This will be my final installment on the subject of working around upgrade issues and problems regarding Windows 8.1. I’ve seen numerous sources that claim the combination of a bootable Windows 8 ISO-derived image, plus an edited edi.cfg file in …Windows\Sources enables installers to skip the Windows Store download of the free upgrade from Windows 8 to Windows 8.1. [See NOTE at end of story for another method]
Yesterday, I tried it myself, in several variations but found no way to accomplish all of these results in a single operation:
1. Work from the USB-based image of the Windows 8.1 installer and perform a free upgrade install
2. Use the original Windows 8 key as the key for Windows 8.1 during or immediately after install
In following the method I laid out in my December 4 blog post “Windows 8.1 Store Upgrade Snafu/Catch-22” I quickly observed that the installer did not present me with upgrading from the current Windows 8 installation on my son’s Dell XPS2710 unit. I was only presented with the options of preserving settings, store apps, and files, settings and files only, or nothing at all. Of course, I also wanted to preserve the desktop apps that had already been installed so that wasn’t really what I was after. If I simply went the clean install route, I couldn’t get my Windows 8 key to work as a valid Windows 8.1 key.
Gyrations completed, I opted to grind through the incredibly slow download and install from the Windows Store. I started this off at 2:15 PM in the afternoon, and it didn’t get all the way through that process until around 4:30 PM, where the bulk of the delay came from a 3.84 GB download whose bitrate often fell below 1 Mbps making the transfer, even though my Internet connection is capable of handling up to 20 Mbps in download speeds under optimal conditions, and 15-16 Mbps nearly all the time.
I was somewhat pleasantly surprised by the results of the maneuver this time around, because:
1. Having updated all drivers to the most recent, 8.1-friendly versions recently on this machine, the 8.1 installer changed no drivers whatsoever during the install.
2. Other than an apparent stall between the “Getting Devices Ready” and “Getting Some More Things Ready” phases of the installation process, during which I had to cold-boot the machine (it was stuck with a black screen, showing no disk or other activity I could ascertain, so I pulled the power plug, plugged it back in, waited 10 seconds, then hit the start button), the process completed without any snags.
3. Start8 remained operational after 8.1 booted for the first time (I’ve had mixed luck in sometimes having to reinstall Start Menu replacements on 8.1, and sometimes not), though I did have to reinstall 8GadgetPack to get my desktop gadgets back.
All in all, though, things went about as well as they could have. And having ploughed through countless war stories from other IT pros who haven’t been so lucky with their Windows Store upgrades, I am both pleased and relieved to have the bulk of these upgrades entirely behind me. I still have to believe that MS will come up with a technical solution for the free upgrade from local media, rather than requiring everyone to sit through a sometimes interminable download from the Windows Store (and struggle through the occasional cases where this particular upgrade technique fails to complete as it should). It just doesn’t make sense to force small to medium sized operations that don’t have other means of accessing “no-cost” keys for upgrading from Windows 8 to 8.1 should be forced to perform one-at-a-time upgrades this way. Let’s hope that this technical solution becomes available sooner, rather than later.
And one more thing: I was able to ascertain that my Windows 8 before installation and my Windows 8.1 after installation on the XPS2710 did indeed share the same Windows key, thanks to Nir Sofer’s dandy ProduKey utility. So it is demonstrable that a Windows 8 key will also work as a valid Windows 8.1 key. But that apparently works only with the code and installer that gets downloaded from the Windows Store, NOT the ISO version so readily downloaded from MSDN.
[NOTE added 12/15/2013] There’s a 12/13 story by Paul Monckton from the PC Advisor entitled “How to create a bootable Windows 8.1 USB flash drive so you can install Windows 8″ whose subtitle is actually more important “Create a bootable USB flash drive from which you can install or upgrade Windows 8.1” (emphasis mine). He makes some changes to the ei.cfg file that make it version independent and describes how to get through the install without entering a key until activation time. This might actually do the trick for those who must make repeated installs, but it still doesn’t seem “automation-friendly” for larger scale deployments. That said, it’s definitely worth reading as another way to work around the Windows Store download and limitations inherent to the “free Windows 8.1 upgrade/update.”
In the past month or so, I’ve documented various issues and potential gotchas in upgrading from Windows 8 to 8.1 This morning, I came across an extremely interesting item from Microsoft amidst its Windows 8 Website pages. The title of that page speaks volumes, so I reproduce it here in pictorial form as a screen capture:
MS clearly states that you can upgrade from 7 or 8.1 Preview only, and that the Windows Store method is REQUIRED for the Windows 8 to 8.1 “update”.
Alas, I wish this news were better. Just for grins, I’m going to try this method with the Windows 8.1 ISO and the Windows 8 product key from my son’s Dell XPS 2710 later today or tomorrow, to see if it will work for that scenario as well (Windows 8 key with a Windows 8.1 setup; FYI the link later on this page labeled “Install Windows 8.1″ points to a file named WindowsSetupBox.exe, whose original filename descriptor reads “Web Setup Self-Extractor” so I’m guessing this provides an alternate means of accessing the same installer that’s used through the Windows Store for ordinary 8 –> 8.1 updates). To grab the product key from an already installed version of Windows 8 (or other versions, for that matter) you need a tool to extract it for you (find a list in this Yahoo! article “How to Find Pre-installed Product Key for Windows 8“). I like Nir Sofer’s tools and utilities more than most, so I turned immediately to the NirSoft ProduKey utility. It coughed up the necessary info in seconds after I unpacked the ZIP file into my standard Utilities directory. Next blog post: a report on using the Windows 8 key with an ISO install from a bootable USB using an MSDN-obtained image file for Windows 8.1 Pro.
I’ve been a fan and devoted user of Acronis True Image for half a decade or longer, but am struggling a bit with the latest version (2014) when combined with Windows 8 versions (either 8 or 8.1). I have many reasons why this is the case, some good, some persnickety, and plan to visit all of them. I’ll tackle this rumination in the form of a list of pros and cons, while noting that the pros outweigh the cons by and large, and that the program remains peachy keen for its primary intended use — namely, backing up and restoring files and partitions on Windows PCs. This screencap of the Tools and Utilities pane in the program helps to convey the broad range of (mostly excellent) functionality that Acronis True Image (which I’ll henceforth call ATI here) 2014 delivers cheerfully and reliably:
ATI Tools and Utilities include a variety of interesting functions; the other key tab is for Backup and Restore.
The plusses and benefits in using ATI 2014 are many and varied. I’ll present my favorites in the form of a bulleted list (and for parity, do likewise with the cons that follow afterward):
1. Rescue Media Builder lets you create a bootable CD, DVD, or UFD (USB Flash Drive), or build an ISO image from a bootable disk (a nice way to snapshot its contents in a mountable form).
2. Acronis offers an alternative to the F8 at bootup to launch Windows Recovery: strike F11 to launch Acronis Startup Recovery instead (which works with rescue media to give you access to existing and available Acronis and Windows backups).
3. Acronis Secure Zone provides a way to set up a password-protected disk partition in which to store backups (otherwise, anyone with administrative rights to a system can read anything and everything in that backup).
4. Backup settings transfer lets you capture backup settings from one PC (or VM) and move it to another PC (or VM); helpful for cookie cutter operations across multiple PCs and VMs.
5. Backup conversion can be handy in moving backups to and from PCs that don’t have ATI installed.
6. System Clean-up, DriveCleanser, and File Shredder are all workmanlike history and data erasure tools (DriveCleanser complies with US DoD 5220.22-M, while the File Shredder not only supports that standard, but 6 other standards as well).
7. The Extended Capacity Manager is a nice alternative to the Asus Disk Unlocker utility for those with drives larger than 2.2TB in capacity, and systems to old to mount such large volumes natively.
8. In the “saving the best for last” tradition, ATI’s backup and recovery remain second to none. I’ve never had a problem reading a backup after the fact, and the Mount/Unmount image utilities make any ATI backup mountable and browsable as a normal Windows file system in the form of a Windows (virtual) disk drive. The Disk Backup facility makes image backups easy to capture, while Recover makes them easy to restore.
1. The Boot Sequence Manager is designed to permit you to boot from any disk image you select as the source for boot-up, but in practice this works only on non-UEFI PCs because of restrictions on boot controls in their non-volatile RAM (NVRAM).
2. The same limitation (no built-in support for cloning UEFI boot drives) makes the Clone Disk utility useless for transferring the boot drive on such systems to another hard disk or SSD, because of the way that UEFI boot works. So far, the only tool I’ve found that works around this limitation is Paragon Software’s Migrate OS to SSD version 4.0. Acronis may remedy this on its next release, according to a recent conversation I had with company representatives, but it’s not yet a sure thing.
3. Over time, ATI backups, both full and incremental, tend to accumulate on active Windows systems (my production desktop sees more than 70 of them all the way back to September 2009), but they aren’t labeled in a terribly friendly or accessible way. Here’s a brief sampler of what I’m describing:
Abbreviated info above, detailed below, but neither is terribly helpful or descriptive. I’ve talked to Acronis about allowing user tagging data to appear here, too.
When you have dozens upon dozens of backups to look through, and not a lot of information to go on (except a cryptic system-assigned name or drive letter, the folder location, and capture date) , it can get frustrating trying to find the right item. Sure you can mount the backup and see what’s in there, but that takes more time than reading a user-defined tag or label.
All in all, though, there’s still a lot more to like about ATI 2014 than otherwise. And for $49.99 (MSRP) it remains a good enough software buy that it goes on all my production systems.
In prior versions of Windows, the built-in backup facility with its image capture capability provided images accessible to a variety of recovery tools, including the “Repair your PC” option available to those who book from a WindowsPE-based install ISO or a repair disk of some kind. With the introductions of Windows 8, and more recently, Windows 8.1, I’ve come to rely on the “Record Image” (recimg) command-line utility that integrates with the “Refresh your PC” capability in those OSes as well, especially when used through SlimImage Utilities excellent RecImg Manager app. And because it will let me capture an OS image from one drive on a UEFI system and re-image it on another driver for UEFI use, I’ve also become quite fond of Paragon Software’s 4.0 version of its excellent Paragon Migrate OS to SSD utility (earlier versions can’t handle the UEFI boot manipulations that occur behind the scenes, so only this and newer versions work for Windows 8.* versions).
But it’s still a good idea to keep a plain-vanilla image file around for Windows repair and recovery utilities to use. Starting with Windows 8.1, this requires launching the File History applet in Control Panel (you can search on File History to access this tool, or navigate your way in through Control Panel). When you get there, click the entry that reads “System Image Backup” in the lower left-hand corner of the applet window:
This brings up the “Create a system image” window that requests you to specify a target where you’ll store the resulting image file:
Once you pick a destination for the image, you’ll select the items you wish to include therein (at a minimum, this must include the recovery partition, P: in this case; and the system partition from your boot/system drive, which is usually the C: drive as shown here):
Next you’ll be asked to confirm your selections:
Once confirmed by clicking the Start backup shown above, the image capture gets underway on the designated target drive:
That’s all there is to it. So you can keep using Windows-generated image files in Windows 8.1, even though you may have to unlearn a few old habits, and absorb some new ones, to make that happen!
Over the past week, I’ve had several members of the “old guard” — colleagues who go back with me to the stone age of networking, during the glory days of Novell NetWare in the late 1980s and early 90s — contact me about a vexing problem with the free Windows Store upgrade from Windows 8 to Windows 8.1. Though there are many variations on this theme (if you search Google for Windows 8.1 download hangs you’ll immediately see what I mean) the basic situation plays out like this:
1. A user running a Windows 8 PC visits the Windows Store, and starts the Windows 8.1 download
2. Somewhere prior to completion, the download process hangs and never completes
3. Repeated download attempts likewise hang, and the Windows 8.1 upgrade process never completes, either
Those who get an error message from a failed Windows 8.1 upgrade may see this; most affected by the hang see nothing at all.
There’s an interesting “catch” involved here, too. The obvious fix is to grab the Windows 8.1 ISO and skip the store download. But without some trickery, the old Windows 8 key will not be accepted during the early phases of the Windows 8.1 install where a key is (normally) requested. One old friend of mine recounted at length how this led to a classic IT finger pointing exercise, wherein vendors blame each other and no remedy to the situation can be extracted from either one. This involves OEM versions of Windows, where the OS software is typically licensed to a hardware vendor (I’ve seen complaints of this kind of thing for owners of Acer, Dell, HP, Lenovo, and Sony units of vintage recent enough to have come with Windows 8 pre-installed). Microsoft says “It’s an OEM problem, so you need to work this out with your OEM.” The OEMs say “We can’t issue Windows 8.1 keys, go talk to Microsoft.”
This has led to some pretty extreme reactions from affected users and IT professionals (see Brad McCarty’s “The Utter Failure of my Windows 8.1 Upgrade” for a good example of this genre), and to plenty of frustration and vexation for that audience as well. My old buddy Mickey points out that the Windows Store method may work for home users, or onesie-twosie business situations, and that businesses big enough to have Software Assurance, volume purchase agreements, or enterprise licenses with Microsoft have no trouble generating as many Windows 8.1 keys as they might need. Small businesses with up to 100-200 users, however, are stuck between a rock and a hard place. They can’t really automate the Windows Store upgrade approach, nor are they willing to purchase 8.1 keys just to avoid the hassle of working through the one-at-a-time upgrade at the Windows Store, either.
In this connection, a post at answers.microsoft.com dated October 23, 2013, may give affected users (and small businesses) some hope for relief, along with a usable workaround. First, they can follow the article at NeoWin “Here is how to get the Windows 8.1 ISO and create a USB install stick” to create a workable 8.1 installer that doesn’t involve downloading anything from the store. This will abort when the initial key request occurs early in the install process, but by creating a specially formatted ei.cfg file (as described in a comment at WinSuperSite.com) they can instruct the Windows 8.1 installer to skip the initial request for a key during the install process. When the machine next reboots, it will ask for a key, but it will accept the upgraded Windows 8 key as valid at this later point in the Windows 8.1 install process. According to online sources, Windows 8.1 happily activates the old key thereafter.
It all goes to show that when things go wrong, the easy or obvious approach may not work to fix them, but sufficient energy and ingenuity can lead to a workable solution. Here’s hoping that this method will bail all the many IT service providers and small consulting outfits who support small businesses out of their current upgrade jams!
Over the holiday weekend, I migrated several more PCs from 7 to 8 to 8.1, and made some deliberate variations along the path from the initial starting point (Windows 7 SP1 ) to the final destination (a fully-patched and up-to-date Windows 8.1) to see what I could learn about how to make that path as smooth as possible. The short version of my story, for those disinclined to revel in the gory details, is best summarized as: “Update all drives after the first step, from Windows 7 to Windows 8, and the second step from 8 to 8.1 will go more easily.”
|Drivers in need of upgrade as per DriverAgent|
|PC/Laptop||7 –> 8||8 –> 8.1||Clean Install|
|Lenovo X220 Tablet||12||2||21|
I will happily provide configuration details on the machines included in the preceding table, should anyone be interested. But my primary observation is that while there are undoubtedly and indisputably many good reasons to perform a clean install for any new major Windows OS version, minimizing post-install driver tweaking surely isn’t one of them. In fact, I saw a profound tendency for the Windows 8.1 installer to replace newer (and valid) drivers for Intel network adapters and built-in HD graphics circuitry than for any other kinds of components, but also observed that chipset elements, storage (particularing SATA AHCI and RAID drivers) and USB (particulary USB 3.0 drivers) were likely to experience rollbacks as a result of clean Windows 8 installations.
Does this mean that IT should reverse its longstanding policies and beliefs that clean installs are generally preferable to upgrades? Not at all; not even a little bit. What it means is that it’s probably a good idea to take a representative machine through the process by hand, use it to identify and obtain the latest and greatest drivers for Windows 8.1 before performing any further installs. This could even lead to slipstreaming those drivers into a customized WinPE based Windows 8.1 install image, so that all the necessary drivers — as well as applications, utilities, policy updates, and so forth — could be integrated into the actual 8.1 image used to perform 8.1 clean installations in bulk.
In fact, the bigger the population of machines that need to go through the clean install, the easier it is to justify the extra one or two days of effort that will be required to put all the pieces together to enable them to proceed without requiring any post-install clean-up whatsoever. Ultimately, the time and effort that the necessary planning and preparation can save will overshadow the time spent planning and preparing for a large-scall rollout.
As a person who loves to tinker with his systems, I couldn’t stop myself from rebuilding my primary 8.1 test machine over the past couple of days. It’s a brute of a system with an i7-3700K CPU, 32 GB RAM, almost 6 TB of storage including 2 SSDs, and lots of other bells and whistles. The ostensible reason for the rebuild was to see if a clean install of Windows 8.1 works better than an upgrade from Windows 8 to 8.1 did. Interestingly enough, the answer in this case turned out to be: “In some ways yes, and in some ways no.”
The install certainly went quite quickly: from start to finish, including rearranging SATA drives in the system so I could switch from an older OCZ Vertex 3 128 GB SSD which had been acting as the system drive, to a newer OCZ Vertex 4 256 GB SSD, the whole shebang took less than 20 minutes. With another half hour to get through all the updates and so forth, this was less than half the time the upgrade took on roughly the same configuration (different system disk). I was also able to get all four of the bays in my plug-in 2.5″ drive bay device hooked up and working, so the system now has 9 storage devices attached: 6 SATA-attached HDs and SSDs varying in size from 119 GB (actual, nominal 128 GB) to 1.36 TB (actual, nominal 1.5 TB), plus a couple of USB 3.0 attached hard disks in a ThermalTake dual drive caddy, and a Blue Ray player/burner as well.
But unlike my recent experiences in upgrading Lenovo and Dell notebooks, and with a mini-ITX DIY system, all of which I took from Windows 8 to 8.1 recently, I didn’t do anywhere near as well on the driver front. To my astonishment, DriverAgent reported 23 out of 40 drivers as bad after the initial install was completed, or over 50% bad drivers. On other systems, I’ve never seen worse than 25% of drivers, and that only once or twice over the decade or so I’ve been using this platform on my various PCs. In fact, DriverAgent is still showing 25% bad drivers — rating I think is bogus for reasons I will shortly explain — even after my best efforts in trying to catch things up. My research has shown, however, that it is not unusual to get better results from an upgrade from 8 to 8.1 than from a clean install on the same hardware, so I’m not alone in observing this phenomenon.
Here’s the most galling example of what DriverAgent is showing me in graphic form for this system right now:
The yellow question mark means “unknown device” and the listings show odd driver discrepancies, too.
Here’s a list of the dates and drivers that DA says I should have installed, next to what’s actually installed for all of these items:
|Other Devices Entries from DriverAgent on Win8.1 i7-3770K PC|
|Item name/info||Recommended version||Recommended date||Actual version||Actual date|
|ASMedia XHCI Controller||220.127.116.11||11/08/2012||18.104.22.168||08/16/2013|
|Intel C200 USB EHC 1C26||22.214.171.1241||12/21/2010||126.96.36.1996||07/31/2013|
|Intel C200 USB EHC 1C2D||188.8.131.521||12/21/2010||184.108.40.2066||07/31/2013|
|Intel SATA AHCI Controller||220.127.116.111||09/20/2010||18.104.22.1680||09/20/2013|
|Nvidia GeForce GTX 560 Ti||22.214.171.12423||09/12/2013||126.96.36.19982||11/11/2013|
Now the way I understand it, you only need to replace a driver if the one found on your system is older or has a lower version number than the one in the update database. Occasionally, DA gets things wrong and either recommends a driver that causes problems once installed (rare), or a driver for which the automated installer won’t work on the target machine (more common). This is the first time I’ve seen so much stuff show up under the Unknown Device yellow question mark, for which the scanner apparently recognizes most, if not all, of the salient device details (including all of the stuff that I care about). It also doesn’t make sense that DA is tagging these items because none of them is older or lower in version number than the recommended alternative. Bizarre!
But at least the system is running well, and behaving itself nicely. I’m still in the process of reinstalling all my favored apps and tools, but have hit no serious snags so far into the process. As and when I do, I’ll report further on what I learn. Happy Thanksgiving to one and all, too!
[Note: WOW! Talk about a quick fix
I sent a copy of this blog post to Eric Pellerin at DriverAgent right after lunch today, and asked him to share my observations with his engineering folks. About one hour later I got a phone call to say that the problem was known and relates to a change between previous versions of Windows up to Windows 8, and 8.1. That change saw two registry entries per device in earlier versions: a descriptive ID field, plus a GUID to uniquely identify the device in encoded format. In Windows 8.1, the descriptive ID field is no more, and only the GUID is used. The DA software needs to find both entries on the reporting machine, or be able to find them in its own database, so as to avoid the “unknown device” reporting with a yellow question mark. And now I know that this didn’t happen for those particular devices.
But it wasn’t for a lack of effort or a failure of preparation. To get ready for Windows 8.1, the DA team made sure to add all of the descriptive field data they could muster for possible devices, but in the words of engineer Kevin (no last name given nor requested) “we missed a few.” He went on to explain that, in particular, display devices, disk controllers, and USB 3.0 drivers, were prone to lack the DA-supplied descriptive ID data for Windows 8.1 lookups. Because of my input, they were able to identify and fix those offending entries. And the last time I ran the driver scan, all of those Unknown Device items were gone. Check this out! Now THAT’s what I call customer service…
Hey presto! All fixed, and I’m impressed.
One week ago, I posted a blog here entitled “Windows 8.1: More Than an Update, More than an SP.” The point I was trying to make therein was that upgrading to Windows 8.1 involves some interesting and unexpected changes, especially where device drivers are concerned (many of which get replaced as a consequence of the upgrade, sometimes even involving over-writing newer already-installed drivers with older ones, sometimes involving driver replacement when 8.1-specific items are known to the Windows 8.1 installer). This post provoked an interesting comment from user “Branestawm” (Richard) who warned against upgrading to 8.1 on a Lenovo laptop:
My advice would be not to update to 8.1 if you have a Lenovo laptop. Their website lists a large number of incompatible models. I have an Ideapad U330 Touch (which is supposed to be OK) and have just reinstalled 8 after my problems.Many people share this problem, as can be seen on the Lenovo forum:http://forums.lenovo.com/t5/IdeaPad-Y-U-V-Z-and-P-series/Windows-8-1-on-Ideapad-U330-sleep-problems-etc/m-p/1313499/highlight/false#M105920Other models have similar tales of woe. Lenovo support say that they are working on the problems, but I can’t understand why they were not sorted out before launch.DON’T UPGRADE YOUR LENOVO!Richard
Yes, that’s right: I was able to update ALL drivers for the T520 to most current status for 8 and 8.1!
Interestingly, DriverAgent showed 4 drivers as behind the curve on Windows 7 SP1 before I started the adventure, and that represented the best I was able to do in terms of getting those drivers completely up-to-date. Yet after each upgrade (first to 8, then to 8.1) I started out with only two drivers behind the times on either of those releases. In other words, my driver status right after the upgrade was already better for either of the two Windows 8 versions I worked through than it had been for Windows 7 to begin with. That was a real surprise, and differs dramatically from my experiences on other systems from Dell (an XPS12 convertible notebook and my son’s XPS2710 touchscreen All-in-One) and on home-built systems, both of which include Asus motherboards (a P6X68D-E on one, and a P8Z68-V on the other), and an Acer 5552 notebook with an AMD dual-core CPU.
As always, the devil is in the details. I don’t think it’s necessary to warn any and all Lenovo notebook owners off of the Windows 8.1 upgrade process completely, but that doesn’t mean every upgrade will go as smoothly as mine just did, either. YMMV, indeed.
I’ve blogged many times here about the excellent Secunia Personal Software Inspector (PSI) tool, which checks all the installed programs on a PC and compares them to its database of current (and fully patched, as in the case of the Windows OS itself) software programs and systems. Recent PSI versions have, however, been subject to a variety of “issues” with Windows 8 and 8.1, especially on PCs running Internet Explorer version 11, which primarily manifest in one of two forms:
1. The software scan hangs prior to completion, and never appears to complete
2. As a Windows (8.1) system freezes, a message that reads “Stop running this script” appears on-screen.
In another recent (11/22/2013) InfoWorld article (“Secunia fixes PSI…“), Woody Leonhard explains that the easiest fix for these problems was to roll back from the most current version (188.8.131.5213) to its predecessor, 184.108.40.20611. With the release of a new version (220.127.116.1115) all of these problems have apparently been solved.
When I went looking to figure out which versions of PSI I had installed on my various notebook, tablet, and desktop PCs, I quickly learned two interesting things. First, there’s no easy way to get version information about your PSI install unless you run a scan, and then check the details on the listing for PSI inside of the “Show Programs” view from PSI itself. If you find the program icon, right-click it, and select “Show details” you’ll see something like this:
Interestingly, the easiest way to get information about which version of PSI you have installed is from examining details about the program compiled in a PSI scan.
Second, it’s clear from looking at my various PCs with version 3 of PSI installed that PSI doesn’t update itself, either. I found versions ranging back to 18.104.22.168xxx, depending on how long ago I had installed the program on the particular machine I was checking. I also learned that if you download and reinstall a newer version, PSI will automatically uninstall the older one before installing the newer, and migrate scan results, settings, and other data into the new version more or less seamlessly.
The bottom line here is that Windows 8 and 8.1 users with Internet Explorer 11 installed (voluntary on 8, automatic on 8.1) should immediately download the latest PSI version and install it on their PCs.
The Enhanced Mitigation Experience Toolkit (EMET) is a collection of Microsoft security tools and software designed to protect Windows users from zero-day exploits. I first blogged about it in September, 2012, and its general content and coverage remains current even today. A recent update to this toolkit (dated November 12) is now available, and even though Windows 8.1 doesn’t appear on the list the Windows versions it supports, it works fine on the half-dozen or so test and production systems upon which I’ve now deployed it.
Not only does EMET 4.1 work with Windows 8.1, it also offers some nice updates and improvements to the previous version (I was still running version 3.0 until I found this).
EMET 4.1 is smart enough to recognize when it gets installed on a PC running an earlier version, and to remove the older version of the program before installing itself. Those already familiar with earlier versions will notice some interesting changes as they explore the new GUI interface for the 4.1 version. There’s also a helpful 42-page User Guide that comes bundled with the application. Security aficionados will find the explanations of the program’s various mitigation techniques (Section 1.2), application mitigations, and its built-in protection profiles particularly interesting. There’s also a section on deployment that aims primarily at System Center that will speak to anyone who’s using some form of centralized management to push the latest EMET version out to a user base.
One word of warning, straight from the User Guide: “As of EMET 4.1, we no longer support EMET 1.x or EMET 2.x. We will continue to support EMET 3.0 until June 2014, 12 months after EMET 4.0 release.” Also, there’s a 5.0 version planned for November, 2014, twelve months after 4.1′s release.