Third Tuesday of the month and it’s time for bug fixes and Monthly Rollup Previews, right?Well, no. May’s Third Tuesday brought a big bag of .Net Fram
Third Tuesday of the month and it’s time for bug fixes and Monthly Rollup Previews, right?
Well, no. May’s Third Tuesday brought a big bag of .Net Framework Previews, microcode patches for Win10 1803 and Server 2016, and a Win10 1803 upgrade nag, but no respite at all for the major problems introduced by this month’s earlier patches.
The .Net Framework Previews
Unless you’re testing your own .Net-based software to make sure it won’t explode next month, you don’t need to think about these. There’s the usual assortment of Previews for .Net Framework 2.0, 3.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 and 4.7.1 for all the usual versions of Windows and Server.
The Win10 1803 upgrade privacy warnings
This Windows update provides a notification of an improved privacy experience on upgrade to the Windows 10 April 2018 release
This update will be downloaded and installed automatically.
Microsoft’s description is vague and it is not clear right now what these updates do when they are installed. The most likely explanation is that they inform users about the improved privacy options during setup which Microsoft added to Windows 10 version 1803. Microsoft added two new switches to the privacy options during Windows 10 Setup: Find my device and improve inking & typing. Find my device uses the device’s location data to inform you where it is in case you misplaced it or in cases where it has been stolen. Improve inking & typing on the other hand defines whether inking and typing data is submitted to Microsoft. The description suggests that the update is not essential when it comes to the upgrade experience to Windows 10 version 1803 as it appears to add no fixes for existing issues.
Which leads me to believe that KB 4134660 and KB 4134661 are two more upgrade-begging patches that you neither need nor want. After the Get Windows 10 debacle, and the “oops” forced upgrades from 1703 to 1709, I want no part of it.
Spectre v2 microcode updates
As I noted on May 4, when Microsoft hurriedly released Win10 version 1803 at the end of last month, it forgot to include the Meltdown/Spectre fixes that are in Win10 1703 and 1709. With KB 4100347, it appears as if Microsoft has finally released the Spectre V2 microcode patches for Win10 1803 and Server 1803 — but only for Intel Kaby Lake, Coffee Lake, Broadwell, SkyLake, Haswell, Ivy Bridge and Sandy Bridge processors.
Of course, there are no known Spectre V2 attacks in the wild.
The strange Surface — HIDClass 4/26/2018 12:00:00 AM — 18.104.22.168 driver
I’ve seen reports from many people who say they’re getting this bizarre Surface driver update, even though they don’t run, or have, or even want a Surface. Günter Born has tracked it down on his Borncity blog:
Currently strange things are happening on Windows systems again. Windows Update suddenly offers users a ‘Surface – HIDClass 4/26/2018 12:00:00 AM – 22.214.171.124’ driver update. Surface device owners will accepting this update. But owners of normal Windows desktop devices are amazed at least, because what is this driver update for?
If you search the Internet for this device ID, you will find many websites that offer the driver for download. But that doesn’t get you anywhere. The best source is this GitHub address, which contains an extract from an .inf file.
; Driver for plug and play installations of USB Input Devices
; Copyright (c) Microsoft Corporation. All rights reserved.
Ends up that the “Surface — HIDClass” driver is for Microsoft USB keyboards. It has nothing to do with Surface.
Where are the Monthly Rollup Previews?
On the third Tuesday of the month, we’re traditionally treated to previews of the next month’s Win7 and 8.1 Monthly Rollups. Not so this month. Nobody seems to know why.
What about the big bugs introduced this month?
Redeeming social value: Microsoft now acknowledges the problems.
There’s no mention of the Win7/Server 2008R2 bug that clobbers network drivers. Worth noting: The 0patch organization has already released a fix for the VBScript 0day fixed in this month’s Win7 patch. You have to wonder why Microsoft hasn’t done something similar, if only as a stopgap.
The hunt for bugs — and solutions — continues on the AskWoody Lounge.