|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
MS-DEFCON 3: Some lingering problems, but it’s time to get Windows and Office patched
It’s time to get the July patches rolled into your Windows and Office systems, in spite of a handful of niggling bugs.
Computerworld Woody on Windows.
-
.NET patches — manual installation only — released
Windows 7 and 8.1 non-security .NET updates are now available, but only through the Microsoft Catalog.
Details on the Windows Software Update site.
-
KB 4025331 for Server 2012 and KB 4025336 for Server 2012 R2 breaking WSUS and SCCM
Summary from Günter Born on his BornCity blog.
-
KB 4025336 blocks the client’s connection to WSUS
-
After installing KB 4025331, no more Office and Windows updates could be installed from clients via SCCM.
In both cases, uninstalling the updates solves the problems.
-
-
Consider a non-Windows OS for email security
In closing a recent ComputerWorld.com post, Michael Horowitz concluded:
“If you read email on a Windows computer, do yourself a favor and use a different operating system, at least for email.”
The article was discussing Windows Scripting Host (WSH), JavaScript and VBScript malicious files, which have been associated with recent malware via emails.
WSH can execute scripts written in many programming languages. Out of the box, it does JScript and VBScript but other languages, such as Perl and Python, can also be installed.
Michael details how to disable the WSH component, and to have any such attachments to open in Notepad, which changes them from being script files. You can find the details here.
-
Adobe: 64% of American computer owners say they apply updates immediately
Adobe just posted the results of their survey of 2,000 American adults. The summary is a bit different from the details, but here are the questions and answers that caught my eye:
Q: Do you typically update the software on your computer when new updates are released?
A: 64% said yes, 30% said “it varies” and only 4% said they don’t. Note that there’s no response available for “I apply updates but not when the manufacturer pushes them out.”
Q: How do you typically update your software?
A: 41% say they typically choose to be prompted when updates are available. 34% say that, when the software has the option to install updates automatically, they choose that option. 3% say they didn’t know there was more than one way to update software.
Interesting report.
-
More June security patching bugs: You can patch an IE security hole, or print inside iFrames – but not both
The latest IE patching conundrum deals with a bug in the June patches that broke the ability to print in iFrames. Automatic Update flops between one choice and the other.
Computerworld Woody on Windows
-
What have you heard about KB 4033428?
The KB article says it’s a “Windows Server 2012 R2 processor generation detection reliability update,” released July 18.
Anybody have a clue?
-
Another bug in a security patch only fixed in a rollup
Looks like we have another one…
I’m seeing reports that the IE 11 “doesn’t print iframe” bug, introduced in the IE 11 security update KB 4021558, is only being fixed in the Win7 June Monthly Rollup Preview KB 4022168 and the July Monthly Rollup KB 4025341 .
English translation: If you’re in Group B, you’ll still see the bug, whereas those in Group A will not.
It’s another example of how Group B is becoming untenable. Unless Microsoft fixes bugs in security patches with fixes in security patches, sticking to a security-patch-only regimen will ultimately leave you with bugs.
-
Win10 Creators Update will not install on some Atom/Clover Trail computers
A damning report from Ed Bott on ZDNet.
UPDATE: Paul Thurrott has a contrary opinion in this tweet:
“The following Intel processors are not CURRENTLY supported by the Win10 Creators Update.” Drivers ARE coming. https://answers.microsoft.com/en-us/windows/forum/windows_10-windows_install/intel-clover-trail-processors-are-not-supported-on/ed1823d3-c82c-4d7f-ba9d-43ecbcf526e9
And Paul draws a sobering conclusion in his paywalled article Windows as a Disservice:
Any company could, at any time, stop supporting any one component in any given PC. And if that end of support is serious enough—like Intel declining to update 3-to-4-year old bargain basement CPUs like those Atom chips at the heart of this matter—that means that Microsoft may be forced to no longer support Windows 10 on that PC. The lifetime of that device has come to a close.
As I’ve said many times before, subscribing to Paul’s Premium service is well worth the $48/year (initial offer).
-
KB 4025341, KB 4025337 cause crashes on some older hardware running Win7
There have been reports of BSODs after installing the July 11 patches on some older Win7 machines. Both KB 4025337, the security-only Update, and KB 4025341, the Monthly Rollup have been involved. Uninstalling the update fixes the problem.
Many posters have reported successful installation of the updates. So it doesn’t appear that the updates themselves are broken, but, when combined with specific drivers, BSODs result. It is likely due to some of the changes Microsoft has made to Win7 via the patches. @NetDef reports that updating the Intel C600 chipset driver fixed the problem. Another report possibly points to AMD graphics drivers.
If you have experienced a BSOD after installing the July 11 patches, your information would be helpful. The errors on the blue screen can pinpoint a conflict with a device. The Device Manager in the Control Panel is also an excellent source of information on installed drivers. What was the source of your drivers – from the manufacturer or were they Microsoft drivers?
This is an example of the type of information that is useful:
OS: Win7 Ultimate SP1 64bit
PATCH: KB 4025337
BSOD Info: STOP SYSTEM_SERVICE_EXCEPTION 0x0000003b
CPU: Intel Core 2 Quad Q8200
GRAPHICS: ATI AMD Radeon HD6450 v15.300.1025.0
CHIPSET: Intel P35/G35/G31 r.10 (or version)
FIX: Uninstalled update, or Rolled back HD6450 driver to n.15.200.1052.0, or Updated Intel chipset drive to…Any luck in identifying the the exact driver(s) involved would be most helpful to a lot of people.
-
July 11 security-only patch KB4025337 causes BSOD
Poster @skunk1966 reports
I just installed KB 4025337 for Windos 7 (x64). After rebooting my system I got BSOD. Started up in safemode and ran sfc /scannow. Rebooted in normal mode and again BSOD.
In the end I couldn’t fix it so uninstalled KB 4025337 using wusa cmd. Rebooted in normal mode and all is fine again,
The computer, running Win7 Ultimate has an older Intel Core 2 Quad Q8200 (Yorkfield) and ATI AMD Radeon HD6450 graphics.
Is anybody else seeing problems with the July 11 Security-only patch for Windows 7?
-
July 2017 Patch Tuesday rolls out with another load of updates
On July 11, Microsoft has once again rolled out a deluge of patches for Windows and other Microsoft products.
Martin Brinkmann at ghacks.net provides the full list. Here’s the summary.
- Windows 7: 22 vulnerabilities of which 2 are rated critical, 19 important, and 1 moderate
- Windows 8.1: 24 vulnerabilities of which 2 are rated critical, 21 important, and 1 moderate
- Windows RT 8.1: 21 vulnerabilities of which 2 are rated critical, and 21 important
- Windows 10 version 1703: 27vulnerabilities of which 2 are rated critical, 23 important and 1 moderate
Note: Windows 10 version 1507 will no longer receive security updates.
Other products affected:
- Internet Explorer 11: 7 vulnerabilities, 5 critical, 2 important
- Microsoft Edge: 19 vulnerabilities, 15 critical, 3 important, 1 moderate
- Microsoft Office 2010 Service Pack 2: 2 vulnerabilities, 2 important
- Microsoft Office 2013 Service Pack 1: 1 vulnerabilities, 1 important
- Microsoft Office 2016: 1 vulnerability, 1 important
Good news: supposedly the IE11 browser crashes have been addressed.
It’s back!! Watch out for KB2952664 (Win7) and KB2976978 (Win8.1) reissued 7/11 with a metadata change. You may get it again!!!!
UPDATE: Security patches for Microsoft Office are now available. Considering last month’s fiasco, it’s probably an excellent idea to let the lemmings (er…Guinea Pigs) jump off the cliff first. Unless you desperately need patches to fix patches to fix patches….
Office 2007 (5), Office 2010 (3), Office 2013 (9), and Office 2016 (14)UPDATE: .NET Security and Quality Rollup updates for July 2017 are available for Win10 only. The update addresses CVE-2017-0248.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Intel Management Engine (Intel ME) Security Issue
by 2 hours, 55 minutes ago
-
Old Geek Forced to Update. Buy a Win 11 PC? Yikes! How do I cope?
by 1 hour, 5 minutes ago
-
National scam day
by 3 hours, 7 minutes ago
-
macOS Tahoe 26 the end of the road for Intel Macs, OCLP, Hackintosh
by 20 hours, 27 minutes ago
-
Cyberattack on some Washington Post journalists’ email accounts
by 21 hours, 47 minutes ago
-
Tools to support internet discussions
by 1 day, 4 hours ago
-
How get Group Policy to allow specific Driver to download?
by 12 hours, 53 minutes ago
-
AI is good sometimes
by 1 day, 4 hours ago
-
Mozilla quietly tests Perplexity AI as a New Firefox Search Option
by 19 hours, 2 minutes ago
-
Perplexity Pro free for 12 mos for Samsung Galaxy phones
by 2 days, 5 hours ago
-
June KB5060842 update broke DHCP server service
by 2 days, 3 hours ago
-
AMD Ryzen™ Chipset Driver Release Notes 7.06.02.123
by 2 days, 7 hours ago
-
Excessive security alerts
by 22 hours, 38 minutes ago
-
* CrystalDiskMark may shorten SSD/USB Memory life
by 2 days, 17 hours ago
-
Ben’s excellent adventure with Linux
by 10 hours, 27 minutes ago
-
Seconds are back in Windows 10!
by 2 days, 4 hours ago
-
WebBrowserPassView — Take inventory of your stored passwords
by 22 hours, 5 minutes ago
-
OS news from WWDC 2025
by 8 hours, 11 minutes ago
-
Need help with graphics…
by 1 day, 12 hours ago
-
AMD : Out of Bounds (OOB) read vulnerability in TPM 2.0 CVE-2025-2884
by 3 days, 8 hours ago
-
Totally remove or disable BitLocker
by 2 days, 7 hours ago
-
Windows 10 gets 6 years of ESU?
by 2 days, 11 hours ago
-
Apple, Google stores still offer China-based VPNs, report says
by 3 days, 19 hours ago
-
Search Forums only bring up my posts?
by 27 minutes ago
-
Windows Spotlight broken on Enterprise and Pro for Workstations?
by 4 days, 7 hours ago
-
Denmark wants to dump Microsoft for Linux + LibreOffice
by 11 hours, 25 minutes ago
-
How to get Microsoft Defender to honor Group Policy Setting
by 4 hours, 25 minutes ago
-
Apple : Paragon’s iOS Mercenary Spyware Finds Journalists Target
by 4 days, 18 hours ago
-
Music : The Rose Room – It’s Been A Long, Long Time album
by 4 days, 19 hours ago
-
Disengage Bitlocker
by 4 days, 9 hours ago
Remembering Woody
