Jump to content

Search the Community

Showing results for tags 'windows 7'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

  1. Windows 7 and 8.1 Patch Tuesday updates are live, here's the complete changelog Just like clockwork, Microsoft is today releasing cumulative updates to all supported Windows versions as part of its Patch Tuesday updates. These include Windows 10 versions that are fully supported – such as the three latest versions, and other SKUs that are supported for certain types of customers, along with Windows 8.1 and users that have opted for Windows 7 Extended Security Updates (ESUs). While Windows 8.1 and 7 usually receive a single update a month, the firm released emergency updates for the PrintNightmare vulnerability earlier this month, which will also be bundled into these packages. As is always the case with updates for Windows 8.1 and Windows 7, there are two types of updates. They are monthly rollup packages and security-only updates. While monthly rollups are automatically served through Windows Updates, security-only updates can be manually acquired from the Update Catalog and installed on systems. For Windows 8.1 and the corresponding Windows Server release, the update is KB5004298, which can also be downloaded from the Update Catalog here. The improvements and fixes made in this update are as follows: Addresses an issue in which 16-bit applications fail with an error message that states a general fault in VBRUN300.DLL. Addresses an issue in which some EMFs built by using third-party applications that use ExtCreatePen and ExtCreateFontIndirect render incorrectly. Adds Advanced Encryption Standard (AES) encryption protections for CVE-2021-33757. For more information, see KB5004605. Removes support for the PerformTicketSignature setting and permanently enables Enforcement mode. For more information and additional steps to enable protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049. Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, Windows Operating System Security, Windows Graphics, Microsoft Scripting Engine, Windows HTML Platforms, and Windows MSHTML Platform. The security-only update for Windows 8.1 is served by KB5004285, which can be downloaded manually from here. The changelog is similar to that of the monthly rollup, bringing fixes for CVE-2021-33757 and removing the PerformTicketSignature setting. It also contains the single known issue found in the rollup. The firm has listed one known issue that is common across both updates, which has been present for a long time. It is not clear when the renaming issue will be fixed. Here is the explanation of that issue provided by the company: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. Windows 7 and Windows Server 2008 R2 SP1 users that have opted for ESUs will receive monthly rollup via KB5004289 that can be found for manual download here. The security-only update is KB5004307 which can be manually downloaded from here. The changelogs for both the monthly rollup and security-only update are identical to that of Windows 8.1, which is listed above. The updates for Windows 7, however, have an additional known issue that might cause the update to fail. The rename bug in Cluster Shared Volume (CSV) folders affects this OS as well. Here is the changelog that details the additional issue: Symptom Workaround After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History. This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article. As usual, the monthly rollups will be served through Windows Update for supported devices. The security-only updates are to be manually pulled from the Update Catalog links. Windows 7 and 8.1 Patch Tuesday updates are live, here's the complete changelog
  2. Windows 7 users upgrading to Windows 11 will need to clean install Many corporate networks run a Windows 7 image on brand-new hardware because this is what the company standardised on. If you want to make the big jump from Windows 7 to Windows 11 however, it turns out Microsoft will not be much help. In a support document from Lenovo the company confirmed that apps and settings will not be migrated if you install Windows 11 on a Windows 7 PC, with Lenovo saying: What is the upgrade path from Windows 10 to Windows 11? My company still has some Windows 7 devices. If they meet the hardware floor, can these devices be upgraded directly to Windows 11? Most devices available for purchase now will be upgradeable to Windows 11. You will have the option to upgrade, clean install, or reimage Windows 10 devices to move to Windows 11. For Windows 7 devices that meet hardware requirements, you will need to clean install or reimage to go directly to Windows 11. If it is essential to retain settings, it may make more sense to upgrade to Windows 10 first before attempting the jump to Windows 7. The full support document can be seen here. via WindowsLatest Windows 7 users upgrading to Windows 11 will need to clean install
  3. At one point Microsoft was considering directional lighting effects for Windows 7 UI For many, the journey from Windows Vista’s Aero Glass to the Metro UI in Windows 8 and Windows 10 was a major step backwards, but I think few could have imagined just how radical some of Microsoft’s UI ideas were in the past. Stephan Chapman has been posting historical mockups, pictures and video from the history of Windows, and today posted a short clip showing how Microsoft was considering adding ray-traced-like lighting animation effects to Windows 7. He said: Here’s a snippet from a fascinating, super-early Windows 7 prototype that really reimagines the desktop environment. I’d love to see something like this today taking advantage of raytracing to really accomplish some neat effects, interactions, etc.! Chapman appears to suggest Microsoft rapidly dropped the idea, but it seems the skeuomorphic pendulum is swinging the other direction again (just look at the new Windows 11 shell icons), so who knows, maybe this UI concept will make a comeback. At one point Microsoft was considering directional lighting effects for Windows 7 UI (tweet substituted for article video)
  4. Windows 7 and 8.1 Patch Tuesday updates are now out, here's the complete changelog As is the case every month, Microsoft is releasing cumulative updates for all supported Windows versions. These include the three most recent Windows 10 versions for consumers and a few versions that are supported for specific channels and select SKUs. Windows 8.1 and Windows 7 too are receiving updates, with the latter being reserved for those who have opted to pay for extended updates. As usual, the updates are split into two parts – monthly rollup and security-only updates. Monthly rollup packages are automatically served through Windows Update and security-only updates can be manually downloaded through the update catalog. Starting with Windows 8.1 and Windows Server 2012 R2, the monthly rollup is KB5003671 and can be downloaded manually from the Update Catalog here. The changelog for this patch includes: Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Storage and Filesystems, Windows HTML Platform, and Microsoft Scripting Engine. As for the security-only update, that is labeled as KB5003681 and can be manually downloaded from here. The list of fixes is similar to that of the monthly rollup. Here's the changelog posted by the firm: Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, and Windows Storage and Filesystems. Both updates share the same known issue that users must be aware of. Here are the problems documented by the firm: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. Moving on to Windows 7 and Windows Server 2008 R2 SP1, the monthly rollup is KB5003667 and can be downloaded from here manually. It comes with the following fixes and improvements detailed in the knowledge base changelog: Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Remote Desktop, Windows Storage and Filesystems, Windows HTML Platform, and Microsoft Scripting Engine. The security-only update is labeled KB5003694 and can be downloaded manually from the Update Catalog here. The fixes listed in this patch are as follows: Addresses an issue in the Server Message Block (SMB) protocol which may cause frequent crashes with Stop error 0xA on devices that run Windows Server 2008 R2 Service Pack 1 (SP1). Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Remote Desktop, and Windows Storage and Filesystems. Both these updates share the same set of known issues, with the renaming issue now being there on the list for a long time. Symptom Workaround After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive an error, "Cannot connect to , Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (.Net SqlClient Data Provider)" This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server. After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History. This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article. Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. As is always the case, you can head to Windows Update and check for updates to pull the monthly rollup patches. You can also head to the individual download links for the security-only updates which can only be manually installed. Windows 7 and 8.1 Patch Tuesday updates are now out, here's the complete changelog
  5. Windows 7 and 8.1 Patch Tuesday updates are out, here's what's new As is the case every second Tuesday of the month, Microsoft is releasing cumulative updates for all supported Windows versions. That includes all supported Windows 10 versions, along with Windows 8.1, and Windows 7 customers that have opted to receive extended security updates. As for Windows 10 users, it must be noted that versions 1909, 1809, and 1803 will be reaching the end of support, with 1803 being completely unsupported – including for enterprises – starting today. As for Windows 7 and Windows 8.1 (and the corresponding Windows Server versions), there are two kinds of updates. The monthly rollup packages are downloaded automatically from the Windows Update, while security-only packages are made available for manual download. Starting with Windows 8.1, the monthly rollup for this month is KB5003209 and can be manually downloaded from the Update Catalog here. The changelog for the patch is as follows: Security updates to Windows App Platform and Frameworks, Windows Silicon Platform, and Microsoft Scripting Engine. As for known issues, there is just one known issue that is being tracked for a while, and it still seems to not have been addressed: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. Heading to the security-only update, it is listed in the knowledge base article KB5003220 and is available for manual download from here. It includes the following fixes and comes with the same known issue as that of the monthly rollup: Security updates to Windows App Platform and Frameworks, and Windows Silicon Platform. Moving on to Windows 7, the monthly rollup is KB5003233 and can be downloaded from the link here. The list of fixes being made to users of the OS with this month’s update includes the following: Addresses an issue in the Server Message Block (SMB) protocol which may cause frequent crashes with Stop error 0xA on devices that run Windows Server 2008 R2 Service Pack 1 (SP1). Security updates to Windows App Platform and Frameworks, Windows Silicon Platform, and Microsoft Scripting Engine. And here are the known issues that users should be aware of: Symptom Workaround After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History. This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article. Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. For those looking for the security-only update, it is KB5003228 for this month and can be manually pulled from the Update Catalog here. The list of changes and fixes are as follows: Addresses an issue in the Server Message Block (SMB) protocol which may cause frequent crashes with Stop error 0xA on devices that run Windows Server 2008 R2 Service Pack 1 (SP1). Security updates to Windows App Platform and Frameworks, and Windows Silicon Platform. The known issues for this update are shared with the monthly rollup, which means that the rename operation problem – which has been around for a while now, is still not fixed. As usual, you can head to Windows Update and check for updates to pull the monthly rollup patches. You can also head to the individual download links for the security-only updates which can only be manually installed. Source: Windows 7 and 8.1 Patch Tuesday updates are out, here's what's new
  6. Patch Tuesday: Here's what's new for Windows 7 and 8.1 Today is the second Tuesday of April, and with it, Microsoft is once again releasing new updates for all supported versions of Windows, including Windows 10, Windows 8.1, and Windows 7 - as long as you're a business paying for extended security updates. As usual, there are two types of updates for both Windows 8.1 and Windows 7, as well as their server counterparts - a monthly rollup that's usually installed automatically and a security-only update that you have to install manually. Starting with Windows 8.1, the monthly rollup update is KB5001382 and you can download it manually here. It includes the following changes: Addresses a time zone change for Volgograd, Russia from UTC+4 to UTC+3 Moscow Standard Time (MSK). Addresses a time zone change for The Republic of South Sudan from UTC+3 to UTC+2 Juba. For more information about this change, see KB 4601275. Addresses an issue with security vulnerabilities identified by a security researcher. Because of these security vulnerabilities, this and all future Windows updates will no longer contain the RemoteFX vGPU feature. For more information about the vulnerability and its removal, see CVE-2020-1036 and KB4570006. Secure vGPU alternatives are available using Discrete Device Assignment (DDA) in Windows Server LTSC releases (Windows Server 2016 and Windows Server 2019) and Windows Server SAC releases (Windows Server, version 1803 and later versions). Addresses an issue that prevents you from specifying up to 255 columns when you use the Jet Text installable indexed sequential access method (IISAM) format. Security updates to Windows Input and Composition, Windows Fundamentals, Windows Hybrid Cloud Networking, Windows Kernel, and Windows Media. There's nothing new in terms of known issues, but the one we've been saying for a while now is still here: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. As for the security-only update, that's labeled KB5001393 and you can download it manually here. It only includes the following: Addresses a time zone change for Volgograd, Russia from UTC+4 to UTC+3 Moscow Standard Time (MSK). Addresses a time zone change for The Republic of South Sudan from UTC+3 to UTC+2 Juba. For more information about this change, see KB 4601275. Security updates to Windows Input and Composition, Windows Fundamentals, Windows Hybrid Cloud Networking, Windows Kernel, and Windows Media. It has the same known issue as the monthly rollup. Moving on to Windows 7, the monthly rollup update is KB5001335 and you can download it manually here. It includes the following changes: Addresses a time zone change for Volgograd, Russia from UTC+4 to UTC+3 Moscow Standard Time (MSK). Addresses a time zone change for The Republic of South Sudan from UTC+3 to UTC+2 Juba. For more information about this change, see KB 4601275. Addresses an issue with security vulnerabilities identified by a security researcher. Because of these security vulnerabilities, this and all future Windows updates will no longer contain the RemoteFX vGPU feature. For more information about the vulnerability and its removal, see CVE-2020-1036 and KB4570006. Secure vGPU alternatives are available using Discrete Device Assignment (DDA) in Windows Server LTSC releases (Windows Server 2016 and Windows Server 2019) and Windows Server SAC releases (Windows Server, version 1803 and later versions). Addresses an issue that prevents you from specifying up to 255 columns when you use the Jet Text installable indexed sequential access method (IISAM) format. Addresses an issue if you monitor for these events, Windows Backup will not report a successful Event ID 14 or backup finished Event ID 4 after you apply update KB4561643 or KB4556843. Security updates to Windows Apps, Windows Hybrid Cloud Networking, Windows Kernel, and Windows Media. It has the same known issue as the updates above. Finally, the security-only update for Windows 7 is KB5001392 and you can download it manually here. It also has the same known issue as the other updates, and includes these changes: Addresses a time zone change for Volgograd, Russia from UTC+4 to UTC+3 Moscow Standard Time (MSK). Addresses a time zone change for The Republic of South Sudan from UTC+3 to UTC+2 Juba. For more information about this change, see KB 4601275. Security updates to Windows Apps, Windows Hybrid Cloud Networking, and Windows Media. As a reminder, only select users are eligible to get updates for Windows 7, since it's no longer supported for the general public. Also, as mentioned at the start, the monthly rollup updates will generally install automatically over time, but you can install them manually if you prefer. The security-only updates can only be installed manually using the links above. Source: Patch Tuesday: Here's what's new for Windows 7 and 8.1
  7. Here's what's new for Windows 8.1 and 7 this Patch Tuesday We're already three months deep into 2021, and as we reach the second Tuesday of March, that means it's time once again for Microsoft to update every supported version of Windows. Naturally, the most recent versions of Windows 10 are getting updates, but Windows 8.1 is also still supported. And, for businesses paying for extended security updates, so is Windows 7. There are updates heading out to both of these Windows releases, and as usual, there are two types of updates for both Windows 8.1 and Windows 7, as well as their server counterparts - a monthly rollup that's usually installed automatically and a security-only update that you have to install manually. Starting with Windows 8.1, the monthly rollup update is labeled KB5000848 and you can download it manually here. It includes the following changes: Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain CVE-2020-17049 protections released between November 10 and December 8, 2020 and configured PerfromTicketSignature to 1 or larger. Ticket acquisition fails with KRB_GENERIC_ERROR if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the USER_NO_AUTH_DATA_REQUIRED flag being set for the user in User Account Controls. Addresses an elevation of privilege security vulnerability documented in CVE-2021-1640 related to print jobs submitted to “FILE:” ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online. Security updates to Windows Fundamentals, Windows Shell, Windows UAC, Windows Hybrid Cloud Networking, Windows Media, and Windows Graphics. There's a single known issue, which is the same we've been seeing for months now: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. And as for the security-only update, that's KB5000853, and you can download it manually here. It includes the first and last bullet points from the monthly rollup update, and it has the same known issue. Moving on to Windows 7, again, you'll need to be paying for extended security updates to get any updates at this point. If you are, the monthly rollup you'll get is KB5000841 and you can download it manually here. Here's what's included: Addresses an elevation of privilege security vulnerability documented in CVE-2021-1640 related to print jobs submitted to “FILE:” ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online. Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain CVE-2020-17049 protections released between November 10 and December 8, 2020 and configured PerfromTicketSignature to 1 or larger. Ticket acquisition fails with KRB_GENERIC_ERROR if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the USER_NO_AUTH_DATA_REQUIRED flag being set for the user in User Account Controls. Security updates to Windows Fundamentals, Windows Shell, Windows UAC, Windows Hybrid Cloud Networking, and Windows Media. The single known issue is the same as the one for the Windows 8.1 updates. Finally, the security-only update for Windows 7 is KB5000851 and it can be downloaded manually here. It only includes the last two points of the updates mentioned above and has the same known issue as the other updates. Source: Here's what's new for Windows 8.1 and 7 this Patch Tuesday
  8. Patch Tuesday: Here's what's new for Windows 7 and 8.1 this month Today is the second Tuesday of February, and that means it's also the second patch Tuesday of 2021. As tradition mandates, Microsoft is rolling out a series of cumulative and security updates for all supported versions of Windows, including many versions of Windows 10, as well as Windows 8.1 and, for ESU customers, Windows 7. As usual, there are two sets of updates for the operating systems, one monthly rollup and one security-only update. The former rolls out to most users automatically, and it can contain non-essential fixes and changes; while the latter has to be downloaded manually and only includes security patches. Or, at least, that's usually the case. This month, all the updates contian the same changes for both Windows 8.1 and Windows 7. For Windows 8.1, this month's rollup update is KB4601384 and it can be downloaded manually here. Here's what's new: Adds historical daylight saving time (DST) updates and corrections for the Palestinian Authority. Addresses an issue with German translations of Central European Time. Security updates to Windows App Platform and Frameworks, Windows Hybrid Cloud Networking, and Windows Core Networking. THere's a single known issue, and it's the same one we've been seeing for months now: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. As for the security-only update, it's KB4601349, and you can download it manually here. It includes the same exact changes and known issue as the update above. Turning over to Windows 7, as a reminder, you'll need to be paying for extended security updates for your organization to get these updates. If you are, the monthly rollup update is KB4601347 and you can download it manually here. It includes the same changes as the updates above, as well as the same known issue. Finally, the security-only update for Windows 7 is KB4601363, and you can download it manually here. It includes all the same changes and has the same issue as all the other updates. As mentioned above, the monthly rollup updates are usually installed automatically, but you may prefer downloading and installing them manually. With the security-only updates, you have no choice but to do it manually. Since this month's updates are the same, you should be fine getting the automatic updates from Windows Update. Patch Tuesday: Here's what's new for Windows 7 and 8.1 this month
  9. Blind TCP/IP hijacking is resurrected for Windows 7 Retro cyber-attack returns to haunt widely used, end-of-life operating system Windows 7 is still susceptible to blind TCP/IP hijacking attacks via a vulnerability that a security researcher says he reported to Microsoft eight years ago. Adam Zabrocki (AKA ‘pi3’) has recounted in a blog post how in 2008 he fashioned a proof-of-concept of this venerable attack technique with Windows XP the target. Later, in 2012, he warned Microsoft that all subsequent versions up to Windows 7 – the latest version at that time – contained the same TCP/IP stack flaw that made the attack viable. Although Microsoft deemed the bug “very difficult” to exploit and therefore only fixed it in Windows 8, Zabrocki says that he was able to rework the attack for use against Windows 7 – noting that doing so was even easier than setting up an up-to-date version of the operating system (OS). Launched in 2009, Windows 7 reached its end of life a year ago, meaning that users no longer receive security patches. However, roughly one in four PCs are believed to still be running the aging OS, leaving them potentially vulnerable to a form of cyber-attack that was famously deployed against a Japanese security researcher back in 1994. Encryption mitigation “At minimum, this bug allows the attacker to use any Windows 7 machine as a ‘zombie host’ to execute an ‘idle scan’” – which is a “sophisticated TCP port scanning technique because there is no interaction between the attacker computer and the target”, and the “attacker is invisible to the target”, Zabrocki, a former Microsoft security engineer, tells The Daily Swig. “At most, attackers can fully hijack any established TCP connection.” Fortunately, most modern protocols implement encryption that limits the attacker’s options unless they can “correctly generate encrypted messages” – an “unlikely” scenario, says Zabrocki. Nevertheless, there remain “widely deployed protocols which do not encrypt the traffic, e.g, FTP, SMTP, HTTP, DNS, IMAP, and more” that would permit an attacker to “send any commands on behalf of the original client”. Critical protocols such as TELNET that are used in many IoT devices could enable “the most critical scenario”, adds the researcher, with hijacked sessions potentially having a “catastrophic impact”. Trial and error Zabrocki’s exploit modified an attack technique documented by another researcher in 2007 that was effective against FreeBSD 4 and Windows 2K/XP because both OS’ used IP_ID as a global counter that increments, predictably, with each sent IP packet. This also applies to Windows 7, many printers, “older Linux/FreeBSD/Mac OS hosts and probably more”, Zabrocki says. By contrast, Windows 8 onwards and most other modern OS’ implement IP_ID as a ‘local’ counter per session, each of which has an independent IP_ID base. Brute forcing the ACK Zabrocki sent packets with an IP header to the victim’s client in order to ascertain how many packets were sent between each probe. This created a “covert channel” through which he could discover the client IP and port, and sequence numbers for both client and server. Unlike his XP exploit, Zabrocki’s Windows 7 tool doesn’t need to send two spoofed TCP packets with different ACK values to validate the server SND.NEXT, and ascertained the client’s SND.NEXT by brute-forcing the ACK with spoofed packets containing the correct SQN and various ACK permutations. “We don’t need to verify every possible value of ACK, we can still use the same trick with TCP window size,” he says. Source: Blind TCP/IP hijacking is resurrected for Windows 7
  10. Here's what's new for Windows 8.1 and 7 this Patch Tuesday We're now two weeks deep into 2021, and since it's the second Tuesday of January, that means it's also time for the first Patch Tuesday of the year. Microsoft is rolling out cumulative updates for all supported versions of Windows, and that includes Windows 8.1 and Windows 7, assuming you're paying for extended security updates for the latter. As usual, there are two sets of updates for the operating systems, one monthly rollup and one security-only update. The former rolls out to most users automatically, while the latter has to be downloaded manually. For Windows 8.1, this month's rollup is KB4598285 and it can be downloaded manually here. Here's what's new in this release: Addresses a security bypass vulnerability that exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface. For more information, see KB4599464. Addresses a security vulnerability issue with HTTPS-based intranet servers. After you install this update, HTTPS-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy. If you must leverage a user proxy, you must configure the behavior by using the Windows Update policy Allow user proxy to be used as a fallback if detection using system proxy fails. To make sure that the highest levels of security, additionally leverage Windows Server Update Services (WSUS) Transport Layer Security (TLS) certificate pinning on all devices. For more information, see Changes to scans, improved security for Windows devices. Note This change does not affect customers who use HTTP WSUS servers. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Fundamentals, Windows Cryptography, and Windows Virtualization. The update includes a single known issue that we're familiar with by now: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. As for the security-only update, it's KB4598275, and you can download it manually here. It only includes the following changes: Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Fundamentals, Windows Cryptography, and Windows Virtualization. It has the same known issue as the monthly rollup. Turning over to Windows 7, again, you'll need to be paying for extended security updates for your organization to get these updates. It's also possible that the cost of these updates is doubling soon, since it's been one year since support was ended for the OS. Either way, if you're paying for them, the monthly rollup update is KB4598279 and you can download it manually here. It includes the following changes: Addresses a security bypass vulnerability that exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface. For more information, see KB4599464. Addresses a security vulnerability issue with HTTPS-based intranet servers. After you install this update, HTTPS-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy. If you must leverage a user proxy, you must configure the behavior by using the Windows Update policy Allow user proxy to be used as a fallback if detection using system proxy fails. To make sure that the highest levels of security, additionally leverage Windows Server Update Services (WSUS) Transport Layer Security (TLS) certificate pinning on all devices. For more information, see Changes to scans, improved security for Windows devices. Note This change does not affect customers who use HTTP WSUS servers. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Fundamentals, Windows Cryptography, Windows Virtualization, and Windows Hybrid Storage Services. The only known issue is the same as for the Windows 8.1 updates above. Finally, the security-only update is KB4598289, and you can download it manually here. You'll only be getting the security updates mentioned in the last bullet point above, and the known issue is also the same as for the rest of the updates. As mentioned above, the monthly rollup updates are usually installed automatically, but you may prefer downloading and installing them manually. With the security-only updates, you have no choice but to do it manually. Source: Here's what's new for Windows 8.1 and 7 this Patch Tuesday
  11. Susan Bradley's open letter to Microsoft gets a non-response from Microsoft that shows that the company is not really interested in feedback. Susan Bradley, a well known Windows administrator and contributor on various forums and sites including Patch Management, wrote an open letter recently to Microsoft in which she summarized results of a Windows survey on update quality and releases in general. Users had to answer five simple questions using a scale of 1 to 5 with 1 meaning "very much not satisfied" and 5 meaning "very satisfied". The questions were: Satisfaction with Microsoft patching (overall Windows 7 to Windows 10). Satisfaction with the quality of Windows 10 updates. Windows 10 feature updates useful to business needs. The cadence of feature releases. Is Microsoft meeting business needs with Windows 10. Susan asked an open-ended question as well in which participants could provide their opinion on what needed to change to make Windows 10 better for business. Survey results indicate that many users who filled out the survey are not satisfied with the current quality of updates, patch releases and general update behavior. Almost 70% of respondents stated that they were not satisfied with the quality of update releases. Susan mentioned that 47 of the updates that Microsoft released in July 2018 had known issues associated with them, some of them very serious such as "stop issues". Windows patching issues She identified several underlying issues; first, that relying solely on Insiders to test releases before release to the stable population is not sufficient in regards to quality control as July 2018 and previous months have shown. When your own products break with these releases, it is clear that current testing processes are not good enough. We reported on this in the past as well, e.g.here and here. Second, that the two feature releases per year cause "patch fatigue". The operating system needs to do a better job of communicating to the end user and especially to the patching administrator when a machine will receive an update. The addition of the Windows Update for Business settings that often conflict with other group policy settings cause confusion, not clarity. See, too many Windows 10 feature updates for our take on this. Third, that patch communication needed a lot of work. Starting in January of this year with the release of Spectre/Meltdown patches, there have been numerous instances where patching communication has been wrong, registry entries detailed in Knowledge Base articles regarding registry key application was initially incorrect and later updated, or vendor updates had to be stopped and in general patching communication has been lacking. We mentioned a lack of communication as well previously, for instance, when Microsoft published support pages after releasing updates. Microsoft responded to Susan Bradley's open letter twice. The first response was just an acknowledgement that the letter has been received by the company. A Customer Relationship Manager stated in it that Microsoft was "working on finding the best venue to bring your concerns to our leadership team who would be better equipped in making any decisions that need to be made". The second letter, again sent by the same Customer Relationship Manager, is a non-saying letter that shows that Microsoft has no intention to follow-up on the described problems. Microsoft does not address any of the concerns brought forward. The paragraphs look like a copy and paste job that talk about Windows 10 updates in general and how it is different from previous versions. Microsoft then asks Susan Bradley to leave feedback using the Feedback Hub (which she did three months ago but with little success). Your letter clearly states the concerns that you have due to the quality and timing of Microsoft updates. I would like to add that with Windows 10 Microsoft decided to be more proactive. This has always been the way we keep commercial versions of Windows on the market current. There are also bug fixes. These updates can be vital. The Windows software environment and its associated hardware is incredibly complex. When these bugs are fixed, updates have to be issued to move them out to users. You want these updates to make sure everything works as expected. Windows 10 is very different from earlier versions of Windows. Earlier versions of Windows consisted of a single product which was updated over time. Windows 10 consists entirely of a base install and then fluid updates. The updates aren't add-ons from which to pick and choose but are part of the operating system. I have provided a link below to our Feedback Hub. In the future you could use the link to provide feedback and share your suggestions or comments on issues with Windows products. https://www.microsoft.com/en-us/p/feedback-hub/9nblggh4r32n?activetab=pivot%3aoverviewtab Again, thank you for all the feedback. Is there anything else I can do to help? Did you have any other questions or concerns you wanted to discuss? If there are none I will go ahead and close out of your service request. The response is corporate-speak for "thanks, but no thanks". It is almost insulting and in my opinion worse than having not responded at all to the open letter. Now You: What's your take on this? Source PS: This is the reality of MS. I hope Win 10 users who upgraded would finally understand the Micro$h*t, Sh*tty Nudella its team & devs.
  12. Here's what's new for Windows 8.1 and 7 this Patch Tuesday We are now in the second Tuesday of September, and in usual Microsoft fashion, that means it's Patch Tuesday. Every supported version of Windows is getting updates today, and that includes Windows 8.1. Plus, if you're paying for extended security updates (ESU), there are new updates for Windows 7, too. As usual, there are two flavors of the monthly updates, one containing only security fixes and one with other quality fixes, the monthly rollup update. For Windows 8.1, the monthly rollup is KB4577066, and it can be downloaded manually here. It contains the following fixes: Updates time zone information for Yukon, Canada. Addresses an issue when you evaluate the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows. Addresses a security vulnerability issue with user proxies and HTTP-based intranet servers. After you install this update, HTTP-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy. If you must leverage a user proxy, you must configure the behavior by using the Windows Update policy “Allow user proxy to be used as a fallback if detection using system proxy fails.” This change does not affect customers who secure their Windows Server Update Services (WSUS) servers that use the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols. For more information, see Ensuring clients stay secure, changes to scans against Windows Server Update Service (WSUS) servers. Security updates to Windows Media, Windows Input and Composition, Windows App Platform and Frameworks, Windows Graphics, Windows Cloud Infrastructure, Windows Authentication, Windows Cryptography, Windows Fundamentals, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Storage and Filesystems, Windows Network Security and Containers, Windows Update Stack, the Microsoft Scripting Engine, and Windows SQL components. It also has a single known issue that's been around for months: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. As for the security-only update, it's KB4577071, and it can be downloaded manually here. It only includes these updates: Security updates to Windows Media, Windows Input and Composition, Windows App Platform and Frameworks, Windows Graphics, Windows Cloud Infrastructure, Windows Authentication, Windows Cryptography, Windows Fundamentals, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Storage and Filesystems, Windows Network Security and Containers, Windows Update Stack, and Windows SQL components. It has the same known issue as the monthly rollup. As for Windows 7, which - again - is only getting updates for paying ESU customers, the monthly rollup update is KB4577051, and it can be downloaded manually here. Here's what's changed: Updates time zone information for Yukon, Canada. Addresses a security vulnerability issue with user proxies and HTTP-based intranet servers. After you install this update, HTTP-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy. If you must leverage a user proxy, you must configure the behavior by using the Windows Update policy “Allow user proxy to be used as a fallback if detection using system proxy fails.” This change does not affect customers who secure their Windows Server Update Services (WSUS) servers that use the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols. For more information, see Ensuring clients stay secure, changes to scans against Windows Server Update Service (WSUS) servers. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Cloud Infrastructure, Windows Authentication, Windows Cryptography, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Storage and Filesystems, Windows Network Security and Containers, the Microsoft Scripting Engine, and Windows SQL components. The only known issue is the same as for Windows 8.1. Microsoft also notes that the update will fail to install if you don't have a valid key to receive security updates beyond the original end of support date. As for the security-only update, it's KB4577053, and it can be downloaded manually here. It contains these changes: Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Cloud Infrastructure, Windows Authentication, Windows Cryptography, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Storage and Filesystems, Windows Network Security and Containers, and Windows SQL components. It has the same known issue mentioned above. As a reminder, the quality updates are usually automatically installed through Windows Update, but you'll need to download the security-only updates manually if you want them. Here's what's new for Windows 8.1 and 7 this Patch Tuesday
  13. Patch Tuesday: Here's what's new for Windows 8.1 and 7 this month We're 13 days into October, but it's not truly a new month until Microsoft releases its Patch Tuesday updates for Windows, and as we're on the second Tuesday of the month, that happens today. Along with all supported versions of Windows 10, there are also new cumulative updates rolling out to Windows 8.1 and some Windows 7 users. There are two kinds of updates for each operating system - the monthly rollup update and the security-only update. For Windows 8.1, the monthly rollup update is KB4580347 and you can download it manually here. It includes the following changes: Corrects the end date for daylight savings time (DST) in 2021 for the Fiji Islands. For more information, see DST correction in Windows for the Fiji Islands: October 13, 2020. Addresses an issue where Group Policy recursively deletes critical files when the "Delete local user profile policy" is enabled. Addresses an issue in which a Null port is created through the user interface. Adds a notification to Internet Explorer 11 that informs users about the end of support for Adobe Flash in December 2020. For more information, see KB4581051. Addresses an issue with Microsoft Edge IE Mode that occurs when you enable Configure enhanced hang detection for Internet Explorer mode in Microsoft Edge. Allows administrators to disable JScript in specific security zones. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Shell, Windows Silicon Platform, Windows Cloud Infrastructure, Windows Fundamentals, Windows Authentication, Windows Virtualization, Windows Kernel, Windows Core Networking, Windows Network Security and Containers, Windows Remote Desktop, and Windows SQL components. It also has a couple of known issues: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. When installing a third-party driver, you might receive the error, “Windows can’t verify the publisher of this driver software”. You may also see the error “No signature was present in the subject” when attempting to view the signature properties using Windows Explorer. This issue occurs when an improperly formatted catalog file is identified during validation by Windows. Starting with this release, Windows will require the validity of DER encoded PKCS#7 content in catalog files. Catalogs files must be signed per section 11.6 of describing DER-encoding for SET OF members in X.690. If this happens, you should contact the driver vendor or device manufacturer (OEM) and ask them for an updated driver to correct the issue. As for the security-only update, it's KB4580358 and you can download it manually here. It only includes the first and last of the bullet points from the monthly rollup. It also has the same known issues as the monthly rollup. Of course, for Windows 7, only certain businesses can legitimately obtain the updates, since you need to be paying for extended security updates (ESU) after Microsoft dropped extended support for the operating system at the start of the year. The monthly rollup here is KB4580345, and you can download it manually here. It includes the following changes: Addresses an issue that might cause the Graphics Device Interface (GDI) to access internal regions incorrectly causing unexpected UI experiences. This issue can cause additional or missing screen elements, screen flickering, or a trailing screen. Corrects the end date for daylight savings time (DST) in 2021 for the Fiji Islands. For more information, see DST correction in Windows for the Fiji Islands: October 13, 2020. Addresses an issue where Group Policy recursively deletes critical files when the "Delete local user profile policy" is enabled. Addresses an issue in which a Null port is created through the user interface. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Shell, Windows Silicon Platform, Windows Cloud Infrastructure, Windows Fundamentals, Windows Authentication, Windows Virtualization, Windows Core Networking, Windows Network Security and Containers, Windows Storage and Filesystems, Windows SQL components, and Windows Remote Desktop. The update has one known issue: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. The security-only update here is KB4580387 and you can get it manually here. It includes the same changes as the monthly rollup, except the third and fourth bullet points. It also has the same known issue. As usual, the monthly rollup updates should install automatically sooner or later, but if you want the security-only updates, you'll need to install them manually from the links above. Patch Tuesday: Here's what's new for Windows 8.1 and 7 this month
  14. Here's what's new for Windows 7 and 8.1 this Patch Tuesday If you look at your calendars today, you may notice that it's the second Tuesday of August, and that means it's time for this month's Patch Tuesday from Microsoft. As usual, every supported version of Windows is getting updates, and that includes Windows 8.1. Windows 7 is no longer support for most users, but if you're paying for Extended Security Updates (ESU), you can still get updates for a few more years. As usual, there are two types of updates going out - a monthly rollup update and a security-only update. The monthly rollup updates are usually installed automatically on supported devices, but the security-only updates need to be downloaded manually. For Windows 8.1, the monthly rollup update is KB4571703, and it can be downloaded manually here. Here's what's new: Addresses an issue that prevents you from installing some .msi apps. This occurs when a device is managed by a Group Policy that redirects the AppData folder to a network folder. Addresses an issue in Universal Windows Platform (UWP) apps that allows single sign-on authentication when an app does not have the Enterprise Authentication capability. With the release of CVE-2020-1509, UWP applications might begin prompting the user for credentials. Addresses an issue in Microsoft Edge IE Mode when opening multiple documents from a SharePoint site. Addresses an issue in Microsoft Edge IE Mode that occurs when you browse using anchor links. Addresses an issue with loading Browser Helper Objects in Microsoft Edge IE Mode. Addresses an issue where certain applications that rely on the JScript Scripting Engine become unresponsive under load. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Shell, Windows Cloud Infrastructure, Windows Authentication, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Network Security and Containers, Windows Storage and Filesystems, Windows File Server and Clustering, Windows Hybrid Storage Services, Windows SQL components, Microsoft Scripting Engine, and Windows Remote Desktop. There is a known issue with this release, and it's similar to what we've seen in a few previous updates: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. As for the security-only update, it's KB4571723, and you can download it manually here. It only includes the security updates mentioned in the monthly rollup above. The known issue is also the same. Turning to Windows 7, which is only supported for paying ESU customers, the monthly rollup update is KB4571729, and it can be downloaded manually here. It includes the following improvements and fixes: Addresses an issue that prevents you from installing some .msi apps. This occurs when a device is managed by a Group Policy that redirects the AppData folder to a network folder. Addresses an issue in Microsoft Edge IE Mode when opening multiple documents from a SharePoint site. Addresses an issue in Microsoft Edge IE Mode that occurs when you browse using anchor links. Addresses an issue with loading Browser Helper Objects in Microsoft Edge IE Mode. Addresses an issue where certain applications that rely on the JScript Scripting Engine become unresponsive under load. Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Cloud Infrastructure, Windows Authentication, Windows Kernel, Windows Hybrid Cloud Networking, Windows Peripherals, Windows Storage and Filesystems, Windows Network Security and Containers, Windows File Server and Clustering, Windows Hybrid Storage Services, Microsoft Scripting Engine, and Windows SQL components. The single known issue is the same one as what's listed above for Windows 8.1. Finally, the security-only update for Windows 7 is KB4571719, and you can download it manually here. As you'd expect, it includes the same security fixes as the monthly rollup, but nothing else. The known issue is also the same. Here's what's new for Windows 7 and 8.1 this Patch Tuesday
  15. Many of us are still hooked on Windows 7 and that's a huge problem Devices still running on Windows 7 targeted by hackers (Image credit: Future) The US Federal Bureau of Investigation (FBI) has published a warning notice highlighting dangers posed by the continued usage of Windows 7, retired by Microsoft earlier this year. The much-loved operating system reached end of life on January 14, meaning security patches, software updates and technical assistance are no longer available - but many users have remained loyal to the outdated OS regardless. However, according to the FBI notice, Windows 7 is attracting the attention of malicious cyber actors, who are seeking to take advantage of undiscovered security flaws in the no-longer-supported operating system. Windows 7 customers that purchased an Extended Security Update (ESU) plan are the only exception; security support for these users will extend until January 2023. Windows 7 end of life According to the FBI, there is strong precedent for cyberattacks on unsupported Windows operating systems and remote desktop protocols. With the vast majority of Windows 7 customers unable to patch their systems, the intelligence agency believes criminals will continue to look upon the operating system as a “soft target”. “The FBI has observed cybercriminals targeting computer network infrastructure after an operating system achieves end of life status,” reads the FBI notice. “Continuing to use Windows 7 within an enterprise may provide cybercriminals access into computer systems. As time passes, Windows 7 becomes more vulnerable to exploitation due to lack of security updates and new vulnerabilities discovered.” To mitigate against the threat of attack, the FBI advises users adopt a “multilayered approach” to protection. This involves updating operating systems to the latest supported version (i.e. Windows 10), checking antivirus and spam filters are properly configured and isolating computer systems that cannot be updated. “Migrating to a new operating system can pose its own unique challenges, such as cost for new hardware and software and updating existing custom software. However, these challenges do not outweigh the loss of intellectual property and threats to an organization,” added the FBI. Many of us are still hooked on Windows 7 and that's a huge problem
  16. This new Zoom security flaw lets hackers target Windows 7 PCs Windows 7 devices at risk from Zoom Zero Day vulnerability (Image credit: Shutterstock) Zoom is facing more security scrutiny after a new flaw was found to open up the service to hackers, putting Windows 7 users at risk. Researchers at Slovenian cybersecurity firm ACROS Security has revealed a previously unknown flaw in the videoconferencing software Zoom could allow a hacker to remotely commandeer computers running old versions of the Microsoft Windows operating system. The “zero-day” vulnerability applies to Zoom software running on Windows 7, or even older operating systems. Windows 7 Zoom ACROS Security noted that anyone able to successfully exploit the vulnerability could access files on the vulnerable computer, and even take over the entire device. Microsoft has been trying to convince Windows 7 users to upgrade to newer software versions in recent years, but with little success - despite offering free upgrades to Windows 10. The company revealed it would be ending technical support out for Windows 7 on January 15 2020, meaning it would no longer offer patches and security updates for Windows 7. That means that any bugs or problems still found in the software will never get fixed. Likewise, any security vulnerabilities could also remain in Windows 7, as Microsoft is unlikely to patch those unless they are very severe – more on that in a moment. Many large organisations, including the NHS, still use Windows 7 on many devices, with Microsoft allowing customers to pay extra to receive specilaised support. “Zoom takes all reports of potential security vulnerabilities seriously,” a Zoom spokesperson said in a statement. “This morning we received a report of an issue impacting users running Windows 7 and older. We have confirmed this issue and are currently working on a patch to quickly resolve it.” The issue is the latest in a litany of security worries for Zoom, which has exploded in popularity in 2020 thanks to the remote working boom caused by the global pandemic. The sudden and increased demand on the company's systems was unlike anything most companies have ever experienced, with criminals also attacking Zoom with gusto. Following a number of high-profile issues, company's CEO Eric S. Yuan promised more transparency and announce a 90-day freeze on all new features not related to privacy, safety or security back in April - however this deadline was missed earlier this month. This new Zoom security flaw lets hackers target Windows 7 PCs
  17. Patch Tuesday: Here's what's new for Windows 7 and 8.1 this month It is the second Tuesday of the month, which means that it is time for Patch Tuesday updates. As usual, all supported versions of Windows receive updates on Patch Tuesday, which include all Windows 10 versions other than version 1511, Windows 8.1, and only the users of Windows 7 that have opted to receive the Extended Security Updates (ESUs). As usual, these updates are split into two sets – a monthly rollup and a security-only update. While the monthly rollup can be installed via Windows Update, the security-only update must be installed manually. For Windows 8.1 and Windows Server 2012 R2, the monthly rollup is labeled KB4586845 and can be manually downloaded from the Update Catalog here. Below are the improvements and fixed made this month: Corrects the DST start date for the Fiji Islands to December 20, 2020. Allows administrators to enable "Save target as" through Group Policy for users in Microsoft Edge IE mode. Addresses an issue in which LDAP sessions authenticated and sealed with a SASL method are reported incorrectly in Events 2889 in the Directory Services Eventlog from source Microsoft-Windows-ActiveDirectory_DomainService as unsecure sessions. Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, Windows Hybrid Storage Services, Windows Remote Desktop, and Microsoft Scripting Engine. However, there is also one known issue that users must be aware of: Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. The security-only update is called KB4586823 and can only be installed manually from here. The two fixes in this update are the same as the first and last points in the monthly rollup, and this update shares the single known issue with the one mentioned in the monthly rollup. As for Windows 7, these updates will only be available to businesses that have opted to pay for extended security updates since this version of the OS reached the end of support officially in January 2020. Eligible users will receive monthly rollup KB4586827, which can be manually downloaded from here. The update includes the following fixes: Corrects the DST start date for the Fiji Islands to December 20, 2020. Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, Windows Hybrid Storage Services, and Windows Remote Desktop. This update also has a couple of known issues which are mentioned below: Symptom Workaround After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History. This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article. Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. The security-only update is termed KB4586805 and can be downloaded manually from here. The changes are identical to the monthly rollup and also shares its known issues with the rollup. Another point to note for Windows 10 users is that version 1809 reaches the end of support today for Home and Pro users, which means that users of those SKUs will receive their last cumulative update today. Patch Tuesday: Here's what's new for Windows 7 and 8.1 this month
  18. Microsoft announced that the Windows 7 and Windows Server 2008 Extended Security Update (ESU) program is approaching Year 2. The announcement likely signifies renewed IT pro pain to come if organizations haven't been able to upgrade their systems to Windows 10 or newer Windows Server products. Unlike other Microsoft licensing programs, the ESU program requires that organizations buy licensing keys each year. These keys are good for one year, and they have to be installed on devices. Even though Year 1 ESU keys may be installed already, organizations will need to install Year 2 keys afresh if they still need support. These Year 2 keys are good "through January 11, 2022." Organizations can't just buy Year 2 keys alone, though. They will need to have also paid for Year 1 keys to get support. The ESU program is a three-year program altogether, which means that Microsoft will stop offering ESU keys after the Year 3 distribution, company officials have explained. The cost of the buying ESU keys is thought to double each year. The installation process to apply ESU licenses is not too straightforward. It's demonstrated using the Microsoft Volume Activation Management Tool in this 2019 Microsoft Ignite video. IT pros need to have applied certain updates before trying to install the keys. They also need so-called "Licensing Preparation Package" files, which need to be installed before installing the ESU keys. The ESU program lets organizations continue to get security updates for Windows 7 and Windows Server 2008, which fell out of support back in January. Typically, Microsoft stops delivering updates when products reach the end of their product lifecycle, including security patches. Buying ESU keys is a clumsy process. Volume licensing purchasers need to contact their "Account Team CE" to buy the keys, while everyone else needs to find a Microsoft Cloud Solution Provider (CSP) partner that's participating in the ESU program. Microsoft offers this search portal to find those CSP partners. Source
  19. Google extends support for Chrome on Windows 7 by six months, to now end in 2022 Google today announced that it is extending support for the Chrome browser on Windows 7 by another six months, with the end-of-support now set for January 15, 2022, moved from the earlier July 15, 2021 timeline. The new date makes it exactly two years since Windows 7 reached its end of life. The company says that the decision was based on the feedback received from its enterprise customers and data about companies’ migration plans to Windows 10. The search giant adds that many organizations were slated to migrate to Windows 10 this year. However, the challenges brought about by the pandemic resulting in differing priorities for enterprise IT teams have delayed the migration. The firm also cites a Kantar study that it commissioned that notes that 21% of organizations are still in the process of migrating from the legacy OS to the Redmond firm’s latest offering. Additionally, Windows 7 is still being supported for some users that have opted for Extended Security Updates, the price of which doubles every year. The Mountain View company says that such users can “benefit from Chrome’s security and productivity” features since the browser will not only receive security updates but also new features. It also touts the upcoming enterprise features that Windows 7 users will be able to leverage thanks to the extended support period. Lastly, Google says that it will “continue to evaluate the conditions [its] enterprise customers are facing” and will communicate any other changes in the future. Google extends support for Chrome on Windows 7 by six months, to now end in 2022
  20. After a few days of rumors, Microsoft announced today that it's going to be using Chromium in its browser moving forward and that the new Edge will be coming to Windows 7, 8.1, and macOS. Now, Mozilla CEO Chris Beard has posted a response to the news, saying that it's bad for the internet. Mozilla says that Microsoft's decision to use Chromium and the Blink rendering engine basically gives Google a monopoly on what we see on the internet. Remember, Chromium is the open-source browser that Google Chrome is based on, and other third-party browsers use it too, like Opera, Vivaldi, and more. With Microsoft moving away from EdgeHTML, that's one less competitor in the browser space, growing Chromium's market share. Mozilla worries that when Chromium's usage share gets large enough, web developers won't test their apps against anything else, going so far as to compare this to when Microsoft had a monopoly in browsers in the early 2000s. Mozilla also said that this is why it exists. "We compete with Google not because it’s a good business opportunity," Beard said. "We compete with Google because the health of the internet and online life depend on competition and choice." Source: Neowin
  21. Microsoft today embraced Google’s Chromium open source project for Edge development on the desktop. The company also announced it is decoupling the browser updates from Windows 10 updates, and that Edge is coming to all supported versions of Windows and to macOS. Microsoft launched Edge in July 2015 as the default browser for, and exclusive to, Windows 10. But it never saw much adoption. Sure, Microsoft claimed Edge had 330 million active devices back in September 2017, but it never did reveal an active user figure beyond “hundreds of millions” (Google said Chrome passed 1 billion active users in May 2015). Edge has 4.34 percent market share today, according to the latest figures from Net Applications. So Microsoft wants to make some big changes, which it says will happen “over the next year or so.” The first preview builds of the Chromium-powered Edge will arrive in early 2019, according to Microsoft. Chromium-based Microsoft Edge Adopting the Chromium project means a lot more for Microsoft. The Edge rendering engine EdgeHTML will be swapped out for the Blink rendering engine. The Chakra JavaScript engine will be swapped out for V8. Microsoft will even take some of the UI stack, for use on non-Windows 10 platforms. Also worth noting: Microsoft is not forking Chromium. Microsoft hopes moving to Chromium will “create better web compatibility for our customers” and “less fragmentation of the web for all web developers.” The former is certainly true, as the Edge web platform will thus become aligned with web standards and other Chromium-based browsers. The latter is not true in the short term (plenty of testing will be needed to accommodate the switch) but it is likely in the long term, as developers will have one fewer browser to explicitly test against. No longer wasting resources on building Edge’s backend will likely turn out to be a big win for Microsoft. It is a lot of work to constantly update a browser engine to be standards-compliant and compatible with the actual web. Microsoft has decided to let the open source community do that instead, which it will participate in, so it can focus on improving the browser itself. Again, Edge isn’t changing significantly. This is an “under the hood” transformation, and most Edge users won’t notice anything significantly different — save for some sites working as expected. The future of EdgeHTML and Chakra Edge uses Blink/Chromium on Android and WebKit/WKWebView on iOS. Thus, when Edge on desktop moves to Blink and V8, the main use case for EdgeHTML and Chakra will disappear overnight. Windows 10 apps that use EdgeHTML and/or Chakra will be able to keep using them, according to Microsoft. But, Microsoft will also eventually let app developers leverage the Chromium-based solution that Edge will use. This will likely impact regular apps that render web content but also Progressive Web Apps (PWAs), which are essentially mobile websites that mimic native apps. App developers will thus be able to choose to keep using the legacy option or switch to Chromium. Microsoft says it has no plans to stop maintaining EdgeHTML and Chakra, although if usage were to decline, developers could expect them to hit end of support eventually. Chrome extensions In addition to better web compatibility, Edge users stand to benefit from support for Chrome extensions. Microsoft expects that it will be very easy for developers to bring their Chrome extensions to Edge. It might even be the case that it requires no work at all in most cases, but it’s too early for the company to say so definitively. Microsoft’s intention is to support existing Chrome extensions in Edge, but how exactly this will work remains to be seen. Keep in mind that for years now, Google has been locking down the Chrome Web Store and Chrome extensions in general — Microsoft will have to be careful with its solution. All supported versions of Windows So far, all this largely makes sense, but Microsoft also wants to port Edge to all supported versions of Windows. Edge is no longer going to be a Windows 10-only affair. That means Edge is coming to Windows 7 SP1 and Windows 8.1. For Windows 10, this means the Chromium-based Edge and future updates is coming to Windows 10 version 1607, version 1703, version 1709, version 1803, and version 1809. Those are all supported versions of Windows, so they’ll be getting the latest version of Edge until Microsoft ends support. Microsoft also currently supports Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server version 1709, Windows Server version 1803, Windows Server version 1809, and Windows Server 2019. The company hasn’t yet said if the latest version of Edge is coming there too. This is a massive undertaking that one can only justify through a corporate lens. It’s about letting IT departments offer a heterogeneous browser environment. Microsoft wants everyone on the latest version of Windows, but for those that cannot, or refuse to, upgrade, it has decided to bring the latest Edge to them. That means bringing Edge to older versions of Windows, including older versions of Windows 10. Within major organizations, there are computers running all sorts of Windows versions, and right now only a single one can get the latest version of Edge. macOS If you thought supporting old Windows versions was nuts, your jaw will drop when you hear Microsoft also wants to bring Edge to macOS. This is bizarre for several reasons, not even including that Microsoft ceased development of Internet Explorer for Mac in June 2003 and Apple killed Safari for Windows in July 2012. But the same heterogenous environment thinking applies: Microsoft wants all devices in an organization using the latest Edge, and that requires getting Macs onboard. Indeed, Microsoft doesn’t expect to get a lot of Mac users switching to Edge, the company said. Instead, the company simply wants to make it easier for more developers, many of whom use Macs, to test against Edge. Bringing Edge to macOS is about developers, not market share. More frequent updates Edge is updated every six months. Chrome and Firefox, meanwhile, are updated every six weeks. Even if you do have the latest Windows 10 version, Edge updates today are tied to Windows 10 updates, and half a year is a long time on the web. It’s a long time to wait for compatibility fixes, performance improvements, and new features. Could Edge get more frequent updates than Chrome and Firefox? I’m not holding my breath. But Microsoft does say that agility will be a focus going forward and does expect “a more frequent cadence” than the current six-month wait. Chrome updates hit Windows, Mac, and Linux all on the same day, while Firefox updates hit Windows, Mac, Linux, and Android on the same day. Microsoft wants the version of Edge on Windows and Mac to be the same, but we’re hearing it’s too early to commit to same-day updates across all supported versions of Windows and macOS. Chromium contributions Microsoft says it intends to become a “significant contributor” to the Chromium project. The company will try to improve Chromium not just for Edge, but for other browsers as well, and not just for PCs, but for other devices too. The priority will, however, be web platform enhancements to make Chromium-based browsers better on Windows devices. Microsoft stands to benefit if the web works well on Windows, as the impact trickles down to its customers, partners, and the overall business. Last month, Microsoft was spotted making contributions to the Chromium project for ARM-based Windows devices. The thought at the time was that Chrome was being ported to Windows 10 on ARM, but now we know Microsoft was thinking bigger. (Chromium-based browsers are 32-bit only, meaning they run emulated and negatively impact battery life. Microsoft wants to fix for all Chromium-based browsers, including Chrome and Edge.) Microsoft intends to continue work on ARM64 support, but it also hopes to improve Chromium’s web accessibility and take advantage of other hardware features like touch support. Indeed, Edge is the only major browser with a 100 percent HTML5Accessbility score and is known for having solid touch scrolling performance. In fact, Microsoft doesn’t want to switch to Chromium until some of that functionality has been contributed to the project. That way, Edge won’t lose features when the switch happens next year. Source
  22. You can download and install it manually, but in our tests the Win7 October Monthly Rollup is hard to find through Windows Update — and it won’t install automatically. Why? Ranjith Siji / IDG (CC0) This month’s Windows 7 Monthly Rollup, KB 4462923, has gone missing. I’ve seen complaints about the reticent Rollup — where, people wondered, did the October Monthly Rollup go? I thought that folks who were having problems finding the update were doing something wrong — perhaps they ran afoul of the bizarre requirement that you update the Windows Update program separately before it will correctly install updates. But many of the people who couldn’t find KB 4462923 confirm that, indeed, they had already installed the necessary precursor — the Servicing Stack Update, KB 3177467, either version 1 or version 2. What happened? @PKCano took a run down the Rollup rabbit hole. Here’s what she discovered: I was initially offered an Office 2010 security update, the .NET Monthly Rollup, and MSRT. Installed all four, rebooted. Then I was offered the v2 (“security”) version of KB 3177467, the Servicing Stack Update. I checked it, installed, no reboot required. No important updates offered — not even KB 4462923, the October Monthly Rollup. Where’s this month’s Monthly Rollup? After a great deal of finagling, I found that hiding the September Monthly Rollup Preview, KB 4462923, makes the 2018-10 Monthly Rollup appear, but it’s unchecked. Have you found any other way to make KB 4462923, the October Win7 Monthly Rollup, appear in Windows Update? Can you make it appear checked? None of our experiments have revealed a method. Why did Microsoft make it so deucedly hard to install this month’s Win7 security patches? I figure there are two possibilities: Somebody screwed up the Windows Update sequencing, or Microsoft’s holding back on delivering this month’s Win7 updates. I haven’t heard of any showstopping bugs in this month’s Monthly Rollup. But it makes you wonder… Join us in the intrepid search for Win7 enlightenment on the AskWoody Lounge. Source: What happened to KB 4462923, the October Win7 Monthly Rollup? (Computerworld - Woody Leonhard)
  23. Yes, it's another Microsoft screwup. Even though it reissued the Win7 Servicing Stack Update and marked it as 'security,' many people won't see it. The problem: Ancient installer update logic. Don't hold your breath waiting for a solution. Thinkstock There’s a well-known bug in the Win7 update installer that can throw error 0x8000FFF unless you pre-install an upgrade to the installer. I wrote about this Servicing Stack Update (SSU) requirement about a month ago. Three weeks ago, Microsoft promised to fix the problem. Superficially, the problem shouldn’t exist anymore. But because of sloppy implementation, the bug’s still there, and people are still hitting error 0x8000FFF when they try to install Win7 Monthly Rollups. Fellow columnist Steven J. Vaughan-Nichols hit the same problem yesterday. To understand why the bug keeps appearing, you need to understand the concept of an “exclusive” Windows Update. In simplest terms, a Windows update that’s marked “exclusive” won’t appear in the Update list until the whole queue is cleared out, either by installing everything that’s backed up, or by hiding available updates. On Patch Tuesday, Microsoft improved upon the years-old SSU for Windows 7, KB 3177467 and, this being Microsoft, released a new version with the old version’s KB number. As John Wilcox promised three weeks ago, that update is marked as both “critical” and “security.” (Many folks didn’t install it years ago because it wasn’t marked as a “security” update.) Unfortunately, the new SSU is also marked “exclusive.” There’s a reason for that. Microsoft wants you to install the SSU separately from any other patches — you don’t want to fix the blender blades while they’re whirling, eh? Unfortunately, the installer logic isn’t robust enough to first scan for an update to itself, install only that update, reboot and continue. The antiquated alternative is to force Windows Update to wait until it doesn’t have any other updates listed, and to then offer the SSU. That’s “exclusive.” It’s also a very 1960s-style solution to an ongoing, and predictable, problem. I’m sure you can see the chicken-and-egg problem. The Win7 Monthly Rollup appears. If you haven’t installed the SSU, it’ll die on an error 0x8000FFF, and then the Monthly Rollup gets added back to the Windows Update queue, thus hiding the SSU. We have many posts on AskWoody describing the problem. Perhaps we’ll get an answer, other than, oh golly, you have to manually install KB 3177467 before you install the Monthly Rollups — and you should know that by osmosis. Thx, @abbodi86, @PKCano, @geekdom There’s life left in the old, battle scarred Win7. We prove it daily on the AskWoody Lounge. Source: Still hitting Error 0x8000FFF when installing the Win7 Monthly Rollup? There's a reason. (Computerworld - Woody Leonhard)
  24. There’s no official announcement that I can find, much less an explanation, but it looks as if you can no longer get KB 4462923, the October Win7 Monthly Rollup, through Windows Update. Microsoft apparently yanked it from WU last Thursday. Thinkstock This month’s Windows 7 Monthly Rollup, KB 4462923, appears to be on the skids. The KB article itself doesn’t mention anything. The patch is still available for manual download from the Microsoft Update Catalog. But I’m seeing more and more reports like this one that KB 4462923 is no longer available from Windows Update. It’s possible that Microsoft is actually going to fix the chicken-and-egg problem with the Servicing Stack Update KB 3177467 that I talked about last week. Or maybe not. According to @abbodi86: KB 4462923 is not completely pulled, they just moved it behind the scenes. They have done that before with multiple rollups that have issues. It won’t show up normally. You need WUMT or a VBS script to ignore the download-priory attribute. Of you can hide/clear all other updates in Windows Update. Probably they are waiting or trying to figure a way to fix Windows Update metadata and solve the Servicing Stack Update dependency issue If you suddenly see KB 4462923 in Windows Update, please drop a line on the AskWoody Lounge. Source: It looks as if Microsoft has stopped pushing this month’s Win7 Monthly Rollup, KB 4462923
  25. Still likely to end the year ahead THE GAP BETWEEN Windows 7 and Windows 10 use on traditional desktops and laptops continues to narrow, despite the fact that both operating systems lost a small amount of ground this month in the figures produced by Netmarketshare. Windows 7 drops to 38.89 per cent (-0.46) with Windows 10 continuing to snap at its heels at 38.14 (-0.14), meaning that the difference is now just 0.75 per cent, which suggests that Microsoft is still on target to finally overtake itself before the year is out. Just. Possibly. Windows 8.x is now 5.52 per cent (-0.29), with the vast majority on version 8.1. Windows XP has a slight bounce to 4.23 (+0.63). We've stopped mentioning Vista now, such is its rarity. Although the figures from Netmarketshare have a margin of error (or put another way, we take them with a slight pinch of salt) the fact that Windows 10 hasn't grown as a result of Black Friday and Cyber Monday, which both fell in this period is a bit of a curveball - in fact most of the movement has been on the Apple front in the wake of its new Macbook Air made of old tin cans and string. As you'd expect, the latest version, macOS 10.14 has seen the biggest gains of the month standing at 3.57 (+1.52), though the rate of upgrade has been slow by Mac user standards, macOS 10.13 has dropped to 3.2 (-1.43) but it hasn't been the usual swift handover. Even macOS 10.12 still has 1.36 (-0.22) and macOS 10.11 has 1.14 (0.23) which is actually a slight rise. The Linux-based systems continue to hover around the same point - Ubuntu on 0.57 (-0.05), Chrome OS on 0.32 (-0.01) and the rest on 1.47 (0.09). Worth noting there are more people using Mac OS X 10.10 and "Unknown" than Chrome OS right now - though it still has the lead in the browser market. When we remove the filter and look at market share amongst all device types - that is to say any device that has connected to the internet during November, the story changes. Window 7 (which, lest we forget is almost exclusively desktop/laptop machine anyway) is the most popular operating system in the world with 16.08 per cent. Windows 10 comes second with 15.77 and Android 8.0 has 8.62. Generically though, Android is in the lead - 39.34 per cent. Windows stands at 35.98. iOS has 18.51 per cent and Mac OS, 4.02. Linux has 0.88 and despite its popularity is schools, Chrome OS has 0.13. For completeness, below them is Series 40 (Symbian) at 0.04, Windows Phone OS at 0.03 and RIM OS (Blackberry) at just 0.01 per cent market share. Source
×
×
  • Create New...