One of the updates released by Microsoft on Tuesday apparently caused serious crashing problems on Windows 7 and Windows Server 2008 computers. Microsoft has re-issued the update to resolve these problems. Anyone who already installed MS15-115 on affected Windows systems should run Windows Update again to get the new version.
This security update was rereleased on November 11, 2015, for Windows 7 and Windows Server 2008 R2 to resolve the following issues:
* Resolves crashing that occurred in all supported versions of Microsoft Outlook when users were reading certain email messages.
* Resolves problems that occurred while users were logging on to the system. For example, after a user restarted the computer and then pressed Ctrl+Alt+Delete at the logon screen, the screen flashed and then went black. The user was then unable to continue. There may be other, similar logon issues that are related to this issue.
It’s that time again. This month’s crop of updates from Microsoft addresses security problems in the usual suspects, namely Windows, Office, .NET and Internet Explorer. Adobe joins the fun with yet another batch of fixes for Flash, and Google releases another version of Chrome with the latest Flash.
The Microsoft security summary bulletin for November 2015 gets into all the technical details. There are twelve separate bulletins with associated updates. Four of the updates are flagged as Critical. One of the updates affects the Windows 10 web browser Edge. A total of 53 vulnerabilities are addressed.
Flash 19.0.0.245 includes fixes for at least seventeen vulnerabilities. As usual, Internet Explorer in recent versions of Windows will be updated via Windows Update. Chrome gets the new Flash via its internal updater. Anyone still using a web browser with Flash enabled should install the new Flash as soon as possible.
Chrome 46.0.2490.86 includes the latest Flash (see above) and fixes a security issue in its embedded PDF viewer.
Support for Windows 7 – including security updates – will continue to 2020, so it’s still a perfectly viable operating system. But it’s unclear whether you will still be able to purchase Windows 7 OEM separately, from Microsoft or any other seller, after October 31, 2016. I certainly hope so, although it seems unlikely. So if you’re planning to build any new Windows 7 computers between October 2016 and 2020, you should stock up on Windows 7 OEM licenses now.
Microsoft is happy with the latest Windows 10 Insider Preview build, designated 10586. That means it will find its way to your Windows 10 computer over the next week or so as the Windows 10 Fall Update. This will roughly coincide with next week’s Patch Tuesday.
My Insider Preview test machine is configured to get the latest updates, so I’ve been using 10586, and the builds that were available in the interim since the last public release (10240) for a while. Now that the test computer is running the new release version, the ‘Insider Preview build’ message is once again gone from the desktop. That will change when Microsoft pushes out the next preview version.
There’s not a lot to talk about here. Most of the changes are fairly minor, including coloured title bars, tab previews in Edge, general cleanup in user interface elements, and improvements to the Start menu. Skype will get several enhancements. Several bugs have also been fixed.
With this release, Microsoft has also changed the way it identifies Windows 10 versions. The previous release was “Version 10.0 (Build 10240).” The new release is “Version 1511 (OS Build 10586.3)” where “1511” refers to the 11th month of 2015. They like to keep us confused, don’t they?
Of course, Belfiore says that this is nothing to worry about, since it’s being done to make Windows 10 work better for everyone. He’s probably not lying about Microsoft’s intentions, but all the same, I don’t want my O/S to do this kind of thing. And I don’t care if blocking this unwanted communication makes Microsoft’s work more difficult.
Unless Microsoft relents and provides a method for disabling all of this anti-privacy communication, your choices are: a) give up and stop worrying about it; b) avoid Windows 10 completely; or c) use one of the available third-party methods, such as Spybot Anti-Beacon, to block all of this ‘phone home’ behaviour.
Normally, I’d go for option C. But I’m running Windows 10 as part of the Insider Preview program, and blocking all communication to Microsoft would almost certainly result in my being kicked from the program. So it’s option A for me.
Microsoft is really ramping up the annoyance factor lately. The latest is that some time in 2016, Windows 7 and 8.x computers will start seeing Windows 10 as a ‘Recommended’ update in Windows Update. If you have Windows Automatic Updates enabled, your computer will be upgraded to Windows 10 on some arbitrary night in early 2016, while you’re asleep.
This is bad for several reasons. Here are a few:
For anyone not interested in upgrading to Windows 10, this renders Automatic Updates unusable. Yes, there are people who want to use Automatic Updates, but don’t want to upgrade to Windows 10. Lots of them. Including a lot of grandparents.
There have already been reports of problems with Windows 10 being installed when it wasn’t wanted. If Microsoft messes this up somehow, a lot of people are going to be mighty annoyed when they wake up to Windows 10 on their computer.
There are loads of reasons not to upgrade to Windows 10, including incompatible software and hardware. An unwanted Windows 10 upgrade could mean a lot of time wasted downgrading or looking for alternatives.
Microsoft has started talking about Windows 10 in business and education settings, saying they’ll provide workarounds for these types of problems. But it can’t be very encouraging to business IT folks to hear announcements like this.
I just ran Edge – Microsoft’s new web browser – on my Windows 10 test computer, and the ‘Favorites’ bar went berserk for a few seconds. At first I thought there was some kind of display bug, but then I clicked the arrow at the far right end of the bar, and could see a lot of new Favorites, including many in folders. Some of those favorites were familiar, and some were not.
I eventually realized that Edge had automatically imported all the Chrome bookmarks from every Google account that had ever logged into Google, using Chrome, while logged into Windows with my Microsoft account. I leave the computer logged in, which is normally not recommended, but this is also my main media computer, and there’s nothing personal on any of its drives. Also I trust my roommate.
Chrome knows when you’re logged in to Google, and shows bookmarks and other settings specific to the current Google user. These settings are stored locally, keeping each Google user’s settings separate, but storing the data in the profile of whichever Windows user is currently logged in.
There are two problems with this. First, I don’t think this import process should be automatic. It’s the kind of thing that I want to do strictly on demand, and in fact you can do that: in Edge’s Settings dialog, click the ‘View favorites settings’ button to see the import feature. Second, Edge should not assume I want to import Chrome bookmarks for all Google profiles. Now I’ve got a mess to clean up, and I can’t be sure it won’t happen again. So I’ll stop using Edge.
I’m running Windows 10 Insider Preview build 10576, which just installed itself earlier this morning. I can’t be sure the Edge problem is related, but it seems likely.
If you’ve ever chosen a default Windows web browser that wasn’t Internet Explorer, you know that Microsoft has an annoying habit of resetting that choice to Internet Explorer when updates are installed.
Microsoft upped the annoyance level with Windows 10, in which changing default applications can no longer be automated. This is good from a security standpoint, but makes it more difficult for competing applications to get a foothold on user systems, and browser developers aren’t exactly thrilled.
In the couple of months since the release of Windows 10, there have been plenty of reports of strange, unexpected, and unwanted behaviour on Windows 7 and 8.x computers. At least one high profile writer dismissed these reports, but recanted after witnessing the behaviour themselves.
I ran into one such problem yesterday when I tried to install October’s Patch Tuesday updates on my Windows 7 computer. Although auto updates are disabled on that computer, I had previously decided to install all updates flagged as ‘Important’. The idea was to see what happened if I allowed Microsoft to push whatever they wanted to that computer, putting myself into the same situation as most typical users.
The first thing I noticed was the ‘Get Windows 10’ icon that started appearing in the notification area. At the time, I provided instructions for uninstalling the update that caused this icon to appear, and did that myself as well. But the icon – and the update that enables it – kept appearing. Even ‘hiding’ the update (KB3035583) in Windows Update could not prevent the damned thing from reappearing.
Fast forward to yesterday, and when I tried to install updates on that Windows 7 PC, I was able to check for updates, and see the pending updates, but there was no way to install them! Instead, all I could see was a panel urging me to upgrade to Windows 10 and a ‘Get Started’ button.
The borked Windows Update screen on my Windows 7 computer.
I followed the procedures in that KB article, and sure enough all the upgrade prompts vanished, the KB3035583 update stopped reappearing, and Windows Update once again allowed me to install updates.
That’s better. The normal Windows Update screen.
Anyone using Windows 7 or 8.x who is seeing any of this unwanted and unwelcome behaviour is urged to follow the instructions in the KB3080351 article. If you’re unwilling or unable to do so yourself, ask your friendly local support person to do it.
Meanwhile, a message to Microsoft: are you serious? Are you so eager to push everyone to Windows 10 that you are now literally trying to trick or even force users to upgrade? This is not acceptable. You need to step down from this or the backlash is going to get serious. There is already discussion around the idea of a class action lawsuit.
It’s a relatively light month for Microsoft, with only six bulletins, and associated updates affecting Windows, Windows Server, Internet Explorer, Office, and the new Windows 10 browser Edge. Three of the bulletins are flagged as Critical. The bulletin summary has all the details, and it includes a link to Microsoft’s Security Advisories page for 2015, which may be of some interest.
Meanwhile, Adobe’s contribution to this month’s patch pile is more updates for Flash and Reader/Acrobat. The new version of Flash is 19.0.0.207, and it addresses thirteen vulnerabilities. The release notes get into the details of what was changed, which includes a few bug fixes unrelated to security. As always, Chrome will update itself and Internet Explorer on newer versions of Windows will get the new Flash via Windows Update.
The newest versions of Adobe Reader are 11.0.13 for Reader XI, and 2015.009.20069 for Acrobat Reader DC. At least fifty-six vulnerabilities are addressed in these updates. Check out the related security bulletin for additional information.
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.
Close
Ad-blocker not detected
Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Learn more.
boot13
