Some Windows 10 users are facing a strange problem after upgrading from Windows 10 1607 (Anniversary Update) to Windows 10 Version 1703 (Creators Update) – some start menu tiles are suddenly gone.

That’s the issue

A user reported this issue in April 2017 here in Microsoft’s Answers forum. He decided to upgrade a machine with Windows 10 1607 to Windows 10 Version Creators Update. The installation went trough, but after login all user specific tiles has been gone within his start menu.

Only tiles from pre-installed apps has been visible. He checked the \ProgramData\ folder, but the shortcuts has been there. He checked Programs & Features, but nothing has been uninstalled.

Then he decided to give Classic Shell a try – and voila, all start menu shortcuts was shown in Classic shell’s start menu. I’ve seen this behavior sometimes forums. Whilst the start menu from Windows 7 or from Classic Shell was solid as a rock, Windows 10 start menu (and the XAML trash) was always a trouble maker.

God Mode was the root cause

Another user posted his findings here in Microsoft’s Answers forum. After he found a similar behavior he analyzed the situation and found ‘God Mode’ as the root cause. Some internet articles are showing the trick to establish a special short cut, called ‘God mode’ in start menu using the folder:

%AppData%\Microsoft\Windows\Start Menu\Programs

After removing this God mode entry, Windows 10 Creators Update was able again to show all start menu entries an tiles.

VMware has released a maintenance update, shifting VMware Workstation and VMware Player to version 12.5.6.

The Release-Notes just mentions the following fixes and an issue:

• Day 0 support of the Windows 10 Creators Update (Version 1703):  End users can create virtual machines with the Windows 10 Creators Update or by installing VMware Workstation 12 Pro on a Windows 10 Creators Update operating system. 

• Bug fixes and security updates.

There is one know issue: After upgrading VMware Tools, the VMware shared folder drive is shown as disconnected with a red “X” in the guest OS.

After upgrading VMware Tools to version 10.1.5 or 10.1.6 and rebooting Windows, Windows Explorer shows the VMware Shared Folder drive as disconnected with a red “X”. Workaround: Refresh the connection by clicking the drive and accessing it as normal.

[German]Microsoft has (probably) released another security update (KB982316) for Windows XP to the public. Admins of systems running the unsupported Windows XP could install this update. But the whole thing is mysterious – the package contains only old stuff – and the update is available in English only (not installable on other languages).

WannaCry and the after EOL Windows XP-Update

Windows XP is no longer supported from Microsoft for the masses (end of life was 2014). Only customers paying for extended support are receiving additional security updates (and also Windows Embedded). But there has been an exception: After WannaCry used a vulnerability in SMBv1, Microsoft released update KB4012598 for (unsupported) Windows XP, Windows 8 and Windows Server 2003 to the public.

Update KB982316 for Windows XP – the next one?

Microsoft Update KB982316 for Windows XP has been released at May 19, 2017, as Windows Central reported here (and according to the date given on Microsoft’s web site). I used a web search for update KB982316 which returned the page An update is available for the Windows Telephony Application Programming Interface (TAPI). dated from 2010 and addresses also Windows XP. Also Microsoft Update Catalog doesn’t provide an entry.

But Security Update for Windows XP Service Pack 3 (KB982316) may be downloaded from this Microsoft download site. The update has a size of 492 KB and is available in English only. The download site, dated May 19, 2017, says:

A security issue has been identified that could allow an authenticated local attacker to compromise your system and gain control over it.

A security issue has been identified that could allow an authenticated local attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system.

Although this vulnerability requires an attacker to be authenticated local, it seems that this issue is critical enough, that Microsoft released another security patch for a non supported operating system. The update may be installed executing the .exe download. A system restart is required. That’s what we can read on Microsoft’s site…

Inspecting the package

But I’ve inspected the .exe file and it’s content and got puzzled. The files within the package comes with time stamps from 2009 up to 2010. The manifest file says that a TAPI dll shall be updated. And also subfolder update shipped within the patch has a date 06/14/2010. A bit mysterious – but I don’t believe, that’s an accidental shipped update, because it’s only offered from the download link given above.

My theory: Microsoft intended to realease an update – but somebody failed to link to the appropriate update package – or something in the download mechanic is broken (could be an explanation of the broken language selection).

[German]Users losing files due to WannaCry encryption may get their files back using a data recovery tool. That’s the message I received from a data recovery tool vendor.

The best strategy to protect data against ransomware is a clever backup strategy – data need to be saved to a backup media, that is held offline – and you need a rolling backup keeps several versions of your backup data – in case, you backup encrypted data accidentally.

Some Theory

Sometimes users are losing data due to a file system corruption, accidentally deleted files or crashing hard disks. In such cases data recovery tools may comes handy. These tools are able to recover sometimes files from data cluttered over the disk’s surface.

Ransomware depends on the operating systems file system. If the file will be rewritten during encryption, the old unencrypted files are probably left deleted on the hard disk. So it may be probable, that a recovery tool can retrieve such files.

Prepare the disk

In case your system has been infected with WannaCrypt, disconnect the disk from the system (to avoid an overwriting of deleted data cluster on this disk – I assume, that the approach reported here WannaCry: Decrypting with WanaKiwi also for Windows 7 wasn’t successful). Then clone your hard drive to another drive, to work with an exact copy of your encrypted disk.

Try EaseUS Data Recovery Wizard Pro

I have to be careful here: I haven’t a test system infected with WannaCrypt, so I can’t test. But folks from EaseUS has send me the following information.

User feedback and some tests has shown, that our EaseUS Data Recovery Wizard Pro could restore 80% of WannaCry encrypted data files.

Ok, it’s clear, it’s a marketing appoach, because the tool isn’t free of charge. But they offer a test version, that may be used to test the cloned hard disk for data recovery. If recoverable files are found, it will be worth to buy EaseUS Data Recovery Wizard Pro. EaseUS has published a blog post about this approach. The folks a disk tuna has released this article with contradicting information. In case you have experience with this scenario, feel free to drop a commend.

[German]Microsoft announced on 05/24/2017 in a blog post The largest Git repo on the planet that it has completed the rollout of Git/GVFS to the Windows team. the Windows code base is approximately 3.5M files and the Git repo is about 300GB.  Further, the Windows team is about 4,000 engineers and the engineering system produces 1,760 daily “lab builds” across 440 branches in addition to thousands of pull request validation builds.

Security vendor ESET has published two tools allowing users to fight against ransomware attacks like WannaCry (WannaCryptor) or Crysis. The EternalBlue Vulnerability Checker and the Crysis .wallet/.onion Decryptor are available for free.

EternalBlue Vulnerability Checker

Is my system up to date and protected against the EternalBlue exploit? The ESET EternalBlue Vulnerability Checker allows to test whether Windows is patched against the EternalBlue exploit. This vulnerability has been used during the WannaCry ransomware attack. Also mining malware Adylkuzz is using this vulnerability.

Crysis Decryptor

The second tool offered, is the Crysis .wallet/.onion Decryptor. The tool decrypt files already encrypted from a Crysis ransomware variant. Encrypted files has extensiones .wallet and .onion. The decryption key has been published on May 18, 2017 at BleepingComputer.com.

Both tools are offered fro free on ESET websites.

Download EternalBlue Vulnerability Checker
Download Crysis .wallet/.onion Decryptor:

Similar article:
NVIDIA GPU graphics driver vulnerability and update
The HP Conexant audio driver ‘stop keylogger’ placebo update
Ransomware WannaCry infected worldwide thousands of Windows systems
#WannyCry: Use recovery tools to gain encrypted files?
Wannacry: first WCry-Decryptor for Windows XP
WikiLeaks reveals CIA Windows Spyware Framework Athena
WannaCry: Decrypting with WanaKiwi also for Windows 7

[German]Microsoft has released a new cumulative update KB4020102 for Windows 10 Creators Update on May 25, 2017 . This update fixes a couple of issues and improves stability – according to Microsoft.

Update KB4020102

Update KB4020102 (May 25, 2017—KB4020102 (OS Build 15063.332) is the 2nd cumulative update for Windows 10 Creators Update in May. It doesn’t contains new features, the update fixes some issues and improves system stability. The Windows 10 V1703 build number is changed to 15063.332. KB402010 will be distributed via Windows Update. I haven’t  found the package in Windows Update Catalog. In case, you are in need, the direct download links are published at tenforums.com.

This cumulative update is also available for Windows 10 Mobile, but only for Windows Insider in Fast Ring and Release Preview Ring.

Fixed issues in update KB4020102

The changelog of update KB4020102 contains a long list of addressed issues that has been fixed.

• Addressed issue where NTLM fails to generate a challenge response when CredGuard is enabled, NTLMv2 is used, and no target information is provided by the server.

• Addressed issue where Internet Explorer does not respect the “Send all sites not included in the Enterprise Mode Site List to Microsoft Edge” policy when opening favorites. 

• Addressed issue in Internet Explorer 11 where a non-administrator user is not able to install an ActiveX control.

• Addressed issue where, after starting Split View, some apps (Microsoft Edge, Hub, Cortana, etc.) no longer receive input when multiple displays are in use.

• Addressed issue with an unnecessary scrollbar in the logon credential provider dialog, which may block use of other fields when the dialog has multiple fields.

• Addressed issue where, during a VM reset, the VM goes into Second Level Paging (SLP) even if there is enough balancer available memory on the host.

• Addressed issue where some non-Unicode fonts (Courier, MS Sans Serif, etc.) do not render characters correctly on non-Latin, single-byte system locales (Greek, Hebrew, Arabic, etc.). Black bars or other artifacts appear instead.

• Addressed issue with an SMS/messaging app that stops working when attempting to delete messages.

• Addressed issue where, after installing the Creators Update, audio output through external decoders no longer works.

• Addressed issue where the IoT shell fails to keep monitored background applications running.

• Addressed issue with high latency when using the Universal Windows Platform (UWP) MIDI API.

• Addressed issue where network printers may fail to install when using the printer vendor’s setup software on machines with less than 4GB of RAM. These printers will install if you install from the Settings app or from Devices and Printer in Control Panel.  I’ve addressed this bug within my blog post Windows 10 Version 1703: Fix for network printer install issue.

• Addressed issue where PrintBRM fails to restore the Print Queue Configurations when printer names are identical and a port is set to FILE:.

• Addressed issue with per user proxy settings not migrating to machine proxy settings.

Currently no install issues are known. Some users recognized disk cleanup takes a long time after update install (see also here). It seems also that some issues, not mentioned above, are fixed.

• A German user reported, that his Windows Spotlight issue (he have had no changing images on lock screen) has been fixed.
• Other German users are reporting minor fixes. One user reported, that screen brightness is now adjustable again. Another user reported, that the sharing option in Windows 10 Mobile Edge browser has been fixed.
• Here somebody mentioned, that the health scan bug in Windows Defender has been fixed. Also Windows Defender may be opened again via double clock on Actions Center.
• At reddit.com users are mention, that the location icon bug in task bar has been fixed (occurs, if Night Light is active and Action Center is open).
• At reddit.com a user claims, that group policies for lock screen (adding custom images) is still broken (see this discussion).
• If the update install is causing issues (cmd prompt window is flashing), user ursopro noted at reddit.com to check the office entry in task planner and deactivate the Office update task, running every hour.

Theis reddit.com thread also contains a list of issues, that probably not has been fixed yet. If you find additions fixes or new bugs, please drop a comment.

Simiar articles
Windows 10 Version 1703: Fix for network printer install issue
Office Patchday May 2, 2017
Updates for Windows 10 (May 9, 2017)
Updates May 2017 for Windows 7/8.1
Microsoft May 2017 patch day short over view
Update KB3150513: May Re-re-release for Windows 10 V1607

[German]It seems that Microsoft has issued another out-of-the-bank security update for Microsoft Malware Protection Engine (MsMpEng) on May 25, 2017. Here are a few details.

On May 8, 2017 Microsoft has fixed a critical vulnerability in Microsoft Malware Protection Engine (MsMpEng) – see my blog post Microsoft fixes critical Malware Protection Engine vulnerability. Microsoft wrote, that CVE-2017-0290 has been addressed. CVE-2017-0290 allows remote code execution in Microsoft’s Malware Protection Engine (the Chakra scripting engine was vulnerable).

New Microsoft Security Update Releases Mai 2017

This night I received an e-mail from Microsoft, titled ‘Microsoft Security Update Releases’ that contains the following information:

********************************************************************
Title: Microsoft Security Update Releases
Issued: May 25, 2017
********************************************************************

Summary
=======

The following CVEs have been added to May 2017 release. 

* CVE-2017-8535
* CVE-2017-8536
* CVE-2017-8537
* CVE-2017-8538
* CVE-2017-8539
* CVE-2017-8540
* CVE-2017-8541
* CVE-2017-8542

Revision Information:
=====================

CVE-2017-0223

 - CVE-2017-8542 | Microsoft Malware Protection Engine Denial 
   of Service Vulnerability

 - CVE-2017-8541 | Microsoft Malware Protection Engine Remote 
   Code Execution Vulnerability

 - CVE-2017-8540 | Microsoft Malware Protection Engine Remote 
   Code Execution Vulnerability

 - CVE-2017-8539 | Microsoft Malware Protection Engine Denial
   of Service Vulnerability

 - CVE-2017-8538 | Microsoft Malware Protection Engine Remote 
   Code Execution Vulnerability

 - CVE-2017-8537 | Microsoft Malware Protection Engine Denial 
   of Service Vulnerability

 - CVE-2017-8536 | Microsoft Malware Protection Engine Denial 
   of Service Vulnerability

 - CVE-2017-8535 | Microsoft Malware Protection Engine Denial 
   of Service Vulnerability 

 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Version: 1.0
 - Reason for Revision: Microsoft is releasing this out-of-band CVE 
   information to announce that a security update is available for 
   the Microsoft Malware Protection Engine. Microsoft recommends 
   that customers verify that the update is installed, and if 
   necessary, take steps to install the update. For more information 
   see the FAQ section
 - Originally posted: May 25, 2017  
 - Aggregate CVE Severity Rating: Critical
 - Version: 1.0

Microsoft linked to Security Update Guide, but during writing this blog post, I was not able to find an entry within Security Update Guide for CVE-2017-0223 (or the other CVEs). The details presented below are obtained from other sources.

Here are more details

CVE-2017-0223 addresses, according to this site a vulnerability in Microsoft Chakra Core:

A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka “Scripting Engine Memory Corruption Vulnerability”. This vulnerability is unique from CVE-2017-0252.

Microsoft lists the following CVEs addressed in another MsMpEng May update.

• CVE-2017-8535: Microsoft Malware Protection Engine; Denial of Service Vulnerability
• CVE-2017-8536: Microsoft Malware Protection Engine; Denial of Service Vulnerability
• CVE-2017-8537: Microsoft Malware Protection Engine; Denial of Service Vulnerability
• CVE-2017-8538: Microsoft Malware Protection Engine; Remote  Code Execution Vulnerability
• CVE-2017-8539: Microsoft Malware Protection Engine; Denial of Service Vulnerability
• CVE-2017-8540: Microsoft Malware Protection Engine; Remote  Code Execution Vulnerability
• CVE-2017-8541 Microsoft Malware Protection Engine; Remote  Code Execution Vulnerability
• CVE-2017-8542: Microsoft Malware Protection Engine; Denial of Service Vulnerability

The CVE’s has been entered at May 3, 2017 into the database.

Microsoft Malware Protection Engine update

Microsoft wrotes within the Security Update Releases-Information about an out-of-the-band update for MSMpEn. 

Reason for Revision: Microsoft is releasing this out-of-band CVE information to announce that a security update is available for the Microsoft Malware Protection Engine. Microsoft recommends that customers verify that the update is installed, and if necessary, take steps to install the update. For more information  see the FAQ section

– Originally posted: May 25, 2017 

I couldn’t find the FAQ section mentioned above. My interpretation was, that Micorsoft has updated Microsoft Malware Protection Engine again on Maiy 25,2017 to address additional vulnerabilities. Because MSMpEn is updated via Microsoft’s security products (Windows Defender, Microsoft Security Essentials) and not via Windows Update, I checked my machine with MSE (see also my German blog post MS Malware Protection Engine – welche Version habe ich?).

My MSMpEn has version 1.1.13804.0, whilst after May 9, 2017 the version 1.1.13704.0 has been reported. It seems that Microsoft Malware Protection Engine has been updates (via Microsoft Security Essentials or Windows Defender). If you have further details or more insights, please left a comment.

[German]Microsoft didn’t release a patch for Windows XP, Windows Server 2003 to close the NSA ESTEEMAUDIT Exploit. Now security firm enSilo released a hotfix to close the vulnerability used by ESTEEMAUDIT exploit.

After Shadow Broker released a couple of NSA hacking tools and exploits, Microsoft explained, that most of the vulnerabilities has been patched. Only some vulnerabilities addressed by exploits like EsteemAudit are unpatched, because Windows XP and Windows Server 2003 are reached end of life and are out of support.

But after WannaCry-Attack we have learned, that unpatched vulnerabilities may cause infections of thousands of systems. And there are still many systems running Windows XP and/or Windows Server 2003 out there. An analysis made from fortinet showed, tha open RDP ports within a network allows to attack systems.

Security firm enSilo decided to develop a hotfix for this EsteemAudit exploit. Last week they announced the patch, that is public available for Windows XP SP3 x86/x64 and Windows Server 2003 SP2. The patch will be loaded into winlogon.exe (only if it is an RDP session) to perform in memory patching (hotpatching) of ESTEEMAUDIT. Any attempt to use ESTEEMAUDIT to infect the patched machine will inevitably fail. Full details are available here. (via)

Microsoft has released on May 26, 2017 a non-security update KB4023680 für das Windows 10 Anniversary Update. KB4023680 changes the OS Build to 14393.1230 and is available in Microsoft Update Catalog. This update fixes an issue, where End User Defined Characters, EUDC, are not displayed in some applications.

[German]Currently Firefox users are facing login issues with Microsoft live.com services (Hotmail, Outlook, OneDrive). It’s not possible to authenticate at live.com. Here are a few details.

A reader of my German blog informed me this morning about the login issue. I wasn’t aware of this, because I don’t login frequently to live.com, and I use Google Chrome.

SEC_ERROR_OCSP_INVALID_SIGNING_CERT

Accessing Hotmail, Outlook, OneDrive or other Microsoft online services, a user need to login to live.com. In Google Chrome or in Internet Explorer I receive the login form as shown below.

But Firefox (I’ve tested it with version 53.0.3) drops the following error page after entering the URL live.com:

Secure Connection Failed

An error occurred during a connection to outlook.live.com. Invalid OCSP signing certificate in OCSP response. Error code: SEC_ERROR_OCSP_INVALID_SIGNING_CERT

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

Please contact the website owners to inform them of this problem.

Here is my German login site.

The login form isn’t displayed, so an authentication isn’t possible. It seems, there is an certificate issue in Firefox. Searching the Internet showed me, that this live.com issue seems to exists since a few hours. In Microsoft Answers this thread addresses this issue and also Mozilla has this older article, dealing with OCSP. OCSP is an extended security features in Firefox. The certificate error need to be corrected from web site vendor.

A workaround

But there is a workaround, helping Firefox users to login to Microsoft live.com. Just disable OCSP check within the browser.

1. Enter about:config ein into the browser’s address bar and confirm the warning.

2. Search for the option security.ssl.enable_ocsp_stapling, double-click it and change its value to false.

After changing this option to false, the live.com login form should be shown also in Firefox. This issue should also work with other login sites. After the issue has been resolved from Microsoft, repeat the above steps and enable the option again. So check after a while, whether the issue has been resolved.

Addendum: Certificate expired

Paul v Brouwershaven has pointed me to the right direkt direction with this tweet.

@etguenni https://t.co/HzSHmJiZgI pic.twitter.com/3aLF1qiO8r

— Paul v Brouwershaven (@vanbroup) 29. Mai 2017

This web site,  shows the certificate status, which is expired on May 28, 2017. The update will be tomorrow May 30, 2017. Another workaround is, using direkt login with hotmail.com, outlook.com and so on. Strange thing …

[German]In case someone’s system has been infected by XData ransomware and documents are encrypted, I’ve good news. A RakhniDecryptor for XData ransomware has been released by security vendor Kaspersky.

The XData Ransomware has been addressed at this ESET blog post. The ransomware was active shortly after the WannaCrypt attack (between May 17 and 22, 2017), but the first variants has been detected at December 8, 2016. Xdata ransomware was mainly active in Ukraine, after the trojan has been distributed by a document automation system used for accounting purposes.

Recently the private keys used by this ransomware has been posted within the Bleeping Computer forum. Now Bleeping Computer reported within this article, that Kaspersky provides RakhniDecryptor free of charge for download. The tool is able to decrypt the Xdata encrypted document files.

[German]Microsoft has re-released Update KB3150513 for Windows 10 Anniversary Update (Version 1607). This update ships the latest compatibility definition update for Windows.

Update KB3150513 re-release

Update KB3150513 for Windows 10 Anniversary Update (Version 1607) is titled Latest compatibility definition update for Windows. This update has been re-released fife times in Mai 2017.

According to Microsoft, it provides the latest set of definitions for compatibility diagnostics that are performed on the system. The updated definitions help enable Microsoft and its partners to ensure compatibility for all customers who want to install the latest Windows operating system. Installing this update also makes sure that the latest Windows operating system version is correctly offered through Windows Update, based on compatibility results.

If you intend to update your machine with Windows 10 Version 1607 via Windows Update to Creators Update (Windows 10 Version 1703), install the newest compatibility definitions. KB3150513 doesn’t provides details, but Microsoft Update Catalog contains the new entry dated May 31, 2017.

Similar articles
Update KB3150513: May Re-re-release for Windows 10 V1607
Windows 10: Updates KB3150513 and KB4015219 are back

[German]Version 0.6.2 of Open Live Writer has been released yet. It’s a maintenance release for the Windows based blogging tool. Here are a few details.

Open Live Writer is an open source blogging client for Windows. It’ successor of Microsoft’s blogging client Windows Live Writer, that was part of the cancelled Windows Live Essentials.

The developers has announced the new version here. The new version is a maintenance release to handle issues with publishing images due to Google Blogger. They’d made some changes to how images are uploaded to Google Photos that prevent Open Live Writer from automatically configuring photo publishing. We’ve added some extra steps to try to configure it, and if we can’t set it up for you automatically we link to a help page that shows you how to set it up.

You can download the installer from here. Open Live Writer 0.6.2 is also available as a Windows 10 App in Windows Store.

Similar articles:
Windows Live Essentials 2012 – R.I.P.

Microsoft has pushed out accidently wrong build 16212 of Windows 10 to Windows Insiders on PCs and Mobile devices.

Some Windows Insiders received an update for Windows 10 Preview build 16212.1001.rs _edge_case.170531-2234 on PCs. Users of Windows 10 Mobile devices are receiving Build 16212.1000.rs_iot.170531-1800. Both builds was released accidentally and wasn’t dedicated for public release. Dona Sarkar has published this blog post about this incident.

While the PC build was installable, the build for Mobile devices crashed the devices. The recommendation was, to do a rollback via Settings > Update & security > Backup.

If this wasn’t enough, these mistake-pushed internal builds are in all rings, Fast, Slow and Release Preview.
What have you done MS.

— Indigo (@tfwboredom) 1. Juni 2017

Microsoft wrote that only a small amount of people has received this Insider build. The above tweet says that Microsoft has pushed the wrong builds to all Insider Preview rings. Well, shit happens from time to time. Glad, that Dona Sarkar says, they won’t release another Insider Preview this week.

Microsoft has released update KB3150513 several times in May 2017 for Windows 10 Anniversary Update (Version 1607) . But it seems, that this update is causing issues on some user machines with Outlook and OneNote 2016, MalwareBytes 3.0, and TeamViewer.

Microsoft has re-released update KB3150513 for Windows 10 Anniversary Update (Version 1607) a couple of times. I’ve blogged about update KB3150513 within my article Windows 10 1607: Update KB3150513 (May 31, 2017) for instance.  This update ships the latest compatibility definition update for Windows.

Update KB3150513: Issues with Outlook 2016

At Askwoody is this post, addressing an issue with Outlook 2016 and Windows 10 V1607 update KB3150513. A user wrote:

Writing a quick thank you note for your article titled “Mystery update KB 3150513 makes yet another reappearance”.

It started yesterday afternoon when I couldn’t open Outlook 2016. After looking around a bit today on both my computer and the web, I noticed a new update that downloaded yesterday morning. Googling for help about the error that was showing on my system, “Cannot start microsoft outlook. Cannot open the outlook window. The set of folders cannot be opened”, found no relief. But then, I came upon your aforementioned article, put two and two together, saw that I didn’t want this update on my computer and quickly uninstalled the update and voila! Outlook works. YaY!

So, I’m writing this for two reasons: 1st to say thank you for your article and blog that, unbeknownst to you until now, pointed me in the right direction to be able to once again use outlook and 2nd – in case you see others having this same issue, perhaps this bit of information from my experience will help them too before experiencing too much frustration.

Also German news site heise.de has an article, mentions, that Windows 10 Version 1607 update KB3150513 is preventing Outlook 2016 from launch. The solution: Uninstall update KB3150513 and block it from re-installing (see How to block Windows 10 updates).

OneNote 2016 error 0xE0000002

Greek blog reader Leon pointed me to this Microsoft Answers forum post. A user wrote:

I am repeatedly getting an error message in OneNote 2016. It happens every time I try to create an Outlook task from text that I’ve handwritten in OneNote. the error message continues with „occurred in the application at location 0x000000007736A882.“  I’m running the office version of OneNote 2016, on a Surface Pro 3, Windows 10 Version 1607 for x64 based Systems (KB3150513).

Leon suggests to use the OneNote Diagnostics Tool to fix this error. The error may occur also in combination with Malwarebytes 3.0 (see below). If that doesn’t helps, uninstall update KB3150513 and block further installations.

Malwarebytes 3.0 has issues

Microsoft has published this KB article at May 13, 2017, addressing another issue. Office 2013 or 2016 may hang or crashes with error 0xE0000002 in Windows 10 Creators Update if Malwarebytes 3.0 has been installed. Malwarebytes has released a fix to correct this issue.

TeamViewer crashes after Windows Update

Blog reader Leon has send me another e-mail he received from a buddy. This mail is indicating some issues with TeamViewer caused by Update KB3150513.

Running Windows 10 Pro, I am able to connect & Teamviewer runs for a while (typically 1-5 minutes) & then kicks me out, dropping the connection for no apparent reason. This has happened many times in succession, The problem seemed to start only recently in the past week or so, after recent Windows 10 updates were installed automatically by Windows Update in Microsoft. Before then, I did not have this problem. I have not installed any other new programs, can somebody help?

Also the solution is: uninstalling Update KB3150513 and block it’s installation. Hope it helps, if someone is facing one of those issues mentioned above.

[German]Microsoft has re-released optional Updates KB2952664 for Windows 7 SP1 and Update KB2976978 for Windows 8.1 on June 6, 2017. Both updates has been re-released cyclically by Microsoft, but there has been issues within the past, so these updates also has been pulled several time.

Update KB2952664 for Windows 7 SP1

Update KB2952664 is a Compatibility update for keeping Windows 7 SP1 up-to-date. Microsoft writes:

This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate the compatibility status of the Windows ecosystem, and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update. 

This Update will be offered via Windows Update and is available via Windows Update Catalog. My recommendation: Hide this update, except, you plan to upgrade to Windows 10.

Update KB2976978 for Windows 8.1

Update KB2976978 is also a compatibility update for Windows 8.1 (Windows 8 has reached end of support), to improve Windows 10 upgrade. This update is available via WU and via Windows Update Catalog. 

Recently I stumbled upon an interesting problem. The question was, how to manage a Windows 7 install on an Intel NUC system with USB 3.0. This is causing issues, because Windows 7 doesn’t provides USB 3.0 support during setup.

The question was raised from an administrator within a German forum. He was ordered, to exchange a lot of Office PCs with Intel NUCs. The company is using Windows 7.

What’s the problem?

The user wrote, that those Intel NUCs comes with four USB 3.0 ports. After installing Windows 7, USB 3.0 controller driver is missing, so none of the USB 3.0 ports are working. So he wasn’t able to use an USB keyboard and mouse to fix this issue.

Fix #1: Use an additional USB 2.0 port

One suggestion made within the forum was to add an additional USB 2.0 port to the Intel NUC. An Intel NUC LID Additional Dual USB 2.0 Ports is offered via Internet.

Fix #2: Integrate USB 3.0 driver into install image

Another suggestion was, to integrate the required USB 3.0 driver into the Windows 7 install image. This can be done with Microsoft’s deployment tools – in case that fits, start here.

Fix #3: Use Intel’s Windows 7 USB 3.0-Creator-Utility

The coolest suggestion I ‘ve read was, to use Intel’s Windows 7 USB 3.0-Creator-Utility. This utility automates the process to create a Windows 7* installation image to include USB 3.0 drivers. You can then use the new installation image to install Windows 7 on Intel® NUC products that have only USB 3.0 ports. The Windows 7 USB 3.0-Creator-Utility may be obtained from here.

Users of IBM Notes 9.0.1 are facing issues after upgrading to Windows 10 Creators Update (Version 1703). Notes is crashing with a blue screen of dead (BSOD) on some system. It seems, that Microsoft will release a patch till end of June 2017.

Some Background details

Some users of IBM Notes 9.0.1 FP7/FP8 reporting crashes under Windows 10 Creators Update (Version 1703). I’ve blogged about hat within my blog post Windows 10 V1703: Blue screen issues with IBM Notes 9.0.1 (a German user has mentioned that issues within this Microsoft Answers forum).

ome of our customers are facing system crashing after installing Windows 10 Pro Creators Update (Version 1703). The issues occur during opening IBM Notes data bases with IBM Notes Standard or Basic Client version 9.0.1 FP7 or FP8.

IBM recommends a rollback to Windows 10 Anniversary Update. They also recommend to create a support case at Microsoft.

But not all users are affected. Some comments I received for my German blog post are negating issues. But there has been this forum thread, where other users are confirming crashes.

One reader of my blog pointed out in a comment, that the issue occurs, if the Notes home pages has been customized (see also this forum thread). Beside the uninstall Windows 10 V1703 recommendation, a user proposed to start IBM Notes with parameter -sa  in Basic mode.

IBM says: Microsoft is preparing a fix

Lutz Geschinsky, who has posted this Microsoft Answers forum thread, received finally a feedback from IBM and published it on several places. Here is the IBM statement:

“Microsoft have indicated that this impacts in Win32kFull.sys. Microsoft will by the end of month,  have a fix available for this issue. The Win32kFull.sys is a multi-user driver file that belongs to Windows operating system and it is used to perform its tasks.
We presume if you un-install Windows 10 Creators Update 1703,  there would no longer be an issue with using Notes.”

[German]Microsoft has released this night Windows 10 als Insider Preview Build 16215 for PCs in Fast Ring. Supported mobile devices receive Build 15222.

It has been 3 weeks, since the last Insider Preview build has been released. Last week, a wrong build was released and pulled immediately (see Ups, wrong Windows 10 Insider Preview Build 16212 released). But now we have a new Insider Preview build, that comes with a ton of new features (like a renewed Info Center shown below).

(Source: Microsoft)

The announcement of this new Build has been made within the Windows Blog. Within this blog post you will find what’s new, the whole changelog and also issues within this new build Microsoft is aware of.

Install error 0x80070643

A blog reader informed me, that some users are receiving an installation error 0x80070643. This code stands for ERROR_INSTALL_FAILURE, a critical error without further explanation. Searching the web pointed me to web sites dealing with issues in Windows Defender. I suppose, third party antivirus software may conflicting with Windows and blocks upgrade to Build 16215. I ‘ve also a (German) blog post, dealing with this error code (Windows Defender liefert Update-Fehler 0x80070643). Also this Technet forum entry or this MS Answers forum thread may helps.