Windows 10

It’s time to make sure your computer is locked down. If history is any indication, we’re going to be in for a rocky ride over the next week or two.

In September, folks who were set to update Windows automatically were greeted by Word docs and Excel spreadsheets that wouldn’t display merged cells, switched languages and intentionally broke one-click printing on custom forms. In October, admins who let patches go through automatically were greeted by oceans of blue screens and failures in Microsoft’s own Dynamics CRM. Last month, every version of Windows was hit with a patching bug that blocked Epson dot matrix printers — and those who had told Win10 Creators Update to wait to upgrade found themselves “accidentally” upgraded to Win10 Fall Creators Update, version 1709.

To read this article in full, please click here

Many malware researchers were surprised to find an unexpected patch on their machines yesterday. It didn’t arrive through the front door — Windows Update wasn’t involved. Instead, the new version of mpengine.dll arrived automatically, around the back, even if you have Windows Update turned off.

This vulnerability is particularly nasty. If the Malware Protection Engine scans a jimmied file, the file can take over your computer and run whatever it wants. Since the MPE routinely runs all the time, in the background, that means a bad file could infect your computer in myriad ways. To quote Microsoft’s Security Vulnerability notice:

To read this article in full, please click here

I’ve been hearing a lot from friends recently about how Windows 10 is the best Windows ever and people would be stupid not to switch. These being friends, I don’t want to be rude, but — cough, ahem — I don’t buy it.

Is security your No. 1 concern? Well, Windows 10 is no more secure than Windows 7 — which is to say it is a profoundly insecure operating system. There have been a lot of serious Windows security patches in the last year, and Windows 10 had all the same problems as Windows 7.

True, Windows didn’t have anything as bad as macOS’s unbelievably stupid “Let anyone log in as the administrator” security hole, but just because Microsoft didn’t botch things as badly as Apple did doesn’t get it off the hook. I mean, what do you call it when Microsoft fixes security holes in Windows 10 that it doesn’t patch in Windows 7? I call it really, really stupid.

To read this article in full, please click here

The list of complaints about this month’s patches goes on forever. I covered the high points a couple of days ago. We’ve seen people who are running Win10 Creators Update and who specifically said they didn’t want to upgrade to Fall Creators Update get pushed into an upgrade anyway. Those using Epson dot matrix or POS printers lost them for a couple of weeks. Add to that a heaping handful of hooey and there were enough problems to keep most Windows customers shaking their heads. Or quaking in their boots.

To read this article in full, please click here

There are so many issues with this month’s security patches that it’s hard to decide where to begin. Let’s start with the problems that have been acknowledged, then move into the realm of what’s not yet fully defined.

Forced upgrades

Many users have remarked about how much the forced 1703-to-1709 Windows 10 upgrades feel like Microsoft’s detested forced upgrades from Win 7 and 8.1 to 10 – the “Get Windows X” campaign. Although the situation’s different on the surface, the net result is the same. Many people who were happily using Windows 10 Fall Update – version 1703 – were forcibly upgraded this month to the Fall Creators Update – version 1709 – even on systems that were not supposed to be upgraded.

To read this article in full, please click here

Hard to imagine in this age of privacy scandals, but HP is installing a telemetry client on its customers’ computers — and it isn’t offering any warning, or asking permission, before delivering the payload.

Dubbed “HP Touchpoint Analytics Service,” HP says it “harvests telemetry information that is used by HP Touchpoint’s analytical services.” Apparently, it’s HP Touchpoint Analytics Client version 4.0.2.1435.

There are dozens of reports of this new, ahem, service scattered all over the internet. According to Günter Born, reports of the infection go all the way back to Nov. 15, when poster MML on BleepingComputer said:

To read this article in full, please click here

For those of us keeping track of Windows patches, the long four-day weekend in the U.S. felt like another instantiation of Mr. Toad’s Wild Ride. Here are the developments, in more or less chronological (which is to say, not logical at all) order.

While many of you were sneaking out the door early on Wednesday, Microsoft released KB 4055038, a fix for bugs that clobbered Epson dot matrix printers, introduced in this month’s Patch Tuesday security patches. I talked about the bug two weeks ago. In short, a bug in all of this month’s Windows security patches caused Epson dot matrix printer drivers to fail. The bug appeared in:

To read this article in full, please click here

The patches have been out for only a few days, but as best I as can tell at this early juncture, November’s Patch Tuesday bugs aren’t as bad as they were in October. Thank Redmond.

If you use an Epson dot matrix printer, if you’re seeing an error that CDPUserSvc has stopped working, or if you were forcibly upgraded from Win10 Creators Update, version 1703, to Fall Creators Update, version 1709, I have some good news and some bad news.

Dot matrix dissed

Microsoft has acknowledged a bug in its Patch Tuesday updates that causes “some Epson SIDM and Dot Matrix printers” to fail. The bug appears in this month’s patches for every version of Windows:

To read this article in full, please click here