Formerly a Windows 10 exclusive, Microsoft today announced that Windows Defender Advanced Threat Protection (ATP) is coming to Windows 7 and Windows 8.1.

That was not to say that a older computer operating systems are set to gain total benefit of ATP, however. Microsoft says that it is the Endpoint Detection & Response (EDR) functionality which makes its method Windows 7 and 8.1 once this summer. This cloud-driven feature can be made available as a general preview in the year.

Microsoft notes that while one of the main reasons cited for upgrading to Windows 10 will probably be the improved security, discover that plenty of organizations that is still running slightly older os's. The company says the backporting of Windows Defender ATP to Windows 7 and 8.1 is known as a way to "help our customers get the best security possible en route to Windows 10 prior to a end of support for Windows 7 in January 2020."

Writing with the Windows blog, Microsoft says:

For Windows 7 and Windows 8.1, we have become building a behavioral based EDR means to fix give security teams rich insights into threats for their endpoints. All detections and events are surfaced in Windows Defender Security Center, the cloud-based console for Windows Defender ATP. Security teams really benefit correlated alerts for known and unknown adversaries, additional threat intelligence, and also a detailed machine timeline for added investigations and manual response options.

Although this solution can run side-by-side with third-party antivirus solutions, advertising and marketing together with Windows Defender Antivirus (sometimes known as System Center Endpoint Protection (SCEP) for down-level). With Windows Defender Antivirus, security teams am able to see all malware detections and trigger response actions avoiding the spread of malware, inside same console.

The firm also states that it has been hiring its partners that may help Windows Defender ATP better detect threat not just to Windows, but you will also macOS, Linux, iOS, and Android devices.

Yahoo is making it a little easier for Google Drive users to collaborate in concert. According to a process of research from The Verge, Bing is tweaking the manner users can comment within Google's G Suite productivity tools.

To begin with, users are capable of comment on a specific Microsoft Office document or spreadsheet directly within a Google Drive file preview, wish it's been uploaded about the platform. It's no longer be recommended to even own Microsoft's productivity suite to carry such out. Furthermore, you cannot help but now be able reply with the comments at the same file preview once you get your "Reply" button, including quick corrections, notes or responses to collaborator comments.

This new a higher standard communication goes either way, meaning Microsoft Office users also won't need to open G Suite to check and response comments by collaborators working within Google's platform. Google says this emphasizes their deal with offering "interoperability between G Suite and Microsoft Office products."

This modification may seem small yet it could have a pretty significant impact on collaboration speed by simply removing two or three extra steps for the process.

These new collaboration-focused features will probably be rolling out today.

The hostile Get Windows 10 -- known as simply GWX -- push by Microsoft proved controversial world wide. Now the Finnish Consumer Authority has reached a blessing with the company that means the Windows-maker not force apps onto users.

The authority was unhappy with Microsoft besides for pushing the GWX app to computers without consent, particularly changing the style and design language employed in the UI. Inside the GWX app, clicking the X button didn't close the notification window as users might well have expected, but rather started fitting Windows 10.

The agreement within the Finnish Consumer Authority and Microsoft is a follower of an investigation straight into the GWX app which started funding 2016. The authority decided that Microsoft's actions contravened consumer protection laws in Finland. Furthermore, it determined of the fact that Get Windows 10 app could be direct advertising.

The authority was not only unhappy considering the fact that Microsoft changed the purpose of standard interface buttons from what users would expect, additionally it is that forced upgrades to Windows 10 were finished without notifying users. Microsoft argued that changing the Get Windows 10 app to somewhat of a "recommended update" had been communicated to users during a blog post, but lawyers of the authority said "a mention on a blog rrsn't sufficient."

Microsoft has agreed to no longer install apps on users' computers without their explicit consent, , too promising due to this cause change the function of buttons.

Inside the olden days, Microsoft's support plan for Windows and Office was simple. Each release had 6 years of mainstream support, that it received security updates, feature improvements, and stability fixes. That's followed by five more decades of extended support, when it received security updates only.

With Windows 10 and "Windows-as-a-service," that policy got all shaken up. Over the years of refining data, Microsoft settled on the on-going scheme. Mainstream Windows, Office, and Windows Server users tend to be the Semi-Annual Channel (SAC). They get two major servicing updates every 12 months, with each version named by using a two-digit year, two-digit month; today's version is 1709 so it was incorporated September 2017. Its successor might be built in March 2018, hence named 1803. Best man releases receives Eighteen months of security updates, as well as every Office SAC release is just supported on supported Windows SAC releases.

For organizations that can't or won't utilise the SAC, there is also a Long-Term Servicing Channel (LTSC). Windows, Office, and Windows Server LTSC releases are sold every a few years and acquire the traditional several years mainstream plus several extended support policy.

The Office LTSC and Windows Server LTSC releases are perpetually licensed. Windows 10 LTSC releases are exclusively for customers with volume licensing subscriptions. Office SAC and Windows Server SAC releases tend to be simply available to Office 365 and Software Assurance subscribers (respectively); Windows 10 SAC releases are for sale to both subscribers in addition to being perpetually licensed boxed products.

Microsoft is today announcing some modifications to this idea. The last three Windows SAC releases-versions 1709, 1703, and 1607-are receiving an extra a few of support. Microsoft says that, while the overall reception in the SAC policy is positive, companies are still having to work to ensure their internal systems and third-party dependencies are equipped to handle it. Giving these releases a handful of extra months of support, Microsoft assures us, will help to smooth that transition.

From January 14, 2020, Office ProPlus-the SAC type of Office that comes with most Office 365 subscriptions-will no longer be supported on any LTSC release of Windows 10, Windows Server 2016, or Windows 8.1 (or older; Windows 7 extended support leads to January 2020, so Office probably will not be supported on that operating system either). Have an effect on Windows Server 2016, in particular, will be significant for organizations that come with Office apps using Remote Desktop and VDI. Windows Server SAC may not offer the full desktop experience; that's accessible to LTSC releases. Microsoft promises new Remote Desktop and VDI capabilities for Windows 10 Enterprise and Windows Server that can help with this usage scenario.

The subsequent LTSC releases of Office and Windows 10 happen to be in the second a large part of this year, named Office 2019 and Windows 10 Enterprise LTSC 2018 respectively. Office 2019 will need Windows 10 SAC, Windows 10 LTSC 2018, or even next Windows Server LTSC release. They may be solely build up as a Click-to-Run installation package. The average MSI installer will not be offered.

Office 2019 won't, however, provde the usual five-plus-five support policy. Instead, its support lifecycle is tied to Office 2016; after 5yrs of mainstream support, it really is receive pair of years of extended support, with both Office 2016 and Office 2019 extended support ending on October 14, 2025. The corresponding server-side products including Exchange and SharePoint will be limited to five plus two support. Windows 10 Enterprise LTSC 2018 will keep the full five-plus-five policy.

Microsoft claims that this curtailed extended support will help migrating to Office 365 easier. Last year, the company said that-as of October 13, 2020-Office 365 services will only be supported on Office SAC or any type of Office LTSC that's still in mainstream support. That's in comparison to the situation presently, which is where Office 365 also supports versions of Office which are in extended support.

The company was canrrrt explain to us quite how shortening the extended support period might create migration to Office 365 easier, nor could it offer any particular rationale for tying the Office 2019 support period at the Office 2016 lifecycle; it's apparently just a coincidence the fact that two products lose support on the same day.

A more cynical reader might wonder if this signals the upcoming death for this LTSC releases entirely-though Microsoft insists to all of us that it does not have any plans to drop perpetual Office licenses-or in any case a move off the five-plus-five lifecycle. An organization that favors stability and perpetual licenses that deploys Windows 10 LTSC 2018 and Office 2019 will, in late 2025, be in the peculiar situation associated with desktop systems that remain supported for several more years, therefore no supported type of Office to actually carry them: Office 2019's support have expired, and Office 2022 normally takes the use of Windows 10 LTSC 2021. One wonders what these products are supposed to do for ones final a few years of their supported life.

Windows 10 was offered unengaged to all Windows users for the year after the new OS appeared located on the market. All users had to carry out was express an interest and their account might be flagged for Windows 10 activation. However many men and women didn't do that so when the offer ended there were still people running older versions of Windows.

However it emerged that Microsoft would will continue to offer Windows 10 upgrades to users who use assistive technologies - like screen readers - for your extended period. While the original upgrade for Windows 10 ended in July 29 2016, the assistive technology upgrade ran until December 31 2017. Consequently almost all on the free upgrade paths to Windows 10 are now closed. Although not entirely, as I'll detail shortly.

Many were surprised that the free upgrade persisted for so long, even though it required many customers tell a lie to plan advantage of it. There was no check the slightest bit to ensure users needed the free upgrade for assistive tech, so anyone was rrn a position to go on the website and download Windows 10 for free. Some wrestled considering the morality of this, while others just shrugged and got on with it.

The reality is that it's unlikely Microsoft cares much about individual users getting Windows 10 for free. For one thing, those users have never made up an especially significant portion of Microsoft's revenue. It's probably making more shoehorning copies of Candy Crush and Minecraft towards newer Windows 10 builds than it ever made selling upgrades. Within a past users have generally stuck aided by the OS that came with their PC, migrating to your new version of Windows only when they upgraded this machine.

For Microsoft, this presents problems. It must keep users flush with security updates, which means maintaining teams on Windows 7, 8 and in addition older versions. If the company will usually get everyone on Windows 10, then that problem goes away somewhat also it can formally end support for those OSes far quicker. The Windows 10 codebase is designed to last a long period of time, and Microsoft has previously said great a "Windows 11" as it's expecting they only have to keep updating Windows 10, that is designed to presumably just become "Windows" one day soon.

For all those users an upgrade to Windows 10 may even have been included with your laptop. Some companies offered a Windows 8.1 install on new laptops, but accompanied by a key which was valid to become used on Windows 10. And indeed, it turns out that numerous older Windows product keys tend to be used to activate Windows 10. I've had just slightly play with this and have another article which details what's going on and the way to take advantage of it.

I suspect that very of the people who want Windows 10 will have it by now. If you require it and don't have it then all isn't really lost. But realistically a good number of the current users who seem to be on older versions of Windows are holding back since don't like without needing moving to Windows 10, rather then being concerned in regard to the cost of doing so.

Located on the heels of the Jan. 17 release of 14 Windows and .NET patches, we now end up with a huge crop of new patches, revised older patches, warnings about bugs, and a bewildered ecosystem of Microsoft customers who can't figure out what while in the blue blazes is going on.

Let's step into the, uh, offerings on Jan. 18.
Windows 10 patches

Win10 Fall Creators Update version 1709 - Cumulative update KB 4073291 brings the Meltdown/Spectre patches to 32-bit machines. What, you thought 32-bit machines already had Meltdown/Spectre patches? Silly mortal. Microsoft's Security Advisory ADV180002 has got dirty details during the fine print, point 7:

Q: Relating to an x86 architecture and also the PowerShell Verification output indicates that I am not fully protected of those speculative execution side-channel vulnerabilities. Will Microsoft provide complete protections from the future?

A: Addressing a hardware vulnerability having software update presents significant challenges and mitigations for older operating systems that require extensive architectural changes. The existing 32 bit update packages listed in the advisory fully address CVE-2017-5753 and CVE-2017-5715, but fail to provide protections for CVE-2017-5754 at this time. Microsoft is continuing to work with affected chip manufacturers and investigate the optimal way to provide mitigations for x86 customers, that will be provided in a future update.

It appears as if the is the first 32-bit version of Windows containing a patch to your Meltdown vulnerability. Surprise.

Like most of the patches I talked about yesterday, this one is available only through the entire Update Catalog - it won't be pushed onto your machine.

Win10 Fall ("November") Update version 1511 (Enterprise/Education only) - The cumulative update KB 4075200 continues within illustrious tradition of the 1703 and 1607 updates I discussed yesterday. It's the second cumulative update for 1511 so far this month. This patch "addresses [an] issue where some customers with AMD devices get into an unbootable state." Like all among the Meltdown/Spectre patches, you need to use antivirus software that sets the correct registry key before KB 4075200 will install. KB 4075200 isn't being pushed out Windows Update; it's available only by manually downloading it via the Update Catalog.

Win10 RTM ("Initial version") version 1507 (Enterprise LTSC) - Cumulative update KB 4075199. Same story as 1511 above.

Win8.1 - Microsoft officially acknowledged what we've suspected - that it released two versions of the company's Win8.1 Security-only update, KB 4056898: one on Jan. 3 plus the other on Jan. 5. Except the warning's buried in Security Advisory ADV180002:

On January 5, 2018, Microsoft re-released KB4056898 (Security Only) for Windows 8.1 and Windows Server 2012 R2 to address a known issue. Customers who had installed the original package on 1/3/2018 should reinstall the update.

I warned you within the switcheroo back on Jan. 10. Now we've found official acknowledgment, but still no description of a "known issue." The KB article still doesn't acknowledge, or describe, the swicheroo.
Some Windows Meltdown/Spectre patches on AMD resume

According to Catalin Cimpanu at Bleepingcomputer, Microsoft has started pushing five in the patches that it pulled while they bricked AMD machines. Details are sketchy at this point, but Cimpanu says Microsoft has started pushing all these patches onto AMD machines:

Win10 1709: Cumulative Update KB 4056892 (for 64-bit machines only; see above about 32-bit)
Win8.1: Monthly Rollup KB 4056895 and Security-only KB 4056898
Win7: Monthly Rollup KB 4056894 and Security-only KB 4056897

But, per Cimpanu, these patches are still being withheld from AMD machines:

Win10 1703: Cumulative Update KB 4056891
Win10 1607: Cumulative Update KB 4056890
Win10 1511 (Enterprise/Education only): KB 4056888
Win10 1507 (Enterprise LTSC): KB 4056893

As best I can tell, there happen to be no changes made to any among the five patches that are now going out to AMD machines. It's not whatever clear - and Microsoft certainly hasn't said anything - why these patches are going out now, as well as how they fixed the manifest problems with earlier version.

Naturally, we haven't received any answer to last week's question: Microsoft reinstates Meltdown/Spectre patches for some AMD processors - but which ones?

Trust us. We're from Microsoft, and we're here for you to.
Semantec Endpoint Protection conflict

I found out more towards the "Unbootable state for AMD devices" patches that I discussed yesterday. We still don't have any official answers for your chicken-and-egg nature of a patch specifically issued for machines which have already been bricked by an earlier patch. It still isn't clear if, after unbricking your machine and installing the new patch, make sure you re-install the old patch.

But one bit of enlightenment appeared yesterday on, very little Microsoft site, but for the Symantec Endpoint Protection site. It goes without saying. It seems Symantec Endpoint Protection has been suffering in the tray icon bug brought on by Microsoft's Jan. 3 patches. Symantec issued a hotfix to clear the dilemma, but that's been pulled?- because Microsoft fixed the bug.

As per Symantec, the tray icon bug - introduced by Microsoft on Jan. 3 - has been fixed in:

Win10 1709 - KB 4073290 - the "Unbootable state for AMD devices" patch
Win10 1703 - KB4057144 - the second Cumulative Update this month
Win10 1607/Server 2016 - KB4057142 - the second Cumulative Update this month
Win8.1/Server 2012 R2 ¡§C KB4057401 - the preview for next month's Monthly Rollup
Server 2012 - KB 4057402 - the preview for next month's Monthly Rollup

More .NET funnies

Having said that the barely documented fun 'n games don't end there.

Yesterday, Microsoft changed its documentation for these .NET patches:

Win7 .NET 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 and 4.7.1 - KB 4055532 has been re-released to fix the font problems from Jan. 17. @MrBrian notes on AskWoody:

The files ndp47-kb4074880-x64[?-].exe and ndp47-kb4074880-x86[?-].exe currently within catalog for KB4055532 (January 2018 .NET Framework monthly rollup for Windows 7) have got a digital signature of January 11, 2018, which happens to be newer than the original release date. Also, however I installed the January 2018 .NET Framework monthly rollup for Windows 7 on Monday (I have got .NET Framework 4.7), it is being offered again in Windows Update (it's ticked).

Win7 .NET 4.6, 4.6.1, 4.6.2, 4.7 and 4.7.1 - KB 4074880 now says it replaces KB 4055002 for carrying care of the font problems for the earlier rollup. But note should you install KB 4074880 to fix 4.7.1, you still wish to install the earlier update, KB 4054856.
Server 2008 SP2 .NET 4.6 - KB 4055002 now says it applies only to Server 2008 SP2.

Deep within a Revisions list of CVE-2018-0764, there's an explanation:

To address a regression issue after installing security update 4055002, Microsoft has released security update 4074880 for Microsoft .NET 4.6/4.6.1/4.6.2/4.7/4.7.1 installed on supported editions of Windows 7 and Windows Server 2008 R2. Customers who might possibly have already installed KB4055002 should install KB4074880 grow to be protected from this vulnerability.

If you're keeping a January patch scorecard, it's official. Your collection of scorecards now need an index.
The steaming pile deepens

This month's patches aren't all about Meltdown and Spectre. Even our good old friend Word has joined the now well-worn "oops we did it again" chorus line. Remember earlier this month when Microsoft fixed the Office Online Server security hole CVE-2018-0792? Yeah, me neither, but on Jan. 9, Microsoft rolled out patch KB 4011021.

Except, well, it didn't install on some machines. No explanation why. Instead, we get this posted nine days later:

To address a known issue with installing security update 4011021, Microsoft is announcing the availability of security update 4011022 getting replacement. Customers who experienced problems installing 4011021 should install 4011022.

And in order to put icing upon your buggy patching cake, there's a reported bug around the KB 4011626 update for Outlook 2016. Microsoft has acknowledged definitely part of the dilemma:

After you install this security update, attachments are removed anytime you forward plain text emails. To work around this issue, save the attachments locally, reattach, and send the email.

But needless to say there's no fix. I see continuing discussions over the Microsoft TechNet forum basically Reddit.
Advice

With (hundreds of?) thousands of PCs bricked by bad patches this month and (hundreds of?) millions of Windows customers bewildered through the avalanche of patches - we've seen bucketloads of patches on Jan. 3, 4, 8, 9, 11, 12, 17 and now Jan. 18 - it's essential to wonder when rrt is going to all straighten out. Best I can tell you requires you to turn off Automatic Update, and wait for some semblance of sanity to return.