By
Phouchg,
in Tips, Tweaks & Customization
-
Recently Browsing 0 members
No registered users viewing this page.
-
Similar Content
-
By Sszecret
Microsoft Weekly: Humankind on Game Pass, Patch Tuesday, and new Windows 11 builds
by Florin Bodnarescu
The latest set of seven days has gone by, and as such, we should take a look at the variety of Microsoft-related news that have happened. Among them, the confirmation of Humankind launching day one on Game Pass, the arrival of this month’s Patch Tuesday updates, and even some more PrintNightmare news. You’ll find info about those subjects and more below, in your Microsoft digest for the week of August 8 - 14.
Humankind on Game Pass
To the shock of I suspect very few, we begin at the beginning, with SEGA’s upcoming 4X strategy title, Humankind. Launching August 17 across Steam, EGS, and Stadia, the title will also be available day one via Xbox Game Pass, as recently confirmed by Microsoft.
Speaking of availability, Xbox Cloud Gaming can now be tested by Insiders in the Xbox App on Windows, while the Series X|S optimized variant of Hellblade: Senua’s Sacrifice has arrived, boosting graphical fidelity and gaining ray tracing support.
In case your backlog is simply too small, you may want to take a look at the Xbox Add-on Sale, which features titles from series like Assassin’s Creed or Doom. Additionally, there’s Yooka-Laylee and Garou: Mark of the Wolves to claim for free if you’re an Xbox Live Gold subscriber.
Last but not least, there’s an Xbox show planned around gamescom. The showcase, which is set to give an in-depth look at upcoming games, is scheduled for August 24 at 10AM PT / 1PM ET (that's 6PM BST or 7PM CEST).
Patch Tuesday
Like clockwork, the second Tuesday of August has rolled around, signaling that it was time for the Redmond software giant to push out is usual set of Patch Tuesday updates.
For folks on Windows 10 versions 2004, 20H2, and 21H1, the relevant update is listed under KB5005033, and is set to bump up the build numbers to 19041.1165, 19042.1165, and 19043.1165 – in order of oldest to newest supported version.
The list of fixes mentions a particular change to the Point and Print functionality, which now requires administrative privileges to install drivers. This is to combat the security flaw with the ID CVE-2021-34481.
Those still on 1909 Enterprise, Education, and IoT Enterprise SKUs will get KB5005031 – which bumps the build number up to 18363.1734 -, while those within the LTSC (Long Term Servicing Channel) flavors of Windows 10 will be given the following updates:
1809: KB5005030, build 17763.2114 1607: KB5005043, build 14393.4583 1507: KB5005040, build 10240.19022 Those still on Windows 7 (such as businesses paying for Extended Security Updates) or Windows 8.1 got their very own sets of patches. For the former OS, details about the monthly rollup can be found under KB5005088 (or KB5005089 for the security-only variant), while a rundown of everything fixed for Windows 8.1 users can be found under KB5005076 (KB5005106 for the security-only flavor).
Naturally, like the Windows 10 counterparts, the Windows 8.1 and 7 patches also include the Point and Print default behavior change described above.
New Windows 11 builds
With Windows 11 vaguely on the horizon, Microsoft is continuing to push out test builds to its Dev and Beta Insider channels.
This week, testers were greeted by build 22000.132, which added the ability to chat from Teams (a feature showed off at the OS’s debut livestream earlier this year), a new Snipping Tool, as well as updated Calculator, plus Mail and Calendar apps. As always, these are subject to a staggered rollout, but in the meantime, here’s a quick look at all of them.
Naturally, Insider builds come with their fair share of bugs, so here is the – rather lengthy – list of known issues, covering everything from localization to the new Store, the Search functionality, as well as test channel-specific bugs.
Dev channel
Dynamics 365 Intelligent Order Management is now generally available. Power BI now has a new component geared towards Angular web apps. Power BI has added in-product store browsing capabilities. The OneDrive sync client will no longer work on macOS 10.12 or 10.13 after September 10. Teams web users will soon be able to add background effects and share system audio. Microsoft has acquired Peer5 to bolster its large-scale video-streaming capabilities in Teams. Edge Dev build 94.0.975.1 is now out, adding Sleeping Tabs improvements. Visual Studio 2022 Preview 3 is now available to try. The August firmware update for the AMD-based Surface Laptop 3 is now out. EY and Microsoft have partnered to create a $15B growth opportunity. Microsoft has expanded its partnership with Samsung, optimizing its apps for the latter’s foldables. Logging off
We end this week’s column with a rather important subject, which is another variant of the PrintNightmare exploit.
Following on from last month’s discovery of the Print Spooler flaw lovingly dubbed PrintNightmare (or SeriousSAM, depending on who you ask), Microsoft has confirmed that yet another variant has been discovered, one which has been assigned CVE-2021-36958 as its ID. This exploit takes advantage of the fact that the Print Spooler service is capable of improperly performing privileged file operations.
Unsurprisingly, a patch has already been pushed out (coinciding with Patch Tuesday this week), with the Redmond giant understandably recommending immediate installation. Furthermore, the company has also outlined its vision for the way in which organizations can protect themselves againts cyberattacks.
To end on a bit of good news, Azure CTO Mark Russinovich has confirmed that a security vulnerability found in the Remote Desktop Connection Manager (or RDCMan) has been fixed. The improper parsing of XML inputting with references to external entities flaw has now been addressed via version 2.82 of RDCMan.
Missed any of the previous columns? Check them all out at this link.
If you’d like to get a daily digest of news from Neowin, we now have a Newsletter you can sign up to either via the ‘Get our newsletter’ widget in the sidebar, or this link.
-
By Abhay V
Windows 7 and 8.1 Patch Tuesday updates are out, here's what's new
by Abhay Venkatesh
It’s the second Tuesday of the month, which is when all supported Windows versions receive cumulative updates. This includes supported Windows 10 versions such as the three latest versions based on the same codebase, Windows 8.1, and Windows 7 users who have opted for extended security updates (ESU). Unlike Windows 10, Windows 7 and 8.1 users receive one update a month, with there being some exceptions for when there are critical vulnerabilities.
As is always the case with Windows 7 and 8.1, there are two kinds of updates. They are monthly rollup packages and security-only updates. The monthly rollups are those that can be installed via Windows Update and the security-only ones are those that can only be manually installed. However, both these updates can be downloaded from the Update Catalog manually.
Starting with Windows 8.1 and Windows Server 2012 R2, the monthly rollup is KB5005076 and can be downloaded manually from here. The improvements and fixes made in this update include:
The security-only update for this version is termed KB5005106 and brings with it identical fixes. Users can download the update manually from here depending on the version required. Both these updates also share identical known issues, which are listed below:
Symptom
Workaround
After installing this update, the Elastic File System (EFS) API OpenEncryptedFileRaw(A/W), often used in backup software, will not work when you back up to or from a Windows Server 2008 SP2 device. OpenEncryptedFileRaw will continue to work on all other versions of Windows (local and remote).
This behavior is expected because we addressed the issue in CVE-2021-36942.
Note If you cannot use backup software on Windows 7 SP1 and Server 2008 R2 SP1 or later after installing this update, contact the manufacturer of your backup software for updates and support.
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following:
Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
Next up is Windows 7 Windows Server 2008 R2 SP1, updates for which head only to users and enterprises that have opted to pay for extended updates. For these users, the monthly rollup is KB5005088, which can be downloaded manually from here. The security-only update for these is KB5005089 and can be had from the Update Catalog here.
The fixes being made to Windows 7 are identical to that of Windows 8.1. While the updates share the two known issues as well, there is an additional issue that users might want to be aware of for the older OS. Here is the single additional known issue listed by Microsoft:
Symptom
Workaround
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances:
If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
As mentioned earlier, the monthly rollups will be served through Windows Update for supported devices. The security-only updates, however, are to be manually pulled from the Update Catalog links.
-
By Usama Jawad96
Microsoft releases new patch for PrintNightmare, recommends immediate installation
by Usama Jawad
PrintNightmare is a vulnerability that Microsoft began publicly investigating in July. It makes use of the Windows Print Spooler service's unprotected functions to trigger remote code execution (RCE) through which an attacker can execute code under the guise of SYSTEM privileges. The firm awarded it a "high" vulnerability score and provided some mitigations a few weeks ago. A patch was also released but it turned out that it could still be bypassed. That said, the company downplayed the issue, and claimed that it only happens when people use unsupported registry values.
Today, Microsoft has released a new patch, which it says changes the default behavior of Point and Print on Windows since the current implementation does not meet the security needs of its customers. Moving forward, Point and Print driver installations and updates will require administrative privileges. This essentially means that all vulnerabilities related to the Windows Print Spooler service which have been publicly documented so far will be mitigated.
Microsoft has stated that this change will adversely affect non-admin users who were previously able to install and update these drivers. However, the company believes that the benefits far outweigh this inconvenience. The company has cautioned that if IT admins do not install this update or disable this mitigation, they will be prone to PrintNightmare exploits. It is important to remember that PrintNightmare affects virtually all version of Windows, which is why it is essential that this patch is installed as soon as possible. More information can be found in the company's security advisory under CVE-2021-34481 here.
-
By Usama Jawad96
Microsoft's App Assure program expands to support Windows 365
by Usama Jawad
Yesterday, Microsoft announced the general availability of Windows 365 and revealed price tiers starting from $20, going all the way up to $162 for varying configurations. With this new service, Windows is hosted on Microsoft Cloud and customers can securely stream the full Windows experience, including their apps, data, and settings, to personal and corporate devices. For organizations looking to transition infrastructure to Windows 365, Microsoft has announced an expansion of its App Assure program to support its latest offering.
For those unaware, Microsoft's App Assure was launched in 2018 is designed to ensure that your business won't have any app compatibility issues. If you do encounter them, Microsoft actually works with your organization to fix the issues. Since its inception, Microsoft has added support for various flavors including Windows 10 on ARM as well as Windows 11.
With the general availability of Windows 365, Microsoft is extending the same promises to its users once again. If a business encounters issues related to app compatibility on Windows 365, it can get in touch with Microsoft to identify the root cause, receive guidance for remediation, and work with the company to fix potential bugs in its products. In some cases, the Redmond tech giant may even reach out to the third-party provider of a certain incompatible app on your behalf and work with them to resolve the issue. This will all be done at no extra cost provided that you are eligible for Microsoft's FastTrack program.
While Microsoft says that apps that work on Windows 7, 8.1, and 10 will ideally continue to function on Windows 365, unforeseen issues can arise sometimes and that is where businesses with App Assure will benefit. Since its launch in 2018, the App Assure program has evaluated 809,729 apps, identified 3,116 broken apps, and unblocked 89.5 million devices. This has resulted in estimated cost savings of $7.54 billion and prevented 43.6 million help desk escalations.
-
By Abhay V
Windows 7 and 8.1 Patch Tuesday updates are live, here's the complete changelog
by Abhay Venkatesh
Just like clockwork, Microsoft is today releasing cumulative updates to all supported Windows versions as part of its Patch Tuesday updates. These include Windows 10 versions that are fully supported – such as the three latest versions, and other SKUs that are supported for certain types of customers, along with Windows 8.1 and users that have opted for Windows 7 Extended Security Updates (ESUs).
While Windows 8.1 and 7 usually receive a single update a month, the firm released emergency updates for the PrintNightmare vulnerability earlier this month, which will also be bundled into these packages.
As is always the case with updates for Windows 8.1 and Windows 7, there are two types of updates. They are monthly rollup packages and security-only updates. While monthly rollups are automatically served through Windows Updates, security-only updates can be manually acquired from the Update Catalog and installed on systems.
For Windows 8.1 and the corresponding Windows Server release, the update is KB5004298, which can also be downloaded from the Update Catalog here. The improvements and fixes made in this update are as follows:
The security-only update for Windows 8.1 is served by KB5004285, which can be downloaded manually from here. The changelog is similar to that of the monthly rollup, bringing fixes for CVE-2021-33757 and removing the PerformTicketSignature setting. It also contains the single known issue found in the rollup.
The firm has listed one known issue that is common across both updates, which has been present for a long time. It is not clear when the renaming issue will be fixed. Here is the explanation of that issue provided by the company:
Symptom
Workaround
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following:
Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
Windows 7 and Windows Server 2008 R2 SP1 users that have opted for ESUs will receive monthly rollup via KB5004289 that can be found for manual download here. The security-only update is KB5004307 which can be manually downloaded from here. The changelogs for both the monthly rollup and security-only update are identical to that of Windows 8.1, which is listed above.
The updates for Windows 7, however, have an additional known issue that might cause the update to fail. The rename bug in Cluster Shared Volume (CSV) folders affects this OS as well. Here is the changelog that details the additional issue:
Symptom
Workaround
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances:
If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
As usual, the monthly rollups will be served through Windows Update for supported devices. The security-only updates are to be manually pulled from the Update Catalog links.
-
Recommended Posts