If you’re an Office 365 subscriber with a company email address enrolled, you owe it to yourself (and your company or organization) to give Microsoft Teams a try. It’s the new “teamwork hub” for the Office 365 environment. It’s likely to replace Skype for Business in the next year or two, too. To that, I say “Hooray!” because my experience in working with Microsoft Teams over the past couple of months has been entirely positive. So please, do try Microsoft Teams at your earliest convenience!
There are so many reasons why MS Teams beats Skype for Office, I’m having trouble remembering them all!
[Click image for full-sized view]
Why I Say: Do Try Microsoft Teams
The short and sweet of it is that MS Teams beats Skype for Business three ways from Sunday. Here is what Kari (my Win10.guru partner) and I agree are its most beneficial and superior attributes:
- Easier to collaborate with others online, especially for sharing documents and working on them simultaneously, in parallel.
- No issues (none!) with transferring files or posting screenshots/image in the chat window.
- More intuitive UI that is easier to learn, understand, and use.
- Starts — and runs — much faster, and is more reliable in every way. Even running over a VPN from Germany to Texas, works quickly and well.
- Terrific integration with the rest of Office, especially Outlook. Automatically logs, then emails chat sessions to Outlook via “regular mail.” No need to dig into Conversation History in Outlook to see old chats.
- Excellent screen sharing, with the ability to jump around various session members’ screens. Also easy to grant, take, and surrender control of screens for remote access. Personally, I like it better than RDP/Remote Desktop Connection.
- Outstanding meeting capabilities, with full Outlook calendar, invite and management capabilities. Also supports HD video, VoIP call-in/out, and a variety of audio conferencing options (including dial-in or computer headset-based sound).
And we haven’t even explored the advanced VoIP/phone management capabilities it delivers quite yet. If you like (or regularly use) Skype for Business, you’ll LOVE Microsoft Teams. If you don’t like (or use) Skype for Business, you’ll probably still like Microsoft Teams anyway. Give it a try! Learn more at the Microsoft Teams home page.
You might not think that a compression tool like 7-Zip could pose security problems for Windows. If so, you’d be wrong. I just learned — courtesy of a January 31 post from Woody Leonhard — that older versions of the program are vulnerable. Vulnerable as in having been issued CVE-2017-17969 for buffer overflow attack potential. This leaves PCs open to denial of service attacks (not so good) or the ability to “potentially execute arbitrary code via a crafted ZIP archive” (BAD). That’s why you want to jump up to Igor Pavlov’s 7-Zip page, grab a new copy, and install it right away. As the blog post title proclaims, you should “Update 7-zip to 18.01 NOW!!”
You want to get to version 18.01 (released Jan 18, 2018) or higher, ASAP!!
More About Update 7-ZIP to 18.01 NOW
This comes with one gotcha. Courtesy of its tight integration with File Explorer (7-Zip installs multiple shell extensions by default) you’ll have to reboot PCs once the update has been applied. OTOH, because there still aren’t any known exploits (none that I can find, anyway), you could wait until your next code refresh if you wanted to take a chance. I’m not sure that’s a good idea, though: I just upgraded all my copies of 7-Zip. Woody seems plenty insistent that you wanted to do this on January 30, when he issued his warning. It sure hasn’t gotten any safer in the meantime, either.
I feel strongly enough about this, in fact, that I just opened Secunia PSI to check 7-zip status therein. Sure enough, it shows the older 16.0 version of 7-Zip as “Up-to-date.” By extension that means they think it’s still safe. I’m writing them an e-mail now to inform them otherwise. I’ll also be observing that I kind of expect to hear about this kind of stuff from them via their software, rather than the other way ’round. Wonder if that’ll spur a reaction. If it doesn’t I’m going to have to find a replacement for Secunia PSI. Sigh.
I thought the whole reason I use Secunia PSI is to have it warn me about stuff like this?
There’s an interesting development on the Windows landscape. It’s also perhaps a “killer reason” for Win10 upgrades. Here ’tis: MS has confirmed that Office 2019 will only be available on devices running Windows 10. Ouch! Those using older Windows versions can’t upgrade. This info appears in a blog post innocuously entitled “Changes to Office and Windows servicing and support.”
Now here’s a blog post that punches way beyond its title’s apparent significance.
Here’s how MS dropped this bomb , and delivered its “No Win10 means no Office 2019” message:
Effective January 14, 2020, [Office 365] ProPlus will no longer be supported on the following versions of Windows. This will ensure that both Office and Windows receive regular, coordinated updates to provide the most secure environment with the latest capabilities.
- Any Windows 10 LTSC release
- Windows Server 2016 and older
- Windows 8.1 and older
That leaves only Windows 10 standing. Not even the oldest versions, witnessed by exclusion of the LTSB, now known as the Long Term Servicing Channel (LTSC) is included. All I can say in response is “Wow!”
If No Win10 Means No Office 2019, Then What?
Obviously, this means that companies that want to stick with Office 365 or standalone installs are going to have to upgrade their PCs to Windows 10. According to the afore-linked blog post, the next Office release will ship in H2 2019, with previews of the new apps and servers (which include Exchange, SharePoint and Skype for Business) appearing sometime in Q2 2018. Furthermore, here’s the second salvo in MS’s bombing run (emphasis mine):
The Office 2019 client apps will be released with Click-to-Run installation technology only. We will not provide MSI as a deployment methodology for Office 2019 clients. We will continue to provide MSI for Office Server products.
Again: “Wow!” Things are changing big-time in the world of MS software and subscriptions. Methinks the vision of “Windows/Apps as a service” takes another giant leap forward, too. My Win10.guru partner, Kari the Finn, insists that MS will steer its customers of all scales and sizes to Azure AD as well. That makes for a Windows/Office/Azure AD trifecta which, coupled with AutoPilot and InTune, recasts the MS landscapre entirely. I agree. All this stuff lines up far too nicely to be a simple coincidence.
Life in the MS world has just gotten a lot more interesting. Just how interesting remains to be seen. Stay tuned!
PS: Make of this recent MS announcement naming former MS public face of “Windows as a Service” Michael Niehaus to principal program manager on the “modern deployment team” what you like. Notice his emphasis on InTune and AutoPilot in the article. I think it simply proves my point, don’t you?
Lots of Win10 users are reporting issues when trying to install the Spectre follow-up Windows Update item, KB4058258. Many of those who’ve installed KB4056892 have reported issues when trying to add its replacement, KB4058258. A kind of “recipe” has emerged, for those who want to apply this KB4058258 install fail fix. I’ll recite same in the next section of this blog post, and continue with some explanation and analysis.
How to Apply KB4058258 Install Fail Fix
This is a three step process that requires uninstalling the original update, cleaning up Windows using DISM, then manually installing the follow-up item, KB4058258. Here’s how:
- Open Control Panel, select Programs and Features, click View installed updates. Right-click on the entry for KB4056892, then select “Uninstall” from the resulting pop-up menu. When the uninstall process is complete, reboot your PC. Some users report seeing two different KB4056892 entries in this list. If you do too, you must uninstall both of them (and can wait to reboot until the second uninstall is finished).
- Open an administrative Command prompt or PowerShell session, and enter this specific deployment image servicing and management (DISM) command:
DISM /online /cleanup-image /startcomponentcleanup
- Grab the KB4056892 download for your Win10 version from the Microsoft Catalog, and install it manually. Reboot one more time.
When all these gyrations are complete, the Win10 version should be current (as I write this post, that’s 16299.214) as shown here:
Many users with this issue report getting stuck at lower build numbers
(e.g. 16299.15, 16299.125, or 16299.192).
How the Fix Works
It seems that some of the changes that KB4056892 makes prevent the follow-up item, KB4058258, from installing. By manually uninstalling the initial item (KB4056892), we undo those changes to make way for the next item to install unimpeded. Running the DISM command sweeps away all traces of that earlier update (or updates plural, for those who find two KB4056892 items in their update histories) from the WinSxS binary store. Then, manually installing the follow up item KB4056892 makes sure that Windows 10 gets caught up to the proper cumulative build index, without having to wait for WU to deliver and install it for you. Voila! Done!
[Note: thanks to those intrepid Windows investigators and troubleshooters at TenForums. I learned about this fix from the thread entitled “Error 0x80073715 in KB4058258.” Special kudos to members Ben Hastings and winactive in getting this nailed down.]
When Microsoft Announced Windows 10 S last year, the general response was a resounding “Huh?” Windows 10 S restricts users to apps from the Microsoft Store. In fact, that’s what the “S” in Windows 10 S stands for. The idea is a more secure and streamlined Windows 10 experience. Thus, Windows 10 S gives companies (or service organizations) tighter limits on and controls over Windows desktops. Windows 10 S was an OEM product only, available only on computers with that OS pre-installed. Yesterday, Paul Thurrott posted a pair of articles that explained upcoming changes to Windows 10 S. Simply put, these stories reveal that Windows 10 S is going away as a standalone product, as Windows 10 gets S modes for a variety of products instead.
What Windows 10 Gets S Modes Really Means…
In one of the stories, Thurrott talks about a “New Windows 10 Consumer SKU Roadmap…” Users can upgrade for free from Windows 10 S to a full-blown version now. Not any more, moving forward. MS envisions 5 “Consumer SKUs” for Windows 10 S. (Enterprise does not appear, but may get S modes of its own anyway. The following list and pricing info comes verbatim from Thurrott’s article):
- Entry: Intel Atom/Celeron/Pentium ≤ 4GB RAM & ≤ 32GB SSD AND ≤ 14.1” screen size (NB), ≤ 11.6” (2in1, Tablet), ≥ 17” AiO
- Value: Intel Atom/Celeron/Pentium ≤ 4GB RAM & ≤64GB SSD & ≤ 14.1” screen size (EM ≤ 4GB RAM & ≤64GB SSD or ≤ 500GB HDD)
- Core: Cannot be used on devices that meet the Core+ and Advanced SKU Hardware Specifications
- Core +: High end CPU and >4 GB RAM (All Form Factors) ≥8 GB RAM & ≥1080p screen resolution (NB, 2in1, AiO) >8 GB RAM & ≥2TB HDD or SSD storage (Desktop)
- Advanced: Intel Core i9 (any configuration) OR Core i7 ≥ 6 Cores (any RAM) OR AMD Threadripper(any configuration) OR Intel Core i7 >16GB (any Cores) or AMD FX/ Ryzen7 >16GB (any Cores) OR ≥ 4K screen resolution (any processor, includes 4K UHD-3840 resolution
Pricing for the SKUs is as follows: Advanced ($101), Core + ($86.66), Core ($65.45), Value ($45), and Entry ($25). Also, Windows 10 S is dead, it’s now Windows 10 S mode and the baseline SKU will be going away but each version will have an S mode.
Furthermore, Thurrott reports this new regime will kick in on April 2nd. New pricing for Home advanced takes effect on May 1st. Finally, he indicates that MS will charge users $49 to upgrade from Pro S to the corresponding full version of Windows 10. (This ends the free upgrade for Windows 10 S so far.)
How Has Windows 10 S Fared So Far?
In his other story, “Windows 10 S is Dead, Long Live S Mode” Thurrot provides info about 10 S upgrades. He shares MS’s stats on how many users stick with this OS version, how many upgrade, and how quickly. Apparently, 60% of buyers stick with 10 S. Of the 40% who upgrade to Windows 10 Pro, 60% make the switch within 24 hours of purchase. Of those who don’t switch in the first week, 83% stick with the stripped-down OS.
Education and Home users will be able to upgrade to Home for free. Pro users must pay the aforementioned $49 to switch. Surprisingly MS indicates that AV/Security apps will be present in S mode. It’s still not clear if this means Defender only, or if third-parties will be allowed to ply their wares in UWP form. Lots of hoopla has already emerged about this possibility because of Microsoft’s prior position that such software isn’t needed on the carefully crafted, tightly controlled S version for Windows 10. We’ll see: this could get interesting!
I’m still of the opinion that Windows 10 S mode is Microsoft’s strategy for fully commoditizing Windows. The stripped down version seriously supports automated image construction, deployment, maintenance, and management. Look for it to descend from the cloud onto (many, but not all) desktops everywhere. Or maybe not. We’ll have to see about that, too.
[Shout-out to fellow Windows Insider MVP and TenForums.com Administrator Shawn Brink, whose news post ‘Windows 10 S’ is now ‘Windows 10 Now with S Mode’ brought this story to my attention. Thanks!]
I usually post my blogs on Mon-Wed-Fri. This week is a little different. Instead of blogging, writing and working as usual, I’ve been trying to get my Surface Pro 3 up and running. It seems it was belatedly bit by the firmware update for Spectre that MS released on January 5. Starting over the weekend, my machine got into a crash-loop with error code system_service_exception. Subsequent inspection using Nir Sofer’s BlueScreenView informed me that the faulting module was ntoskrnl.exe. Further online research pointed directly at the now-rebuffed firmware update issued in the wake of the Spectre and Meltdown disclosures that kicked off the New Year. Fortunately for me, a timely firmware update rescues Surface Pro 3 rescues my machine, too.
The Surface Pro 3 has its quirks, but it’s been a good hybrid tablet, all in all.
[Click image to see full-sized view. Source: Microsoft.]
How a Timely Firmware Update Rescues Surface Pro 3
I found myself in a sticky situation. Because the machine kept crashing so constantly, I could neither perform a repair nor a clean install of the affected OS. I was seriously contemplating a trip to the Microsoft Store and a possible repair charge. Then I decided to try the Windows Update MiniTool (WUMT). It’s faster than WU, and can often grab and handle updates when Windows Update itself cannot. Sure enough, it found a new firmware update (dated 1/24, also listed in this Micrososft SP3 download link).
Intel changed its mind about the firmware installs for Spectre and started advising IT pros and end users to avoid them about 10 days ago. Because I’d already updated the SP3, I’d wondered at the time if this might not turn around to bite me. For a while there, I thought I’d gotten away clean. But then, this weekend my party got crashed repeatedly as the SP3 started cratering every 10 to 15 minutes. When I finally saw the firmware update notification this afternoon, I finally saw a ray of sunshine and some promise of relief.
I’ve now gotten the firmware update installed, and am working on updating the OS to Build 17083. I’ll keep at it until I get it working once again. If I hit any other bumps in the road, I’ll update this post with further details. For once, I’m really glad I didn’t have to learn how to roll back the firmware update mistakenly applied to my Surface Pro 3. Who knew that such an update could ride to my rescue?
[Note added 7:07 PM] Turns out I had to perform a clean install of Build 17083 to get the Surface working properly again. The upgrade kept crashing, too. But after a disk wipe and a clean reinstall, I’m back in business. Now, I’m putting the tools and apps in place to make the machine completely mine again. And so it goes, here in WindowsLand…
How about that? According to Statcounter, the global population of Internet users now supports more Window 10 than 7 users. This is a major inflection point in the curve of adoption and use of Windows versions. It also represents a changing of the guard. Now, the prior reigning Windows 7 version is giving way to a new king, Windows 10. According to this source, the cutover actually occurred in early December. The graph lines for the two OSes overlap or nearly coincide for much of December. Right now, though, it’s clear which way things are going. Here’s what the graph looks like, as we see that indeed the Windows 10 count finally exceeds Windows 7
Looks like the lines crossed at the outset of December, but they’re diverging slowly for now.
[Click image for full-sized view. Source: Statcounter]
So Windows 10 Count Finally Exceeds Windows 7, Now What?
Windows 10 released on July 29, 2015, though I started using it in October 2014 when the first Technical Preview came out. That means it’s been around for 30-39 months, depending on how you want to measure things. With the user bases for both Windows 7 and 10 at around 600M each, that puts annual growth rates for Windows 10 in a range of 15.4 to 20M per month since those possible start dates. At that rate of growth, assuming that what 10 gains 7 loses, it would take another 2.5 years for Win7 to “go away” completely.
Of course, the same graph tells us that old OSes don’t really ever die. They just wither away, but not completely. And in fact, XP still trumps Win8 and Vista so it’s equally obvious that popularity and perceived usability matter more than age to users. What will be interesting is to watch the slope of the decline for Windows 7 and the growth of Windows 10. I can easily image that both will steepen, but only time will tell.
FWIW, analytics.usa.gov has shown Win10 ahead of Win7 for some time now (at least since early 2017). But that’s a primarily US-oriented site, with nearly 90% of all users originating from within the country. The Statcounter numbers are global, and reflect the Internet writ large. NetMarketShare still shows Windows 10 lagging around 16% apart from one another, with 7 at 44.81% and 10 at 28.19%. The actual gap is 16.62%, which translates into a ratio of around 1.6 7 users for every single 10 user. I’ve long been skeptical about NMS numbers, and this disparity does nothing to reverse that feeling.
There’s a New Desktop Boss
It is pretty clear that Windows 10 is taking over. I expect that means we’ll see business adoptions accelerate going forward, with Windows 7 end of life (end of extended) support set at January 14, 2020.
This special issue of Access highlights end-user computing projects that took unique approaches to tackling challenges around desktop and application delivery. We recognize two organizations for their innovative initiatives that improved productivity for end users and simplified administration for IT teams.
Please join me in congratulating the winners of the Access Innovation Awards:
The University of Arkansas‘ use of Dell EMC‘s infrastructure hardware and software services, as well as thin clients and VMware’s VDI software, which allowed the school to reduce IT’s management workload. End users saw benefits of greater flexibility regarding access to their applications and better support for graphics-intensive apps and processing on Windows 10 machines.
Informa‘s deployment of Liquidware monitoring software, which made possible the company’s migration from physical and virtual desktops to cloud-hosted desktops from Amazon WorkSpaces. The project challenged the common notion that desktop as a service is only for desktop deployments done from scratch.
These award-winning projects demonstrate how organizations that embrace endpoint diversity, cloud computing and user experience-focused strategies can transform existing end-user processes. By taking advantage of cutting-edge technologies and finessing different products to work well together, they’ve shown their innovation. All organizations can take a page out of these companies’ books to get ahead in the age of digital transformation.
This post originally appeared in the January 2018 issue of the Access e-zine.
In an ongoing saga of reboot and instability issues, MS jumps into Spectre updates with a new patch, KB4078130. It’s available only from the Microsoft Update Catalog. Download and apply it only on systems that have gone wonky since the patching started at or around January 3. (KB4056892 applies to my production desktop, but KB numbers vary by CPU type and x86/x64 OS variants.) Speculation is rife that MS issues Spectre reversal update seeks to mitigate Intel’s still-missing second round of microcode fixes.
CYA Explains Why MS Issues Spectre Reversal Update
Windows Support unleashed a new web page on Friday, January 26 to explain its actions. It’s entitled “Update to Disable Mitigation against Spectre, Variant 2.” The specific vulnerability involved is CVE 2017-5715 (requires microcode update for full enablement). However, this Support Note states:
As of January 25, there are no known reports to indicate that this Spectre variant 2 (CVE 2017-5715 ) has been used to attack customers. We recommend Windows customers, when appropriate, reenable the mitigation against CVE-2017-5715 when Intel reports that this unpredictable system behavior has been resolved for your device.
What This Means For Security Maintenance
Yes, the vulnerability is best if not patched — at least, on PCs where it causes problems. For example, I have microcode fixes already installed on two systems right now. On one — a Dell Venue Pro 11 7130 (Haswell i5-4210Y CPU) — I yank the battery to reboot properly. On the other — the Surface Pro 3 (Haswell i7-4650U CPU) — I’ve experienced no issues whatsoever.
Neither system shows stablility issues, or serious reboot problems. Thus, those microcode fixes (and the related MS update KB4056892) can stay. But for those PCs adversely affected, admins might want to go ahead and apply KB4078130. Or, they might want to exercise an available registry option instead…
Exercising the Registry Option
As it happens, there’s another MS support note available to guide IT pros seeking for protection against so-called “speculative execution side-channel vulneratibilities.” (That’s the type of vulnerability that applies to Spectre and Meltdown.) That’s KB4073119, and it outlines PowerShell scripts to check vulnerability protections, and registry tweaks to enable or disable them. Or, you can download and use the afore-linked Catalog update instead, which MS claims will restore affected systems to stable operation. Your call.
When creating a generic image for Windows deployment, it may be desirable to skip over the product key when preparing that image. This is usually handled through the agency of an unattend.xml file. This happens during the Specialize pass for Windows setup configuration, according to the Microsoft docs. And, as it turns out, one can’t actually skip product key when sysprepping Win10. Instead, one can supply a generic product key for the version of Win10 installed. The following table includes generic RTM keys for all major versions of Windows 10 except for Education. (There’s also a list of generic KMS [key management service] keys that does include education available online.)
When it comes to checking Win10 keys, ShowKeyPlus is a great tool to use.
Generic Keys Allow Skip Product Key When Sysprepping Win10
|Generic Win10 RTM Keys|
|Windows 10 Home||TX9XD-98N7V-6WMQ6-BX7FG-H8Q99|
|Windows 10 Home (Single Language)||7HNRX-D7KGG-3K4RQ-4WPJ4-YTDFH|
|Windows 10 Pro||VK7JG-NPHTM-C97JM-9MPGT-3V66T|
|Windows 10 Enterprise||NPPR9-FWDCX-D2C8J-H872K-2YT43|
Feel free to use these keys, but understand they are good for one thing, and one thing only. They will get a Windows 10 installation through to completion. But the install won’t activate until a valid key is provided to replace a generic one. This is purely a “trick” to help IT pros and power users create customized Windows 10 images for deployment, so they can then either supply a valid key or use an existing digital entitlement on their target machine(s) to create a valid, licensed OS installation after the fact.
What About the KMS Keys?
Indeed, as I pointed out in the first paragraph of this post, one can find a larger set of generic KMS keys for Windows 10. These include entries for Windows N (no Internet Explorer, nor other add-ins users can opt out of in the EU and elsewhere) as well as Education. I haven’t tried them out myself, though, so I don’t know if they’ll work in environments where a KMS server is absent. You can find that full list at mmo-champion.com in the thread entitled “Windows 10 Generic Product Keys,” if you’d like to give them a try. If you do try them out, please post a comment here to let me (and others) know how it turned out.