Though there were a few rarified hiccups in last month’s batch of patches from Microsoft, most users are good to go to install them.<\/b>
\nSome people can\u2019t wait for a new version of Windows 10. They sign up for insider editions and eagerly watch for the next release. I\u2019m exactly the opposite of that. The major update that I warned about last month was KB4535680, which was offered up to Windows Server 2012 x64-bit; Windows Server 2012 R2 x64-bit; Windows 8.1 x64-bit; Windows Server 2016 x64-bit; Windows Server 2019 x64-bit; Windows 10, version 1607 x64-bit; Windows 10; version 1803 x64-bit; Windows 10, version 1809 x64-bit; and Windows 10, version 1909 x64-bit systems. Specifically, for server admins that control patching on a HyperV server, I recommend you temporarily shut down the virtual machines hosted on that server before installing this update \u2014 or skip this one completely. Even if you are not a server administrator, you might see some issues with this update. In some cases, it may not be offered because it\u2019s being blocked by your original equipment manufacturer. In those cases, the OEM firm likely detected that your machine does not have the proper BIOS or firmware needed to support this Secure Boot update, and thus worked with Microsoft to defer it. In some instances, it was offered to systems that don\u2019t support secure boot, as Gunther Born noted on his blog. In that case, I recommend skipping this update. On other Windows 8.1 systems, the update failed to install repeatedly, with an error message pointing to issues with the OEM partition. In an answers forum posting, several users indicated that they couldn\u2019t install the update. If you are in the same boat on the older platform like Windows 8.1, I would strongly suggest using this Windows update technique to hide the update. Some patchers were prompted for a Bitlocker recovery key \u2014 even though they didn\u2019t remember enabling Bitlocker on their computer. In that case, they may find that the system automatically saved the Bitlocker key under their Microsoft account. If it\u2019s not there, there\u2019s no easy way to recover a system and they face a rebuild. While these issues are not widespread, the risk of an attack on home users is low enough that I\u2019m OK recommending you hide this update on older platforms. On Windows 10, the only way to hide it is with third-party tools or by using the Microsoft driver-hiding tool such as wushowhide. This is one reason I always recommend you have a backup before installing updates. Not only does it protect you from ransomware, it ensures that you can recover from any issue. In cases where I installed the January updates on hardware running Windows 10 20H2 and 2004, I found that several computers needed a second reboot to show the update was properly installed. So don\u2019t worry if your systems need a second reboot. If you\u2019ve already installed KB4535680, you don\u2019t need to uninstall it; no side effects have shown up once the patch is installed. Recently, an NTFS data corruption bug has been in the headlines. Microsoft plans to fix the bug, which makes Windows think it needs to fix drive corruption when you inadvertently click on a triggering file. Independent researchers have come up with a tool to protect systems from this bug. As noted on the site attackerkb.com, \u201cThe disk is not actually corrupted. If you try to access files on the disk, you can still interact with them and do things normally without any issues. Windows just somehow thinks that the disk is corrupted, even though it isn\u2019t.\u201d I recommend you take no action for now or use the workaround tool. I haven\u2019t seen the NTFS bug attack used in the wild; it\u2019s safer to just be aware of the situation. (As a general rule, be careful when you click, download, or open attachments. Only open things you expect or can be sure aren\u2019t malicious.) One patch we haven\u2019t seen, and apparently won\u2019t see for a few weeks, is the one that removes Flash from systems. That update won\u2019t be mandatory until later this year. In the meantime, if you want to remove Flash, you can manually download KB4577586 from the Microsoft catalog site and install it. I have a how-to video that you can view on Youtube. (Adobe did start blocking Flash content from running in Flash Player on Jan.12.) Often, silent patches have the most impact on Windows. Microsoft\u2019s Edge and Google\u2019s Chrome browsers recently received updates that enable checking your saved passwords to make sure they aren\u2019t weak or have been included in password breaches. That said, I don\u2019t recommend saving passwords in your browser at all; instead, I recommend using a third-party password manager tool to save and track your long and strong passphrases. Remember to always add two-factor authentication whenever you can. Reminder: we are counting down the support window for Windows 10 1909. Windows 10 Home and Pro leave support on May 11. Included in the preview update for 1909 and in next month\u2019s update will be a notification that tells you when your device is close to this date. After May 11, your device will stop receiving important quality and security updates. (Windows 10 Enterprise and Education editions have an extra year before 1909 drops out of support.) If you are still running Windows 10 Pro version 1909, it\u2019s time to start planning to move to 2004 or 20H2. Need help updating or getting to 2004 or 20H2? We have you covered at askwoody.com.<\/p>\n