Windows Enterprise Desktop


August 22, 2014  9:26 AM

Chronic OneDrive/SkyDrive Problems Widespread

Ed Tittel Ed Tittel Profile: Ed Tittel
APPCRASH, Desktops, Microsoft SkyDrive, Windows 8.1

OK, I confess: I don’t always look at the Windows Reliability Monitor as often as I should. But when I did recently, I discovered an issue on my primary production Windows 8.1 desktop that further research showed me is pretty widespread. If you try a Google search on “SkyDrive appcrash” or “SkyDrive crashes daily” you’ll get a quick sense that what I’m asserting here — namely, that SkyDrive (formerly known as OneDrive) experiences frequent and regular stability problems on some Windows 8.1 (and other Windows versions’) installations — is more than just an isolated phenomenon. Here’s a weekly summary snapshot for the last week of July from the Reliability Monitor that illustrates what this PC has been experiencing over the past 5 weeks, during which time my stability index has wavered between a low of 2.2 and a high of 3.8:

onedrive-crashes

For the week of 7/27, 12 critical events, of which 7 came from OneDrive.

Aside from establishing a new and unwelcome low-water mark for the reliability metric on any Windows OS I’ve operated, my research indicates that hundreds of users have been experiencing the same kinds of problems on some PCs, going back to the release of Update 1 in April 2014 (though there are some similar reports that predate this update, the volume increases markedly after April 9 when Windows 8.1 Update 1 was pushed out). Numerous causes are suggested that range from a corrupt or broken SkyDrive runtime environment, to issues with access to the OneDrive cloud (http://onedrive.live.com) related to SSH certificates and/or Trusted Web site status, to problems with OneDrive synchronization between local file copies and copies in the cloud.

None of the easy fixes suggested on social.microsoft.com or elsewhere appeared to work for me, until I took the tried-and-true approach to fixing broken applications/services. After uninstalling OneDrive via the “Programs and Features” applet in Control Panel, then downloading and reinstalling the current version from the PC|Mac download page — even though this resulted in a warning that I was replacing a newer version of the application with an older one (the download is designed for Windows 7 and 8, not 8.1, because OneDrive is pre-installed in the Windows 8.1 Update 1 image) — my problems appear to have abated.

This does not seem to be a universal issue for all PCs running Windows 8.1 Update 1, but it clearly afflicts some non-zero subset of such machines. Of the four tablets and notebooks I’ve got running that Windows version, and the four desktops likewise, Murphy’s Law apparently dictates that only my production PC be the one that’s thus afflicted. Go figure. As for myself, I’m keeping my fingers crossed that the fix just finally applied will fix my issues for once and for all. We’ll see!

August 20, 2014  12:09 PM

MS Recommends Uninstalling Any of 4 Recent Updates

Ed Tittel Ed Tittel Profile: Ed Tittel
Patch Tuesday, Windows 8.1, Windows troubleshooting

When MS pushed the August updates just over a week ago, they clearly did not expect the kinds of problems that have emerged in the wake of their release.

ms14-045-retracted

In a revised version of security bulletin (MS14-045), in fact, MS now recommends that anyone who’s installed any of the following updates as identified by specific Knowledge Base (KB) articles, go ahead and uninstall them (this is easily accomplished in the Windows Update utility by right-clicking on an update on the “Installed Updates” pane, then selecting “Uninstall” from the resulting pop-up menu):

2982791 MS14-045: Description of the security update for kernel-mode drivers: August 12, 2014 
2970228 Update to support the new currency symbol for the Russian ruble in Windows
2975719 August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 
2975331 August 2014 update rollup for Windows RT, Windows 8, and Windows Server 2012

Apparently, the issue is somehow related to font handling, and may result in mis-rendering of fonts on-screen, or in some cases, the 0×50 Stop error message and a modern-day equivalent of the “Blue Screen of Death,” which while not as scary as the older memory dump screen just prior to system shutdown, nevertheless results in a complete system hang. In some reported cases, too, the affected PC will not boot properly following a restart or cold boot-up sequence, and can only be restored to operation from a restore point or image replacement that predates the update’s (or updates’) application. Ouch!

In a terrific diatribe entitled “Patch Tuesday Tripped Up by Rapid Release Era,” Windows maven Paul Thurrott waxes both eloquent and profane on this situation, and the inevitable fear and loathing it can’t help but evoke in most corporate Windows IT operations, where they’ve been “mildly hesitant” (to be as positive about the prevailing situation as possible) to jump on the rapid update cadence that Windows 8 has now adopted. Here’s a lengthy quote from that article that lays out his thoughts — which I both share and endorse, for what that’s worth — in unapologetic fashion:

 The firm is recommending that users uninstall the offending updates and is urging them in some cases to uninstall those patches. This isn’t just unprecedented, folks, it’s catastrophic. And it casts a pall over Microsoft’s rapid release strategy.

You may recall that I’ve been worried about this very problem, though even I didn’t imagine that Microsoft would somehow screw up so many updates in a single month. (See, I’m not that negative.) But in a world in which IT departments were already leery about just trusting the updates that Microsoft released each month, I was curious what would happen when the firm started updating its core products even more rapidly. All it would take, I conjectured, was a single bad month.

Unfortunately, August 2014 is that month.

The moral of the story is that a rapid update cadence is all well and good, but the updates must themselves work well and be good to IT administrators before the corporate/enterprise IT world will jump on that bandwagon. Alas, I have to agree that MS has just shot itself in the foot quite neatly and convincingly. Now we’ll have to see how well their damage control works with the IT audience!


August 18, 2014  10:49 AM

MS Quietly Extends Hotfixes for All Current IE Versions After Recent Security Update

Ed Tittel Ed Tittel Profile: Ed Tittel
Desktops, Internet Explorer, Windows troubleshooting

I didn’t actually experience any problems myself — at least, not that I noticed — after last week’s Update Tuesday brought a round of security updates for all current versions of the Internet Explorer (7 through 11, that is) for Windows. But when my colleague and co-worker Kim came to work in my office last Thursday, I couldn’t help but notice her ongoing observations that IE 11/Win 8.1 had slowed to a crawl on her Lenovo T530 desktop. I also witnessed excessively long page load times on sites that popped up more or less immediately on my production desktop — we test to compare experiences — and had to wonder if the latest round of updates might not be imposing some untoward and unwanted side effects.

msie-hotfixes-140814

And wouldn’t you know it, what should I discover over the weekend but a Windows Support note entitled “Internet Explorer may become slow or unresponsive when web applications implement consecutive modal dialog boxes” (KB 2991509). As the lengthy list to the left also illustrates, you’ll find versions of this hotfix for every current version of IE still in circulation, including 32- and 64-bit versions from 7 through 11, and Windows OSes from Vista to Windows 8.1 on the desktop side, and for Server versions 2008 R2 and 2012 R2. That list, BTW, comes straight from KB 2991509, and if accessed online, provides a download link to the hotfix associated with each such version of Internet Explorer as may be of interest to those who might be suffering from the symptoms described in the KB article’s title.

Aside from an error message when she tried to access the afore-linked KB article that required multiple attempts before she could grab and install the hotfix, Kim reports no further problems, hangs, or excessive download times since she installed the IE 11 hotfixes for both the 32- and 64-bit versions on her 8.1 notebook PC. She writes about and edits Windows 8 training materials and texts, so she uses both 32- and 64-bit versions of IE, and gives them a pretty rigorous workout in conducting her everyday work assignments. Her overall assessment of the situation is also worth reporting, with tongue inserted firmly in cheek: “I installed the patch recently, and it’s been 8 hours since I’ve had any further trouble with IE. Looks like this takes care of the problem — at least until MS pushes another set of security patches for Internet Explorer!” I’m happy to quote her, since I couldn’t have said it better myself.

Needless to say if you, or your users, experience IE hangs or slowdowns after installing (or while testing) the Critical grade security updates released on 8/12/2014, you’ll want to grab and install the corresponding hotfixes linked in KB 2991509 as well. Happy patching!


August 15, 2014  10:33 AM

Precision Touchpad Updates on Update Tuesday

Ed Tittel Ed Tittel Profile: Ed Tittel
Desktops, TouchPad, Windows 8.1

I read with interest in the previews of coming attractions for last Tuesday’s Windows updates that “Precision touchpad improvements” were on their way into Windows 8.1 as part of the limited set of functionality enhancements included in their number (which varied from a low of 18 KB items on machines without Office installed, and over 30 KB items on those with Office resident). Silly me: I understood the word precision to have been used in that context as an adjective, when in fact it turns out to be a specific brand or type of touchpad that represents a technology collaboration between Microsoft and Synaptics. Where I’d hoped that MS was going to extend those controls to all Windows 8.1 users as depicted on Ed Bott’s recent ZDnet blog post entitled “This month’s update rollup for Windows 8.1 delivers more than just bug fixes,” I quickly realized the import of the terminology when the same display failed to show up on any of my Windows 8 touchpad-equipped systems): except for the Surface Pro 3, I’m not aware of any other Win81 PCs that can take advantage of this update. Sigh.

pretouchwin81u2

This image shows some very nice touchpad functionality available from the Modern or Metro UI PC Settings/PCs and Devices/Mouse and Touchpad menu that I’d like to be able to exploit on all of my touchpad-equipped Windows 8.1 notebooks, laptops, and (docked) tablets. The ability to turn the touchpad off when a mouse is connected is worth the price of admission all by itself, if you ask me (as it is my habit to switch over to a mouse when working on a desk or conference room table as I most often do when working away from my home office, except when flying or working in an airport). Yes, I know: I can go into Device Manager and enable or disable the touchpad as my current situation dictates, but it’s a lot more convenient to have a software setting handle this for me automatically, don’t you think? And FWIW, the other touchpad controls enabled here aren’t bad, either!

I guess I’ll just have to keep hoping that other touchpad drivers and software might be enhanced to bring this functionality to other types of similar devices, or that some enterprising software developer might take it upon him- or herself(ves?) to make this a more widespread phenomenon. We’ll see!


August 13, 2014  2:20 PM

Intel Wireless Driver Update Causes Win8.1 Repair Gyrations

Ed Tittel Ed Tittel Profile: Ed Tittel
Image Backup, Windows 8.1

After installing yesterday’s “Update Tuesday” security and functionality updates on my Fujitsu Q704, I ran the Intel Driver Update Utility on that machine to see what might be new on that front, and discovered a new driver for the N-7620 Dual Band Wireless interface on that machine. I promptly downloaded and installed same, only to have the machine crash during the install. Imagine my surprise when it wouldn’t start upon reboot, and my further dismay when ordinary repair operations (using the Recovery partition on the machines SSD) also failed. Couple in my outright disbelief when I couldn’t get the unit to recognize a Windows 8.1 ISO-based (and later, a Windows 8.1 Update 1 ISO-based) bootable USB Flash drive that I created (and re-created a couple of times) using Rufus 1.4.9, my hitherto infallible bootable UFD tool.

rufus-snap

To my surprise and dismay, a bootable UFD built using Rufus went unrecognized on my Q704 (“Boot failed” error).

Even more interesting, my Rufus-generated bootable UFDs worked fine on my desktop test machine, so something was clearly wonky with the Q704 that made it unable to handle the install/repair images I was trying to get it to see. When I hooked up the external drive that I use to capture backups and system images for my laptops (it plays host to a capacious Toshiba 3TB hard disk, which gives it plenty of room for all three laptops currently in my stable), I noticed that it could see (and run) the Dell backup and repair/recovery tool that I purchased to support my Dell XPS12 convertible. But the Dell tool wouldn’t let me access the image for FujQ704, which is the machine name for the unit I was trying to recover, so I couldn’t boot from that drive, and also access the system image available there.

I was finally able to solve my problem by using the online installer that MS makes available to those wishing to upgrade Windows using a product key (see “Upgrade Windows with only a product key“), and choosing the Install Windows 8.1 button available there. This let me get the system booted, then elect the repair option in the second screen of the Windows 8.1 installer program. After that, I was able to target the most recent image backup for the Q704, and use that data to reformat and rebuild the primary drive. Next, I had to catch back up on the Windows updates I’d just installed yesterday, because my image pre-dated that installation. Guess what I’m doing now, having just restored and updated the system to where it’s supposed to be? I’m writing a new image backup of the updated system, so I won’t have to backtrack yet again, the next time this happens. Sigh.

While on this adventure, I did learn some interesting things:
1. As robust and reliable as Rufus seems to be, it apparently doesn’t work in all situations.
2. The Microsoft downloadable Win8.1 installer came through for me, even when Rufus failed.
3. I learned that MS offers a downloadable ISO file for Windows 8.1 Update 1, and used Rufus to turn it into a bootable UFD.

[Note added 4:10 PM CDT 8/13/2014:
I have now confirmed that the Intel Wireless driver file named Wireless_17.0.5_De164.exe is indeed responsible for the crash. I also switched to a different external backup drive, which fixed my earlier issues with access to a system image for restore purposes. Apparently, my trusty 5-year-old Antec USB/eSATA external file enclosure is failing, and occasionally presenting with "unknown device type" USB device errors. This complicated my first restore attempts, since that was the drive that held the most recent image but wasn't readily talking to the WinRE image that stands behind the installer/repair utility. With a newer OS image on a new -- and completely functional -- Vantec file enclosure, I was able to restore that image straight from the on-disk repair/recovery image instead.]


August 11, 2014  9:54 AM

Numerous Security and Other Updates Due August 12

Ed Tittel Ed Tittel Profile: Ed Tittel
Desktops, Patch Tuesday, Windows Security, Windows security updates

When MS published its Advance Notification for the first-ever “Update Tuesday” coming August 12, it listed 9 security bulletins therein. Of these 9, 6 affect modern Windows Desktops (Window 7, 8, and 8.1). Of the remaining 3, Bulletin 3 applies to MS Office (OneNote 2007 SP3 only), 4 to SQL Server (2008 & R2, 2012, and 2014), and 7 to MS Windows Server (2003, Server 2008 & R2, Sever 2012 & R2). SharePoint Server (2013 & SP1) is also subject to Bulletin 7, and Media Center TV Pack for Vista goes ditto for Bulletin 2. We’ll get more details tomorrow when the updates actually get released.

aug14-advsec

9 Security Bulletin Items for August: 2 Critical, involving IE versions 6-11 (Bulletin 1) and Windows graphics (Bulletin 2).

The big items in this mix include Bulletin 1, which applies to every modern version of Internet Explorer (6 through 11), is rated Critical (Remote Code Execution), requires a restart, and is getting some play on various rumor and security sites (most notably, Qualys), all of which admonish admins to apply to particular fix sooner rather than later because it allows malicious Web pages to engineer system takeovers. Ditto for Bulletin 2, which permits remote code execution by exploiting bugs in the graphics execution pipeline (and explains why the little-used Media Center TV pack for Vista falls within its purview), and is also rated Critical (Remote Code Execution).

The remaining bulletins (3-9) are rated Important (four of those 6 present “Elevation of “Privilege” vulnerability impacts, and the other two present “Security Feature Bypass”). Of the 9 bulletins, 4 absolutely require a restart, and the remainder are all labeled “May require restart,” so it looks like post-applications restarts are a virtual certainty. Other updates to be part of the August 12 release — at least according to WinBeta.org — include touchpad improvements designed to increase tracking precision, support for the Wi-Fi Alliance’s Miracast Receive technology (which supports wireless connections between playback devices and TV screens, projectors, and so forth), and various “other minor fixes” still TBD.


August 8, 2014  10:49 AM

EMET 5.0 Is Here: Grab It Today!

Ed Tittel Ed Tittel Profile: Ed Tittel
EMET, Windows Security

EMET is Microsoft’s Enhanced Mitigation Experience Toolkit, a free security software add-in designed to detect and counter zero-day attacks on Windows systems. More specifically, the software can detect and foil “exploitation techniques that are commonly used to exploit memory corruption vulnerabilities…by diverting, terminating, blocking and invalidating … the most common activities and techniques adversaries might use in compromising a computer” (to quote somewhat out of order from the EMET page in Microsoft’s Security TechCenter). I’ve been covering (and using) EMET myself since the version 3.x days, and was running version 4.1 until 5.0 came along on July 31, 2014 (here’s a link to a description of EMET I wrote back in September 2012).

emet-banner

The banner from the EMET page enjoins readers to “deploy today” — good advice!

You can download EMET 5.0 from the MS Download Center, where you’ll also find more information about the software, run-time requirements, installation instructions, and more. Be sure to check it out, and at least give it a try on some test machines or in a hurry-up pilot. I think most admins will find it a valuable (and not terribly resource intensive) addition to their existing software security solutions.


August 6, 2014  11:21 AM

MS Explains “August updates” for Windows 8.1 and more

Ed Tittel Ed Tittel Profile: Ed Tittel
Desktops, Patch Tuesday, Windows 8.1, Windows Server 2012 R2, Windows Update

Yesterday, MS Senior MarComm Manager Brandon LeBlanc posted some interesting info about the upcoming updates to Windows 8.1 and Windows Server 2012 R2 scheduled for August 12 (next week) over on Blogging Windows. In a post entitled “August updates for Windows 8.1 and Windows Server 2012 R2” he revealed a new approach to making functionality and UI changes to the latest Windows versions — namely, exchanging the practice of “waiting for months and bundling together a bunch of improvements into a larger update” (a la Service Packs for older Windows versions, or Windows 8.1 Update 1 released in April 2014) for a practice of “us[ing] our already existing monthly update process to deliver more frequent improvements along with the security updates normally provided as part of ‘Update Tuesday.’ …despite rumors and speculation, we are not planning to deliver a Windows 8.1 ‘Update 2′” [emphasis mine, because I plan to write further about both bolded elements in the paragraphs that follow].

upd-tues-140805

Lots of interesting tidbits about future Windows updates in this recent Blogging Windows post.

Here’s what’s interesting to me about this post, to my way of observing and thinking:

  • Looks like there’s a change of terminology regarding the regular “second Tuesday of the month” for pushing Microsoft updates: the traditional term for this until now has been “Patch Tuesday,” but now it looks like MS is seeking to use the more all-embracing term “Update Tuesday” instead.
  • Also looks like functionality and UI updates will start flowing out on a more-or-less constant basis henceforth. This helps to get those changes into user’s hands faster, to be sure, but I can see it creating headaches on several fronts: it means constant compatibility testing for enterprises that seek to avoid being (unpleasantly) surprised by changes of any kind, and it also means that documenting, teaching, and testing individuals who work with the Windows UI and its tools and utilities (I’m thinking certifications here as well as books, how-tos, help files, and more) gets even more tricky than it already is.
  • If indeed there is some bundling of functionality updates emerging next Tuesday, to reflect changes and additions since April 2014, MS is choosing not to acknowledge this, and is opting instead to simply identify it as one of an upcoming and regular series of such changes and additions to Windows going forward on an as-they-come basis from now on.

All in all, it looks like we’re moving to a constant update cadence for Windows now, for good and/or for ill. This should be an interesting situation to watch, learn from, and get used to. I’m sure nobody understands all the implications just yet, but we’ll be figuring it out as it moves along in the months and years ahead. Get ready!


August 5, 2014  4:48 PM

Windows 8.1 gets minor enhancements

Diana Hwang Diana Hwang Profile: Diana Hwang
Desktops

IT pros who need to upgrade end users with the latest version of Windows 8.1 have a few days left to install Windows 8.1 Update before August 12.

Microsoft next week will update Windows 8.1 again with some minor improvements as part of its monthly Patch Tuesday upgrade release.

The new update  will include enhancements such as providing the touchpad with three new end user settings, the ability to leave the touchpad on when a mouse is connected and enable right clicks on the touchpad. The update will also enable end users to double tap and drag content using the touchpad.

The company will also update Miracast to enable a Windows 8.1 computer to become a Miracast receiver. Miracast is a wireless technology that enables a PC to project the contents of the screen to a TV, projector or streaming media player.

Other improvements include reducing the number of login prompts for SharePoint Online.

For IT pros who intend to update their systems, they must complete the Windows 8.1 Update by August 12. In April, Microsoft granted IT pros a reprieve due to a bug in the original Windows 8.1 Update.

The company said it will deliver the Windows 8.1 update automatically through the existing Windows Update  and through the Windows Server Update Services channels. Enterprise IT pros can update their Windows 8.1 computers and tablets on August 12.

Microsoft continues its fight to gain market share for the Windows 8 operating system but it remains a slow proposition Windows 8 and 8.1 hold only 12.4% of the operating system market, according to  Net Market Share’s July desktop operating system survey. Windows 7 market share continues to rise and is now 51.2% market share, significantly more than Windows 8 and 8.1 Windows XP, which has slowly declined as organizations invest in new PCs and upgrade the ancient operating system is now at 24.8%. Mac OSX 10.9 is 4.1% while the remainder is 7.5%.


August 4, 2014  10:05 AM

New Version of PowerShell App Deployment Toolkit Available

Ed Tittel Ed Tittel Profile: Ed Tittel
PowerShell scripting, Windows 8, Windows deployment tools

Over the weekend,  a new version of the PowerShell App Deployment Toolkit appeared online at CodePlex. Labeled Version 3.1.5, this latest iteration to a substantial collection of PowerShell scripts designed to help sysadmins deploy Windows applications in an enterprise setting includes numerous useful facilities worth investigating. These scripts integrate nicely with System Center, but can also function independently (or with other .NET-based management consoles and suites). And best of all, they’re free (Open Source, actually) for commercial use. Here’s the page header info from the project’s home page at CodePlex:

adt-banner

This latest update at CodePlex is worth checking out, and should be helpful for most sysadmins charged with application deployment on Windows networks.

New features in this latest update include a handy “Send-Keys” function that permits PowerShell scripts to send keystroke sequences to an application Window to help automate in-app post-install configuration and customization, and several improvements to the “Execute-Process” script designed to implement recently promulgated MS best practice recommendations. Numerous bug fixes are also included as indicated on the afore-linked project home page as well. The project includes a reasonably detailed 61-page MS-Word file that serves as a user manual, and also presents a handful of readable and informative “Example Projects” that explore deployment of Adobe Reader in a variety of runtime situations (including SCCM 2007 and 2012, as well as standalone PowerShell-only).

Worth checking out!


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: