Windows – Born's Tech and Windows World

win7 [German]Also, the developers of the Vivaldi browser have presented their plans, for Windows 7 SP1. This operating system will be supported by the browser at least until mid 2021.

End of support for Windows 7

On 14.1.2020 Windows 7 received security updates for the last time in Extended Support. Microsoft has ended its 10-year support for the operating system. Only corporate customers have the possibility to obtain security updates until January 2023 via the paid ESU program.

This end of support also means that software vendors will gradually phase out support for Windows 7 beginning January 14, 2020. Many programs will continue to run on Windows 7, but browsers and e-mail clients might eventually become risky to use when there are no more updates. At the latest when a browser that is no longer updated no longer provides support for required web standards, the software can’t be used anymore.

Chrome, Edge, and now Vivaldi

After Google had already promised for the Chrome browser that it would support Windows 7 until at least mid 2021 (see Chrome support for Windows 7 until at least mid 2021), Microsoft developers probably have similar plans (see Microsoft Chromium-Edge released). However, I expect that the Chromium Edge could be supported until January 2023 if a sufficiently large user base for Windows 7 remains.

Now Softpedia reports here that the Vivaldi developers have followed up with a similar statement. Vivaldi states that it will continue to update the Windows 7 version of its browser at least until July 2021. What will happen after that is something you have to see. (Thanks to EP for the tip).

[German]On January 16, 2020, Microsoft released the Windows 10 Insider Preview Build 19546for insiders in the Fast Ring. Here is some information about it.

Microsoft lists the changes and new features of this build in the Windows Blog.

New: Graphic mode of the Windows Calc

Windows calc has received a preview of the new graphics mode. Such graphics functions are also useful for students in linear algebra. Here is a screenshot of such a preview.

In the Windows Blog you can find more information about the features of the graphic preview in the Windows calculator.

Introduction to the Indexer Diagnostics App

The Indexer Diagnostic App is now available in beta version via the Microsoft Store. It has been created to help you better understand the search features and to improve troubleshooting and support for common Windows search problems

On the Windows Blog, Microsoft lists some fixes in the Timeline, Outlook Search, Task Viewer, etc. There are also references to known issues.

[German]The CyptoAPI vulnerability CVE-2020-0601 in Windows has several proof of concept exploits and is likely to be actively attacked soon. Chrome introduces a check in the browser and there is a test page for this vulnerability.

What is CVE-2020-0601

As a reminder, there is a spoofing vulnerability CVE-2020-0601 in the Crypt32.dll library (CryptoAPI) that could be exploited by an attacker. An attacker could use a spoofed code-signing certificate to sign a malicious executable file without Windows knowing about it.

A successful exploit could also allow the attacker to perform man-in-the-middle attacks and decrypt confidential information about user connections to the affected software. I had a blog post Windows: Is a critical cryptography patch coming today? about that. Microsoft also published this blog post on 1-14-2020.

Microsoft states that Windows 10, Windows Server 2016 and 2019 are affected and has provided cumulative updates to close the vulnerability (see CVE-2020-0601 and my blog post Patchday Windows 10-Updates (December 10, 2019)).

Proof of Concept Exploits are public

The recently discovered vulnerability in Windows, CVE-2020-0601, is of course a natural target for cyber criminals. They could break encrypted HTTPS connections through man-in-the-middle attacks and read the information. In the meantime, security researchers have developed and partially published proof of concept (PoC) code examples that exploit this vulnerability.

Security expert Saleem Rashid has created a proof of concept code to spoof TLS certificates. This makes it possible to set up a fake website that looks like a website secured by legitimate certificates. Rashid has not released the exploit code to prevent bad guys from using it in the wild.
Swiss cyber security company Kudelski Security has released a working exploit for the vulnerability on GitHub.
Danish security researcher Ollypwn also released an exploit for the CurveBall vulnerability.

The site securityaffairs.co reports in this article about this exploit of the security researchers. Also Bleeping Computer has also covered the issue in this article. It’s recommended that administrators patch Windows systems immediately.

A test page for the crypto vulnerability

Through a tweet from security researcher Kevin Beaumont I came across an interesting website.

It doesn’t work at all on Firefox, even if using vulnerable OS, as they validate certificate correctly. The Chrome team could add extra validation for this btw, for people who don’t patch.

— Kevin Beaumont (@GossiTheDog) January 16, 2020

If you visit the website chainoffools.wouaib.ch, you should receive the certificate error shown in the tweet or below as a warning.

chainoffools.wouaib.ch Zertifikate-Crypto-Test

If the above warning does not appear, the system should be patched because the fake certificate of the test page is apparently not recognized. With Firefox, however, the test is useless because the browser performs a separate validation internally. Thus the certificate warning appears, although the CryptoAPI error may be unpatched.

I have tested it on Windows 10 in Edge. There the warning is displayed, but the system was also patched. However, the display with the warning also appeared when the system was unpatched. So I’m not sure how accurate the test really is. You may want to test it and report here.

Chrome gets check for CryptoAPI errors

In the responses to the above tweet, Kevin Beaumont points out that the Chrome browser may get a check for the Crypto API vulnerability.

Google Chrome Adds Protection for NSA’s Windows CryptoAPI Flaw – by @LawrenceAbrams https://t.co/kRx7h24E1E

— BleepingComputer (@BleepinComputer) January 16, 2020

Then I came across the above tweet from Bleeping Computer. Google has just released Chrome 79.0.3945.130, which now detects certificates attempting to exploit the CVE-2020-0601 CryptoAPI Windows vulnerability discovered by the NSA.

[German]Microsoft has issued a security advisory for a 0-day vulnerability in Internet Explorer as of January 17, 2020, which affects virtually all versions of Windows (because Internet Explorer is the browser that is present in those versions). There is an issue in the JScript part that could be exploited to remotely execute code. Here is some information, including how to work around it.

Internet Explorer 0-Day vulnerability

On January 17, 2021, Microsoft issued a security warning about a zero-day vulnerability in Internet Explorer for which no patch is available. According to Catalin Cimpanu, the Chinese security provider Qihoo 360 had briefly tweeted this on Twitter last week, but deleted the tweet again. Here is the security message from Microsoft:

**************************************************************
Title: Microsoft Security Advisory Notification
Issued: January 17, 2020
**************************************************************
Security Advisories Released or Updated on January 17, 2020
=================================================

* Microsoft Security Advisory ADV200001

– ADV200001 | Microsoft Guidance on Scripting Engine Memory Corruption Vulnerability
– Reason for Revision: Information published.
– Originally posted: January 17, 2020
– Updated: N/A
– Version: 1.0

There is a memory corruption vulnerability in the scripting engine that is also used by Internet Explorer.

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

When objects are executed by the Scripting Engine in Internet Explorer, a memory corruption may occur.

RCE code execution possible

The vulnerability could cause memory corruption that could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability could allow remote code execution (RCE).

However, an attacker who successfully exploited the vulnerability could be granted only the same user rights as the current user. However, if the current user is logged on with administrative user rights, the attacker is given the opportunity to possibly take control of an affected system. An attacker could then install programs, display, change, or delete data, or create new accounts with full user rights.

The issue is that in a Web-based attack scenario, an attacker could host a specially crafted Web site that exploits the vulnerability by using Internet Explorer. The attacker could then try to trick a user into viewing the Web site (for example, by sending an e-mail that contains a link to the Web site).

Critical, but manageable

Microsoft classifies the vulnerability, which exists in all supported Windows systems, as critical. However, by default, Internet Explorer runs in Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, and Windows Server 2019 in a restricted mode that is called Advanced Security Configuration.

This security configuration uses a set of preconfigured settings in Internet Explorer that can reduce the likelihood that a user or administrator will download and run specially crafted Web content on a server. This is a mitigating factor for websites that you have not added to the Trusted Sites zone in Internet Explorer.

Workaround: disable JScript.dll if necessary

As a workaround, Microsoft suggests disabling access to the JScript.dll. For 32-bit systems, run the following commands in an administrative prompt.

    takeown /f %windir%\system32\jscript.dll
    cacls %windir%\system32\jscript.dll /E /P everyone:N

For 64-bit systems, execute the following commands in an administrative prompt.

    takeown /f %windir%\syswow64\jscript.dll
    cacls %windir%\syswow64\jscript.dll /E /P everyone:N
    takeown /f %windir%\system32\jscript.dll
    cacls %windir%\system32\jscript.dll /E /P everyone:N

As a result, access to the jscript.dll is blocked for every user and the vulnerability can no longer be exploited. The implementation of these steps results in reduced functionality for components or features that rely on jscript.dll. If you encounter problems that cause applications to stop running, the article contains instructions for releasing the DLL.

By default IE11, IE10 and IE9 use the Jscript9.dll file, which is not affected by this vulnerability. This vulnerability affects only certain Web sites that use Jscript as their script engine. For more details, see Microsoft’s ADV200001 article.

A small reminder about last week: Windows 10 Mobile version 1709 (the ‘latest version’) received its last security update on 10.12.2019. Microsoft had internally changed the documentation so that the support ends on January 14th, 2020. But after the date has passed, Windows 10 Mobile is finally out of support. Devices with this operating system still work, but they don’t get any more updates.

[German]Microsoft axes the Internet Explorer 11 for Windows 7 SP1 and declared the browser has reached ‘end of support’ for this operating system. This may be read now on the IE download pages.

As of January 14, 2020, Windows 7 SP1 has indeed dropped out of support (I reported here in the blog). At the same time, Microsoft Edge was also offered for Windows 7 SP1 as Final for download and installation (see links at the end of this article).

IE 11 download page reports EOL for Windows 7

Now Microsoft has pulled the plug for Internet Explorer 11 under Windows 7 SP1. Tero Alhonen has noticed that there is now an end-of-life announcement for IE 11 under Windows 7 SP1 from Microsoft. I saw it a few hours ago on Twitter.

Internet Explorer 11 is no longer supported on Windows 7. Instead, we recommend you install the new Microsoft Edge https://t.co/8NVG9eg67i pic.twitter.com/1J1PtCYBXG

— Tero Alhonen (@teroalhonen) January 19, 2020

The announcement can be found on the Internet Explorer download page if Windows 7 is selected as the operating system:

If you’re running Windows 7, the latest version of Internet Explorer that you can install is Internet Explorer 11. However, Internet Explorer 11 is no longer supported on Windows 7. Instead, we recommend you install the new Microsoft Edge. The new Microsoft Edge was built to bring you the best of the web, with more control and more privacy as you browse.

Microsoft recommends the Edge Browser at this point. Of course, IE 11 can still be downloaded from the relevant web page as an offline installation package.

Are there any updates for IE 11 in future?

Support for Internet Explorer 10 will expire at the end of January 2020, as updates for Internet Explorer 10 will end on January 31, 2020 (see End of Support for Microsoft Products in January 2020).

Of course Microsoft will continue to provide (cumulative) security updates for Internet Explorer 11. This browser is also included in Windows 8.1 and Windows 10, but in Windows 10 the patches are distributed via cumulative updates. And whether an IE 11 update for Windows 8.1 can be installed on Windows 7, we have to wait and see.

On the other hand, users of Windows 7 SP1 ESU program still need to receive security updates for Internet Explorer 11. It remains to be seen in February 2020 whether there will be separate updates that are required when installing Windows 7 SP1 Security-only updates.

It will be interesting to see whether the vulnerability described in the article Warning: 0-Day vulnerability in Internet Explorer (01/17/2020) will be patched broadly in IE 11, i.e. also for Windows 7 SP1? For home users who are still running Windows 7 SP1, I recommend that you uninstall Internet Explorer 11 and then use an alternative browser. But be warned: This could cause collateral damage, e.g. because certain Outlook functions are no longer usable (see Outlook Error: Operation – it’s a mess).

Windows 7 Extended Security Updates (ESU) requirements
Windows 7 Extended Security Update (ESU) program available
Windows 7 Extended Security Updates (ESU) program, price and source for SMEs
Windows 7: Buy and manage ESU licenses – Part 1
Windows 7: Preparing for ESU and license activation – Part 2

[German]Exciting prognosis, which has just fallen into my hands. Dean Hager, CEO of the software provider Jamf, has given some forecasts for innovations in 2020. One is that we will see a mass migration from Windows to macOS. I found this so interesting that I made a small blog post about it.

The “next big thing” is already waiting around the next corner. That’s nowhere more true than in the tech industry, where a look at the recent past is often enough to predict the future, says Dean Hager, CEO of software provider Jamf. In this news release (German), he looks at four developments in 2020, one of which I’ll pick out.

Windows 7 end of life forces users to macOS?

I had discussed it several times in articles here in the blog. On January 14, 2020, Microsoft ended the support of Windows 7 for the mass of users. Private people got to see this nag screen and an end of life notification recently.

(Windows 7 EOL-Nag-Screen, Source: Bleeping Computer)

There are no more security updates for the masses – only companies can still book the ESU program. Microsoft does offer extended security updates (ESU) until January 2023. But even with ESU there is no helpdesk support and no more regular bugfixes or patches. The price for the ESU program starts at about 70 Euro and doubles every year (see links at the end of this article).

Still millions of Windows 7 devices in use

Currently, however, there are still millions of devices running Windows 7. In the article Operating system/Windows Market Share (December 2019) I discussed the latest figures from netmarketshare.com. Windows dominates the desktop systems market with 86.84%, while macOS comes to 11.9%.

Betriebssystemverteilung Desktop 12-2019 (Operating system shares Desktop 12-2019, source: netmarketshare.com)

But Windows 7 still has a ‘market share’ of 26.64% on the desktop, while Windows 10 – chosen by Microsoft as its ‘natural successor’ – has 54.62%. Despite the end of support for Windows 7, one hardly sees a massive change of users from Windows 7 to Windows 10 in the above graph.

At the beginning of January 2020, the magazine Computerworld examined the topic and wrote that currently 417 million Windows 7 devices are still in use. They assume 29.7% Windows 7 PCs on 31 January 2020. Differs somewhat from the above figures, but the scale is correct.

A trend towards the Mac

Many companies have reduced their Windows PCs in response to the end of support, according to this announcement, and have already switched to Mac. Many more will follow in 2020. At insurance company Aegon , the number of Macs has increased by 104 percent in the last two years as employees have chosen to migrate to macOS rather than upgrade to Windows 10. Let me remind you of my German article IBM: Macs sind über ihre Lebenszeit 543 $ günstiger als Windows-PCs from 2016. At IBM, employees were free to choose between Windows PCs and Macs. There, IT made a cost advantage for the Mac world.

Currently, the proportion of Apple computers in companies around the world, according to this report, is growing rapidly due to employee voting programs. In fact, 72 percent of employees choose a Mac when they have a choice between a Mac and a PC. This is very good news for companies, the Jamf CEO said.

Recent studies by Jamf show that users, who can work on the job with their preferred device, are more productive, creative and cooperative. In addition, companies save between $243 and $543 per Mac compared to a PC in the long run (someone also read the IBM article I quoted above). In addition, 77 percent of employees say they are more likely to choose an employer or stay with a company if the employer gives them the choice of workstation. These are serious savings simply by offering a choice. All the more so if you also take into account things like the costs of employee turnover and the loss of company knowledge.

Companies that want to save money and retain top talent will continue to move to Mac in 2020 and beyond. That’s the forecast IDC is making. According to a recent study, corporate IT decision makers expect 13 percent of their current Windows 7 inventory to be replaced by MacBooks.

At this point it is important to note that Jamf is an Apple company – with Jamf Pro they offer an Apple device management solution that is used by system administrators to configure and automate IT administration tasks for macOS, iOS and tvOS devices. The product includes server and client software (“Agent”) that runs on iOS, macOS and tvOS devices. The Product includes server and client software (“Agent”) that runs on iOS, macOS, and tvOS devices. The above statements could be interpreted differently by an outsider. Anyway, I find it exciting and thought I’d put the information in my blog. Let’s see how it looks like in 2023.

Windows Update [German]Are there issues caused by updates from the last patchday (January 2020), when the file Crypt32.dll was patched. A reader sent me a question about this topic. He is using McAfee and SCCM in an enterprise environment. Currently McAfee seems to block the SCCM agent smsexec.exe from accessing an RSA key.

Background: The NSA vulnerability CVE-2020-0601

On the January 2020 patchday, the vulnerability CVE-2020-0601 discovered by the NSA and reported to Microsoft became public. As a reminder, there is a spoofing vulnerability CVE-2020-0601 in the Crypt32.dll library (CryptoAPI) that could be exploited by attackers. An attacker could use a spoofed code-signing certificate to sign a malicious executable file.

A successful exploit could also allow the attacker to perform man-in-the-middle attacks and decrypt confidential information about user connections to the affected software. I had reported on this issue in the blog post Windows: Is a critical cryptography patch coming today? as well as in the article Windows: PoC for CryptoAPI Bug CVE-2020-0601 are out. Microsoft also published this blog post on Jan 14, 2020.

A reader reported an issue

Today I received a mail from German blog reader Patrik D. asking if I know about issues with the patched Crypt32.dl. I will post his information here in the blog – maybe someone else is affected and can confirm this. Patrick wrote

After the patchday this morning, I noticed the following [event log entries] in interaction with SCCM and McAfee.

Event ID McAfee Endpoint Security from EventID=18060
NT AUTHORITY\SYSTEM ran smsexec.exe, which tried to access C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\
b173a4ca6eeb3a8529b5390fef6b81be_abb57870-155d-4625-9eb2-c73c0e888e7d, violating the rule “Malware Behavior : Windows EFS abuse”, and was blocked. For information about how to respond to this event, see KB85494. was raised.
Event Descritpion:
EventID=18060

If I look at the file, it is a Self Signed “SMS User Service” certificate. Since the Crypt32.dll has just been patched, this could be the reason. The cert itself is still valid.

Furthermore the same happens with another software. Have you already had any user notification? Anyway, we will escalate it to Premier-Support & McAfee.

I myself have not heard anything like that and the web does not know anything like that yet. But it looks like the agent smsexec.exe (SCCM Microsoft SMS Agent Host service) is prevented by McAfee from accessing a certificate. Anyone who uses the constellation of SCCM and patched Windows 10/server systems with McAfee enterprise solutions and can verify this?

[German]It seems that the cumulative update KB4528760 installation problems are caused by the cumulative update KB4528760 released on January 2020 patchday for Windows 10 version 1909. Some users may notice a termination of the installation, reporting the error 0x800F081F.

A reader message

A reader of a German computer magazine has send me a feedback, , where a concerned person asks me, if I know anything about the error 0x800F081F in update KB4528760.

The last update of Win 10 last week always ended with the error message:

Failed… KB ‪4528760‬ – Fehler 0x800f081f

After that I tried the previously downloaded msu for KB 4528760.

After that I repaired it with dism.exe and svf and again with the update function and then with the msu.

The same error!

I still have the version of Win 10 pro 1909, Build 18363.418 on my computer.

I have also read about the update error in English forums. But without a solution.

The reader asks if this can be confirmed and if the error is an exception. I myself had my test machine updated last week with Windows 10 November 2019 Update (Version 1909), because I wanted to see if the Edge is offered as an update. There was no error displayed during the update installation.

Hits within the Web

However, it is by no means the case that there is only one individual concerned in the form of the above reader. I did a quick search on the Internet.

In the German Microsoft Answers Forum there is this thread, where exactly this error is pointed out. I have followed the thread, there is no solution.
In the Spanish speaking Microsoft Answers forum there is this thread, where you can find this error, but with Windows 10 V1903. Since both Windows 10 variants get the same update, this is not surprising.
An English-speaking user describes the error code in connection with the update on reddit.com.

Currently I can’t give a solution, if foreign virus scanners are involved in this error is unclear.

What does the error code 0x800F081F mean?

Thanks to WaaS you would constantly have to extract some list of error codes for each build from the SDK to find out more about the error code. The error code 0x800F081F is therefore listed as unknown in the tools I use. However, I already mentioned the error code some time ago in the article Windows 10 V1903: Error 0x8024200D or 0x800F081F with update KB4512508.

The error code 0x800F081F stands for CBS_E_SOURCE_MISSING, i.e. the source files were not found. Some time ago I had discussed the error code in the German blog post Windows 10: dism-Reparatur erzeugt Fehler 0x800F081F. Furthermore, Microsoft has published a support article in connection with a .NET installation error. Microsoft provides the information that a file or folder, that is referenced by the update, cannot be found.

In such cases you will first try to repair the system or the component store (I mentioned this in the blog post Check and repair Windows system files and component store. Microsoft’s advice for Windows 10 users who have this problem is to use the Windows 10 installation media in question as the source for repair. Some advice can be found in this Microsoft article.

Fix: Try Inplace upgrade for repair

However, since most Windows 10 users don’t really get anywhere with these hints and the repair approaches described in the German article Windows 10: dism-Reparatur erzeugt Fehler 0x800F081F using sfc /scannow and dism don’t help. The only remaining repair is in Inplace Upgrade. This means: Lauch setup.exe of the appropriate Windows 10 installation medium from within a running Windows 10. This forces an installation of Windows 10 over the existing Windows, while data and programs are preserved. With this approach, however, missing features are installed subsequently, so that the update should be able to be installed afterwards. Maybe it helps.

Windows 10 V1703: Fix for DISM error 0x800F081F
Windows Update error 0x8024200D
Windows Update ends with error 0x800f0982 / 0x8024200d
Windows 10 V1903: Error 0x8024200D or 0x800F081F with update KB4512508.

[German]Regarding the January 2020 security updates for Windows Server 2008 R2, there are some reports that the machines go into recovery mode after that date.

There have been surprisingly few issues reports for the January 2020 patchday. Only Woody Leonhard noticed some reports of problems with Windows Server 2008 R2, which reached its support end on Jan 14, 2020.

Multiple reports of Server 2008 R2 systems rebooting to recovery mode after installing January patches. Not clear which patches, or the circumstances. Can you confirm? https://t.co/NF5ZBfwWRK

— Woody Leonhard (@AskWoody) January 20, 2020

They should boot into the Recover Mode after the update installation. Any of you here whose Windows Server 2008 R2 is affected?

[German]Users of a surface laptop from Microsoft seem to have been hidden recently again by an nasty issue. The device is shipped with Windows 10 S, but you can upgrade for free to Windows 10 – theoretically. This update have had been blocked due to a bug (which seems to be fixed now).

The Surface Laptop was introduced by Microsoft in May 2017 as a very secure environment, since only apps from the store can be installed and executed. Target group are pupils and students. The Microsoft device comes with Windows 10S, but can be upgraded to Windows 10 for free.

(Source: Twitter)

Whoever sets up or buys a Surface Laptop from scratch is first of all on Windows 10 S. However, users will then quickly want to switch to Windows 10 as a full version in order to be able to run Win32 applications. But that’s where the current problem was, as Windows Latest has noticed here. On Microsoft Answers there is this thread from January 19, 2020.

Cannot switch out of Windows 10 s mode

Just got a windows surface laptop refurbished. Has Windows 10s . Have tried all the options to switch out and still no luck.

Microsoft store lets me push the GET button but nothing happens. Trying anything around the command prompt is blocked because of S mode.

Microsoft store is latest version. All windows and store update done.

In the thread other users have confirmed the same problem. Meanwhile, a post dated January 20, 2020 says that this problem is now solved – Microsoft has fixed it (may have been fixed by an update). Users also confirm that. This case shows again how dependent people are on Microsoft doing their homework correctly.

[German]Microsoft has apparently once again broke its store for Windows 10 apps. The last days some people seem to have run into the error code 0x803F8001 when updating apps or accessing the store.

This usually passes me by as I don’t use the store and apps when I’m already running Windows 10. Barb Bowman just contacted me on Twitter and reported this issue.

pic.twitter.com/SM3ZEECbsN

— Barb Bowman (@barbbowman) January 21, 2020

The text indicates, that there was probably a massive disruption at the Microsoft Store so that people could not install or update apps. Barb Bowman had issues with all the apps she bought. It returned error 0x803F8001 on accesses. Either the message came to remove a device or it was claimed that the app was not available on the device. Yesterday in the late afternoon Microsoft seems to have solved the problem.

I then searched for something on the Internet. Barb Bowman was not an isolated incident. On January 19, 2020, this thread was opened in Microsoft Answers.

Error 0x803f8001 – App is no longer available in your account

Drawboard PDF is a paid app which I have owned and used for years on multiple devices. It suddenly stopped working yesterday, on two separate machines. I get an error that says Drawboad PDF is no longer available in your account with an error code Error 0x803f8001.

Devices (Surface Pro 4 and Lenovo Thinkpad X1 Yoga) are Windows 10 Pro and are up to date. I have reset the app, cleared the MS Store cache w/ WSReset.exe, and a few other things, but nothing works.

The app developer says this problem is a persistent Windows Store issue. Please advise on how to resolve.

His purchased app was gone from now on and could no longer be used. It was said that the app was no longer available under the account and the error code 0x803f8001 was displayed. There is a similar description in this MS Answers forum thread.

Microsoft Majong error code 0x803F8001

I have latest microsoft windows 10 updates on my PC and am getting saying Error Code 0x803F8001 saying “Not Available in your Account. In Microsoft Store it shows it is installed. Shut down pc and rebooted but still error.

Again, they claim that the app is not available in the account, while the Microsoft Store displayed a Mahjong app installed on the device. Other MS Answers forum threads here and here also reported the problem.

There are indeed articles on the Internet that promise a solution. But it only helps if the Windows 10 client is messed up (happens often enough). In the current case, however, Microsoft probably messed up the store infrastructure, so that any user interaction was for nothing. In the meantime, Microsoft has fixed the problem, according to Barb Bowman.

I don’t know if this was related to the problem described in the article Surface Laptop users trapped in Windows 10 S Mode. But what I do know is that I’ve been blogging about issues with apps and the store since 2012, when Windows 8 started with its App Store. So it’s another case that shows how depending app users are.

win7 [German]In another blog post I would like to discuss the activation of ESU licenses for Windows 7 SP1/Windows Server 2008/R2 support renewal in enterprise environments. Microsoft doesn’t offer a viable solution to this issue, but I have found a potentially better approach.

What we are talking about?

Here in the blog, I’ve spent a lot of time discussing support renewals for Windows 7 SP1 (and Server 2008/R2) as part of the Extended Security Updates (ESU) program (see links at the end of the article). Parts 1 and 2 of the article series dealt with the purchase and activation of ESU licenses for SMBs. However, the solution is only practicable for a handful of systems. In part 2 of the article series, German blog reader Shadena immediately asked for a solution to activate ESU within large enterprise environments:

interesting for me would be, how the ESU-Keys can be distributed on Windows 7 clients in large environments, if they can be set up on the domain’s own KMS server.

I myself am not active in this field, and could only refer to the the Microsoft ESU FAQ. And there is the Techcommunity article How to get Extended Security Updates for eligible Windows devices from October 2019, but it doesn’t reflect more than my second part of this article series. Not useful for enterprise environments with many Windows 7 systems where ESU should be activated.

You could create a batch solution with a few commands, which would relieve administrators of some manual effort. In part 2 I had mentioned this post where a script could be found (the batch program could be simplified, since the Activation-ID for all machines is fixed).

ActivationWs: The ESU MAK activation solution

Recently I came across a solution how to solve the problem of activating the ESU keys in enterprise environments, if the clients or servers do not have direct access to the Internet, or where the VAMT solution described by Microsoft is not applicable. Someone has developed a solution and published it as ActivationWs on GitHub.

The ActivationWs GitHub repository is a customizable solution for the distribution and activation of multiple activation keys (MAK). It consists of an ASP.NET web service and a PowerShell script to install and activate the MAK.

The developer of the solution writes that ActivationWs is designed for companies for whom deploying and activating their Extended Security Update (ESU) MAK key on many clients is a certain challenge. The ActivationWs repository offers administrators a “pull-based” activation solution. This eliminates the requirements of the VAMT approach mentioned above. This may reduce some of the obstacles that administrators must overcome when activating the product key.

(ESU activation, Source: GitHub)

The picture above shows the scheme of the activation process, including the ConfigMgr (from SCCM).

The PowerShell script Activate-Product.ps1 is deployed (for example, using ConfigMgr or another solution of choice) on the ESU-enabled device.
The script installs the MAK, and then queries the installation ID and product ID.
Then the script sends a SOAP request to the ActivationWs Web Service. The ActivationWs Web Service is installed on a host in the internal network of the company. The communication takes place via a freely selectable port (e.g. 80/443).
The Installation- and Product IDs are transferred to the Microsoft BatchActivation Service, which then returns the Confirmation ID to the ActivationWs Web Service. This service passes the Confirmation ID to the client that is to receive the ESU Activation.
The script stores the Confirmation ID and completes the activation.

The ActivationWs Web Service runs on IIS and requires the .NET Framework 4.6 and access to the Microsoft BatchActivation Service (https://activation.sls.microsoft.com). A proxy server can be specified in the web.config file if required. Activate-Product.ps1 requires Windows PowerShell v2.0 or later and must be running with administrator privileges.

See the GitHub page for some more information and a FAQ on how to use this solution. This comes without support, but it should be the solution for some administrators.

Article series
Windows 7: Buy and manage ESU licenses – Part 1
Windows 7: Preparing for ESU and license activation – Part 2
Windows 7: ESU Activation inEnterprise Environment – Part 3
Windows 7: ESU questions and more answers – Part 4

[German]Microsoft has reached another ‘milestone’ in the availability of the Windows 10 November 2019 update. The operating system is available to all Windows 10 users if they search for it in Windows Update.

I just got aware of this fact by this tweet from Windows Update (official Twitter channel of the Windows team).

[Windows Release Health Update – New Status] Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. More details here: https://t.co/P0DbWctIpu.

— Windows Update (@WindowsUpdate) January 21, 2020

On theWindows 10 version 1909 status page the following addition can be found , since January 21, 2020:

Current status as of January 21, 2019:

Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.

We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.

For information on how users running Windows 10, version 1903 can update to Windows 10, version 1909 in a new, streamlined way, see this post.

Windows 10, version 1909 is available to any user of a later version of Windows 10 who manually selects the “Check for Updates” option through Windows Update. This applies to the Windows 10 Semi-Annual channel.

Next rollout stage begins

At the same time Microsoft announces in the above status message the start of the next phase of the controlled Windows 10 Version 1909 rollout. Now a feature update will automatically initiate a feature update for a larger number of devices on which the update October 2018 (Windows 10, version 1809) Home and Pro Editions will run.

However, Microsoft notes that devices running Windows 10 version 1809 are still supported and will receive the monthly updates. Users may also delay installation of the feature updates in the update options by not selecting the download link for this update (see the following picture, and Windows 10 May 2019 Update brings back Update control).

(Feature updates in Windows 10 May 2019 Update, Source: Microsoft)

Only when the support period for the old Windows 10 version expires will a forced upgrade be performed. For Windows 10 version 1909, a simple upgrade is possible via Enablement Update (see Insides: Windows 10 19H2 development/deployment (V1909)).

[German]The PowerToy team is working on a tool called QuickLauncher for Windows 10, which shall allow apps and applications to launch faster on Windows 10 in future.

PowerToys were free programs under Windows 95/98, with which certain Windows features could be optimized or adapted. Inspired by the PowerToys project under Windows 95, some developers dared to restart. The intended was to give power users the ability to get more efficiency out of the Windows 10 shell and customize it for individual workflows. The announcement tool place at the beginning of May 2019 (Windows 10: PowerToys will come as Open Source). More information can be found in the articles linked at the end of this blog.

Windows 10 PowerToy Quick Launcher

A few hours ago I became aware of this project (which is currently an announcement) via the following tweet from Bleeping Computer

Windows 10 PowerToy Quick Launcher to Simplify Launching Apps – by @serghei https://t.co/JlZoiNXGn0

— BleepingComputer (@BleepinComputer) January 21, 2020

Microsoft program manager Jessica Yuwono presents the PowerLauncher and design considerations for this tool in a GitHub entry. “The PowerToys are targeted primarily at Windows power users, although it is available for users who want to use Windows in a more efficient and productive way,” writes Jessica Yuwono.

The PowerLauncher is designed to replace options already available for launching applications on the Windows platform. This includes third-party launchers such as Launchy, Listary, Executor and Wox, as well as built-in Windows options such as using the Win+R shortcut, Windows search using the Win+S shortcut and the search bar. Here is a screenshot with one of the options.

PowerLauncher der PowerToys
(Source: Microsoft)

PowerLauncher will be available for Windows 10 users only when it is released. The goal: It “should be faster than Start Menu/Win+S to display search results and launch applications”. Users should also be able to open PowerLauncher with Win+space, similar to how MacOS users can open Spotlight with CMD+Space. In addition, users should be able to override the Win+R or Win+S shortcut keys, allowing users to replace the default behavior of these key combinations in Windows. For details on the ideas, see the linked GitHub article and the Bleeping Computer article. It will probably take a few more days before the tool is released.

win7 [German]With the January 2020 patchday, Microsoft delivers again a botched update for Windows 7 SP1 users. Update KB4534310 destroys a centered background image so that only a black desktop appears. Here is some information about this.

The information about this issue has been since January 15, 2020, within my German blog as user comments to the article Patchday: Updates für Windows 7/8.1/Server (14. Januar 2020). But I’m preparing it here as a separate post (in English) so that it can be found in the search if necessary.

Windows 7 Update KB4534310

The Monthly Quality Rollup Update KB4534310 for Windows 7 SP1 and Windows Server 2008 R2 SP1 contains security fixes from October 2019, improvements, and various bug fixes. Microsoft only lists the following:

Security updates to the Microsoft Scripting Engine, Windows Input and Composition, Windows Storage and Filesystems, and Windows Server.

First reader feedback on Windows 7

Shortly after my blog post was published, blog reader Andreas B., who is using Windows 7 SP1 Starter, posted this comment: diesem Kommentar gemeldet:

Windows 7 (Starter) SP1: For me the update (Monthly Rollup, MSRT, Netframework) had a strange effect. Desktop wallpaper gone, desktop black. The miniature applications (clock and calendar) remained. Looks ugly! – With “Starter” (the smaller home version for netbooks) you can’t change the wallpaper, but none at all and only pitch black is not nice for long term …

The file C:\Users\[user name]\AppData\Local\Microsoft\Windows\Themes\Custom.theme
appears unchanged, but the default image entered there is no longer loaded, although it still exists. – The following Servicing Stack update I had not yet done.

In Windows 7 Starter a user can’t change the desktop background. Shortly after, user fre4kyC0de confirms this effect on Windows 7 Home Premium (x86), Pro (x64) and Ultimate (x64).

Cause and workarounds

A few hours after my blog post, and shortly after these two feedbacks, user RaBe contacted us with a workaround that provides an explanation:

No, nothing broken. Simply set the background image to “centered” once in the background image settings, then go back any way you like, done.

With the update KB4534310, Microsoft has simply broken the feature to center and stretch a background image on the desktop. User fre4kyC0de confirms this via the following comment.

In short, the “stretched” option is not functional. If this is selected, the desktop is black. All other options work. However, this does not always apply; while the standard background (original resolution 1920×1200) is scaled correctly, this is not the case with other images (original resolution 800×600 or 1600×1200; i.e. 4:3 in each case).

As a workaround, I now scale my backgrounds to my screen resolution using GIMP, then this should work for now. But this is not a nice solution.

German blog reader Andreas B. SH has posted a solution for his Windows 7 SP1 Starter in this comment (there the background image cannot be changed). But I found it interesting that German blog reader Dekre reports that the bug is already there on his systems since October 2019.

It’s silly that the support for Windows 7 SP1 will end on 14.1.2020. So there will probably be no fix from Microsoft for this problem, which will be distributed to the masses. Well, a background image is not vital (eats up resources unnecessarily anyway). But some people are bothered by the bug.

Final Windows 7 Update Breaks Desktop Wallpaper Functionality – by @LawrenceAbrams https://t.co/iQahR1vzvi

— BleepingComputer (@BleepinComputer) January 21, 2020

As I saw the night, my colleague Lawrence Abrams was still working on the topic at Bleeping Computer. He suggests to uninstall update KB4534310, make a screenshot of the desktop (then you have the right resolution), set it (works without stretching the background image) and then install update KB4534310 again. Works too, but what an effort.

[German]A short note for users of Windows 10 version 1809 who want to install the cumulative update KB4534273 I have just received some information that this causes installation errors on some machines and then a rollback is performed.

Update KB4534273 for Windows 10 Version 1809

The cumulative update KB4534273, dated January 14, 2020, is intended to fix the vulnerability described in the Windows Server: Vulnerability CVE-2020-0609 in Remote Desktop Gateway blog and includes further quality improvements:

Updates support for Google Chrome’s new cookie policies. Addresses an issue to support new SameSite cookie policies by default for release 80 of Google Chrome.
Updates to improve security when using input devices such as a mouse, keyboard, or stylus.
Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cryptography, Windows Virtualization, the Microsoft Scripting Engine, and Windows Server.

I introduced this update in the blog post Patchday Windows 10-Updates (December 10, 2019). Within my blogs I didn’t receive feedback about major issues, only minor bugs mentioned.

Boot hung after install with rollback

A few hours ago I was informed on Twitter about installation errors in connection with the update via the following tweet.

We are having massive issues with Cumulative #Windows10 Updates now three times in a row. ~2% of the Computers won´t boot up anymore. Just the “spinner” with Logo can be seen. After booting into Safe Mode it makes automatically an Update Rollback. @etguenni? W10 1809/#KB4534273

— Fu Weissinger (@FuWeissinger) January 22, 2020

On 2% of his machines the tipster gets massive installation problems. On three machines (he reports 2% of patched systems) Windows 10 V1809 refuses to boot after rebooting during the update installation. Only the logo with the spinning boot logo can be seen. The boot process must be aborted. If the administrator starts the Windows 10 machine in Safe Mode, an automatic rollback of the update installation is performed.

Affected are Windows 10 version 1809 clients with the SSU of December 2019 installed. Updates are distributed via ConfigMgr. The virus protection is Symantec (SEP) 14.0 and 14.2. According to Weissinger, the issue occurs mainly on notebooks.

Within this post from the Sysnative forum a user reports the installation error 0x800f0982. Error 0x800f0982 indicates that required components were probably not found (PSFX_E_MATCHING_COMPONENT_NOT_FOUND). I wrote something about this in the blog post Windows Update ends with error 0x800f0982 / 0x8024200d. At reddit.com there is this thread, where a similar error is described. On appuals, this article takes the whole thing up without offering a solution. Anyone else affected by this issue?

[German]It seems that the cumulative updates of December 2019 and January 2020 are again causing printing issues for some users. Suddenly, printers disappear or printing stops working.

I am bringing the issue back into focus through this blog post. The background: Some blog posts now serve as a kind of honeypot or seismometer for emerging problems. During the last weeks I could observe user comments reporting printer problems after installing updates.

Printing issues due to September 2019 update

In September 2019, many users discovered that there were still printing problems when installing the cumulative update KB4517211. In Windows 10 version 1903, the printer queue crashed after installing update KB4517211 and printing was no longer possible. Specifically, the spooler service for the printers crashed, causing the applications to no longer recognize printers. The affected person can restart the service – but it will crash again during printing.

Due to reader comments, I had briefly addressed the issues within the blog post Windows 10: Issues with Updates KB4522015, KB4522016 / KB4517211 (Sept. 2019). Later, I addressed this issue within the blog post Windows: Printer issues after Sept. 2019 Update confirmed, after Microsoft has confirmed that some Windows systems may have printer issues after the September 2019 updates. It is probably related to changes in the Windows printer interface as a result of the patch that affect V4 printer drivers. There is also a workaround in the blog post that V3 printer drivers can be installed to work around the problem.

However, in October 2019, Microsoft released a batch of fix updates to solve these printer problems (see Windows Updates fixes printer bug (Oct. 3, 2019)).

Interesting is the German comment here from October 2019, which observed printing issues and fixed them by re-registering the vbscript.dll and jscript.dll. If someone has applied the Microsoft workaround for the IE vulnerability (see Warning: 0-Day vulnerability in Internet Explorer (01/17/2020)), this would be one explanation why some printers are now having issues.

User reports on issues

Regarding the German blog post Windows: Printer issues after Sept. 2019 Update confirmed (and its English counterpart), I have received several comments in the following months. In December 2019, I received the following comment (I’ve translated the German comment here):

I am (still) using Windows 7 SP1. I have issues with printing since yesterday, after the December patchday. All previous updates never caused printing problems for me.

And a second comment (within this thread) from December reports Windows 10 printing issues with the 1909 version:

also printing problems with Windows 10 1909, computers are on a domain, network printers…
Printing from Word and PDFs does not work.

So the fix from September/October 2019 does not seem to work for all users.

Printer issues in January 2020

Reports of printing issues will continue in January 2020. There is something happening in particular in the comments related to the English blog post here. The comment here is from January 17, 2020:

Is there any solution to the “No printers installed” issue? This began for me after the KB4528760 update on 1/14/20. I had spooler errors before that, but was able to clear and restart the spooler to resolve it. I tried uninstalling the 8760 update, but it had no effect. I cannot access my printer connected via a wired network. I haven’t tried via USB yet. Does anyone have a solution? Microsoft support is less than useless.

There the user is informed that no printers are installed. He has been able to solve the issues with the printer spooler. But the WiFi printer is no longer responsive.

Canon drivers cause problems

In January 2020, the following German comment was made where a Canon all in one device cannot print, even though the drivers are installed correctly.

last friday (17.01.2020) my new multifunction device (all-in-one) from Canon arrived. In spite of a faultless installation of the device doesn’t print. Neither via Excel, nor Word, nor browser. They all end up in the spooler where it only says “Will be printed”. Only when you shut down the computers, the documents are printed.

I can’t find the updates KB4522016 and KB4517211, because I started the computer (W10 64 bit) on 05.01.2020. Could the error be in another update? My other (older) printers from HP, Brother and Dymo print immediately after sending the job.

The last comment (German) is from yesterday and refers to an old German article Druckerspoolerdienst defekt – Drucken geht nicht from 2011, which refers to a deactivated printer spooler service:

Windows 10 deactivates print spoolers.
I have already tried everything possible and nothing helped. Can anyone help me? I’m beginning to despair. Before, I had Windows 7 and my printer was working. Now with 10 not anymore. It is a Canon MX495. When I try to install the printer, the spooler pops out and the installation cannot be completed.

My guess is that the Canon printer drivers collide with the latest changes to the Windows print.dll. Maybe the hint from this comment (English) to another article helps to switch on the direct print output without printer spooler.

On January 23, 2020, Microsoft released the Windows 10 Insider Preview Build 19551 (20H2 development branch) for Insiders in the Fast Ring. In the Windows Blog, Microsoft lists the changes and innovations of this build.

Windows Update [German]On January 23, 2020, Microsoft Preview Rollup released updates for Windows Windows 8.1 and the corresponding server versions. There were no updates for Windows 7.

Updates for Windows 8.1/Windows Server 2012 R2

A preview rollup update has been released for Windows 8.1 and Windows Server 2012 R2. The update history for Windows 8.1 can be found on this Microsoft page.

KB44534324 Preview (Monthly Rollup) for Windows 8.1/Server 2012 R2

Update KB4534324 (Preview of Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) includes everything from the January 14, 2020 update, plus the new improvements and fixes.

Addresses an issue that may prevent a scroll bar from being selected when an ActiveX control implements the CScrollView class. This occurs if you move the Internet Explorer window, which then moves the scroll bar to the left.

This update is optional and is available in Windows Update but also in the Microsoft Update Catalog and via WSUS. Since it is an optional update, I would not install it. In case of a manual installation the latest Servicing Stack Update (SSU KB4524445) has to be installed before.

The update has a known problem: Certain actions, such as renaming, that you perform on files or folders located on a Cluster Shared Volume (CSV) may fail with the error “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the action on a CSV owner node from a process that does not have administrator privileges. See the KB article for details.