 2 and you want to know if Microsoft will ever fix the Meltdown/Spectre vulnerability on your machine. To date, there’s been no notification one way or the other, but the tea leaves look increasingly bitter.

To read this article in full, please click here

Read more 0 Comments

Belay that order: Intel says you should NOT install its Meltdown firmware fixes

You know how you’re supposed to flash the BIOS or update the UEFI on all of your Intel machines, to guard against Meltdown/Spectre? Well, belay that order, private! Intel just announced that you need to hold off on all of its new patches. No, you can’t uninstall them. To use the technical term, if you ran out and applied your Intel PC’s latest firmware patch, you’re hosed.

In what appears to be a catastrophic curtain call to the “oops” moment that I discussed ten days ago, it now seems that the bright, new firmware versions — which Intel has had six months to patch — have a nasty habit of causing “higher system reboots.”

To read this article in full, please click here

Read more 0 Comments

Win10 1709’s most irksome ‘feature’: Programs come back from the dead

Here’s a quick question. In Windows, if you have a program running when you reboot your machine, does Windows:

  1. Start up clean, regardless of what was running at the time of shutdown?
  2. Boot, then automatically launch all of the previously running programs?
  3. Give you an option, to choose between 1 and 2?

The answer? In every version of Windows that I’ve used (going back to Windows 286), it’s clearly the first option. Of course you don’t want your old junk to come back. Cleaning out and starting fresh is a, uh, time-honored Windows tradition.

To read this article in full, please click here

Read more 0 Comments

Patching meltdown: Windows fixes, sloppy .NET, warnings about Word and Outlook

On the heels of the Jan. 17 release of 14 Windows and .NET patches, we now have a huge crop of new patches, revised older patches, warnings about bugs, and a bewildered ecosystem of Microsoft customers who can’t figure out what in the blue blazes is going on.

Let’s step through the, uh, offerings on Jan. 18.

Windows 10 patches

Win10 Fall Creators Update version 1709 — Cumulative update KB 4073291 brings the Meltdown/Spectre patches to 32-bit machines. What, you thought 32-bit machines already had Meltdown/Spectre patches? Silly mortal. Microsoft’s Security Advisory ADV180002 has the dirty details in the fine print, point 7:

To read this article in full, please click here

Read more 0 Comments

More Windows patches, primarily previews, point to escalating problems this month

Never give a sucker an even break. Yesterday, on a very out-of-band Wednesday, Microsoft released preview patches for Windows 8.1 (but not 7!), Server 2012, and Windows 10 1709 (for bricked AMD machines only), with preview cumulative updates for Win10 1703 and 1607. There are also nine different .NET preview patches.

What should you do? Nothing. More accurately, make sure you DON’T install any of them. Fortunately, all of these patches require that you download and install them — and you’d have to be crazy (or an admin trying to shore up some critical servers) to dive into the cesspool.

It’s the same advice I’ve been giving all month. There’s nothing here that you need right now — there are no known exploits for Meltdown or Spectre in the wild, in particular — and machines are dropping like flies.

To read this article in full, please click here

Read more 0 Comments

InSpectre: See whether your PC’s protected from Meltdown and Spectre

If you’re wondering whether your computer is susceptible to the latest bête noir, Meltdown and Spectre, you can take the official Microsoft patch and, after a suitable amount of technical drudgery, come away with a result that doesn’t answer much. Or you can try Steve Gibson’s new InSpectre and – with suitable caveats – see some meaningful results and a few hints about catching up.

Microsoft has a complex PowerShell script that details your machine’s exposure to the Meltdown and Spectre security flaws. Running that script on all but the simplest and most up-to-date systems turns into a hair-pulling exercise, and the results are coated in 10 layers of technical gobbledygook.

To read this article in full, please click here

Read more 0 Comments

Microsoft’s mystifying Meltdown/Spectre patches for AMD processors

I’ve seen a lot of bizarre Microsoft patches-of-patches, but the new patches for AMD processors are in a world of their own. The security-only, manually downloadable patches appear to be Meltdown/Spectre patches for machines that were bricked by other bad patches, earlier this month, but they’ve arrived with no instructions — and a strange circular logic.

Last week, Microsoft released two patches, with these official titles:

  • KB 4073578: Unbootable state for AMD devices in Windows 7 SP1 and Windows Server 2008 R2 SP1
  • KB 4073576: Unbootable state for AMD devices in Windows 8.1 and Windows Server 2012 R2

The Win7 KB article says:

To read this article in full, please click here

Read more 0 Comments

Microsoft reinstates Meltdown/Spectre patches for some AMD processors — but which ones?

As we rappel down the Patch Tuesday rabbit hole this month, Microsoft just announced that it’s going to start pushing its January Windows security patches onto AMD processors again. But it neglects to mention which ones. Per a late-night change to KB 4073707:

Microsoft has resumed updating the majority of AMD devices with the Windows operating system security update to help protect against the chipset vulnerabilities known as Spectre and Meltdown.

To read this article in full, please click here

Read more 0 Comments

Surprise! Excel gets a variation of the Word DDE block settings

You  may recall that Microsoft disabled automatic Dynamic Data Exchange (DDE) in Word back in December. I wrote about the problem, and its solution, in “Office as a malware delivery platform: DDE, Scriptlets, Macro obfuscation.” Microsoft stopped automatic DDE, the {DDEAUTO} field in Word, while setting up certain registry entries that can soften that decision.

This month, I was surprised to discover, Microsoft has made a roughly analogous change in Excel. Applying this month’s Excel security patches doesn’t change the DDE server launch and DDE server lookup settings. But it does give admins the ability to stifle both of the user prompts associated with DDE access.

To read this article in full, please click here

Read more 0 Comments

A mess of Microsoft patches, warnings about slowdowns — and antivirus proves crucial

Welcome to another banner Patch Tuesday. Microsoft yesterday released 56 separately identified security patches for every supported version of Windows, Office, .Net, Internet Explorer and Edge. Out of that monstrous pile, only one patch cures a currently exploited problem — a flaw in Word’s Equation Editor that should have been fixed in November.

If you’re a “normal” user, your first priority shouldn’t be Microsoft’s patches, notwithstanding the fabulous PR job performed on Meltdown and Spectre’s behalf. Assuming you don’t open random Word docs with dicey embedded equations, your main concern right now should be getting your antivirus house in order.

To read this article in full, please click here

Read more 0 Comments

Buggy Win7 Meltdown patch KB 4056894 throwing blue screens

Read more 0 Comments

Windows, Meltdown and Spectre: Keep calm and carry on

I’m increasingly skeptical of security holes that have their own logos and PR campaigns. Yesterday’s sudden snowballing of disclosures about two groups of vulnerabilities, now known as Meltdown and Spectre, has led to enormous numbers of reports of varying quality, and widespread panic in the streets. In the case of Intel’s stock price, that’s more like blood in the streets.

While it’s true that both vulnerabilities affect nearly every computer made in the past two decades, it’s also true that the threat — especially for plain-vanilla Windows users — isn’t imminent. You should be aware of the situation, but avoid the stampede. The sky isn’t falling.

To read this article in full, please click here

Read more 0 Comments