Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • February’s patch Tuesday will be in March

    Home Forums AskWoody blog February’s patch Tuesday will be in March

    This topic contains 52 replies, has 16 voices, and was last updated by  anonymous 7 months, 3 weeks ago.

    • Author
      Posts
    • #94586 Reply

      woody
      Da Boss

      At least, that’s what the MSRC team notification on the TechNet blog says: UPDATE: 2/15/17: We will deliver updates as part of the planned March Updat
      [See the full post at: February’s patch Tuesday will be in March]

      7 users thanked author for this post.
    • #94590 Reply

      dononline
      AskWoody Lounger

      Hummm … very strange … it will be interesting watching MS spin their way around this one over the next few days. Well, at least we’re off the hook this month — no patches, no worries, life is good. 🙂

      1 user thanked author for this post.
    • #94598 Reply

      JNP
      AskWoody Lounger

      So, we’re in Jimi Hendrixland: “If 6 was 9”: https://www.youtube.com/watch?v=vZuFq4CfRR8 ?. Seriously, as others have written, after all the bad updates, it’s refreshing to see MS pull pack and a try to be more careful.

      1 user thanked author for this post.
    • #94610 Reply

      abbodi86
      AskWoody MVP

      Well, at least i had time to tinker with Office updates
      it’s time to download and play with latest W10 insider preview build 😀

    • #94634 Reply

      anonymous

      Vista, 7, 8.1, 1507, 1511, 1607 – we were supposed to have one Windows, but we actually have 6 :).

      1 user thanked author for this post.
    • #94640 Reply

      212louis
      AskWoody Lounger

      Funny how MS seems to not be concerned with “threats” this month that they would allow users to go “unpatched” for 60 days?
      Really?
      What does that tell users about how seriously we should take the warnings each month about patching “vulnerabilities”?
      I’ve often thought MS’s patch policy was a system based on keeping people tethered through fear and uncertainty and less about actual “threats”. The ease with which MS has dispatched this Feb’s patch Tuesday seems, imo, to support that.
      All these years…all that disinformation.

      • #94641 Reply

        PKCano
        AskWoody MVP

        Funny how MS seems to not be concerned with “threats” this month that they would allow users to go “unpatched” for 60 days?

        The problem doesn’t seem to be MS lack of concern with threats. The problem seems to be that something – we don’t know what- is broken in the patching system and MS is UNABLE to deliver the patches. For Windows or anything else.
        For years MS has delivered updates with regularity. They are aware of the vulnerabilities (there have been vulnerabilities every month or we wouldn’t have patches) and their implications. In spite of the fact that many do not agree with their “one patch fits all” strategy, I’m am sure they are working overtime to straighten things out.

        2 users thanked author for this post.
        • #94648 Reply

          212louis
          AskWoody Lounger

          @PK,

          “The problem doesn’t seem to be MS lack of concern with threats. The problem seems to be that something – we don’t know what- is broken in the patching system and MS is UNABLE to deliver the patches.”

          Really? MS can’t figure out what is wrong with their delivery system in 60 days??
          Really, if the “threats” and “vulnerabilities” were/are so perilous, treacherous and high-risk (as they seem to be every month for years on end) how could they leave systems unpatched for 60 days? They couldn’t devote a team to fixing the issue ASAP as soon as it was discovered and stay on schedule? Suddenly fear and threat of infection, viruses and malware took two months off?? That’s pretty curious to me.

          My point is simple…it’s possible that the fear and doubt sown by MS over the years about “threats and vulnerabilities” seem to be overblown and MS’s willingness to allow all OS’s to go unpatched for 60 days is ample evidence of that. Otherwise, MS would have solved their “delivery issue” in time for their regular “the sky is falling, patch your system!!” patch Tuesday.

          The problem doesn’t seem to be MS lack of concern with threats.

          The problem appears to me to be…are these “threats and vulnerabilities” valid and not self serving MS hyperbole?

          Once one loses credibility, it’s very difficult to regain it.

          We all need to start better understanding the power of language, information and disinformation.

          • This reply was modified 8 months ago by  212louis.
          • This reply was modified 8 months ago by  212louis.
          6 users thanked author for this post.
          • #94729 Reply

            Noel Carboni
            AskWoody MVP

            Suddenly fear and threat of infection, viruses and malware took two months off??

            This is not directed at you, specifically, Louis…

            My advice:

            Don’t live your life in fear. If unknown things worry you, make them known things by educating yourself.

            Fear is used by those who want to manipulate the masses into doing what they want.

            Yes, it’s good to have patched systems, up-to-date antimalware software, etc. – but your computer isn’t likely to roll over and die if a month of patches is missed. Remember, what you’re also avoiding are the problems, reissues of broken patches, and the worry over why your system is now doing something it shouldn’t be.

            As an example I have a Win 7 system whose role is primarily a server and is not interactively used. Lo and behold it hasn’t had a patch since last year, because it simply doesn’t need one to continue to function for its intended purpose. It’s reliable and functional for what it does.

            ScreenGrab_SVN_2017_02_16_121716

            -Noel

            Attachments:
            You must be logged in to view attached files.
            2 users thanked author for this post.
            • #94822 Reply

              212louis
              AskWoody Lounger

              @Noel,

              I’m good….but I think you may have missed my point.
              I’m not living my life in fear…I’m in Group C on my W7 x64 system. Just .NET Security patches only, that is when MS provides a .NET security patch.

              I’m just positing, and beginning to believe, that MS wants their users to live their computer
              life in fear. That works to MS’s advantage, imo.

              • This reply was modified 8 months ago by  212louis.
              1 user thanked author for this post.
            • #94859 Reply

              Noel Carboni
              AskWoody MVP

              I’m just positing, and beginning to believe, that MS wants their users to live their computer life in fear.

              I’m in full agreement with you and trying to advise people not to fall for it.

              -Noel

              1 user thanked author for this post.
            • #95096 Reply

              212louis
              AskWoody Lounger

              @Noel,

              And believe me, you and one or two others here helped me make the decision to become a Group C believer when MS broke the news about the new patching system. Seeing smart people make the case for reasoned approaches to security and patching was instrumental in my decision making process.

              1 user thanked author for this post.
      • #94644 Reply

        anonymous

        @ 212louis

        Yes, agree.

        1 user thanked author for this post.
    • #94707 Reply

      ltorres
      AskWoody Lounger

      Will this apply to the Adobe Flash updates via Windows updates as well?

      • #94712 Reply

        woody
        Da Boss

        Yes. As a result, IE and Edge running on Windows won’t have the Flash patches until next month.

        1 user thanked author for this post.
        • #94765 Reply

          rc primak
          AskWoody Lounger

          If that’s true, and even MSRT isn’t being delivered, I can only conclude one thing:

          MS Updates got hacked.

          -- rc primak

        • #94789 Reply

          anonymous

          Although I’m not computer-savvy enough to solve the mystery myself, I hope the following bit of information can be of some use to the more expert posters who are trying to discover the reason why there are no February 2017 patches for several versions of the Windows OS as well as various other Microsoft applications e.g. Office, Microsoft Security Essentials, etc. I’ve been offered (and I’ve downloaded and installed) Windows Defender anti-malware definition updates THROUGH THE WINDOWS UPDATE interface on my PC on a daily basis without interruption or problems during the entire month of February up to and including today February 16th. I’m running Windows 8.1 Pro. My Windows Update settings are: “Check for updates but let me choose whether to download and install them” and “Give me recommended updates the same way I receive important updates”. I have not checked the box next to “Give me updates for other Microsoft products when I update Windows”.
          Regards, Harris.

      • #94713 Reply

        PKCano
        AskWoody MVP

        The Flash Player updates for Win8.1 and later are covered in the IE/Edge updates. So for that part, the answer is “yes” they are delayed because all patching is delayed.

        Adobe has released the Flash updates for IE in Win7, Active x, the NPAPI update, and the update for other platforms/OSs. Version 24.0.0.221 is available on their website at Adobe dot com.

        • This reply was modified 8 months ago by  PKCano. Reason: Edit ti include Edge
        2 users thanked author for this post.
        • #95073 Reply

          rc primak
          AskWoody Lounger

          Flash Player for Edge and IE 11 embedded has always been a separate patch, whether obtained through the MS Updates Catalog (where this month’s patch is not in evidence) or through MS Updates (automatic updates). Same for MSRT.

          That’s why the absence of these patches looks so ominous to some of us.

          -- rc primak

    • #94723 Reply

      Noel Carboni
      AskWoody MVP

      From lemons to lemonade…

      Someone in another thread commented that a lack of patches from Microsoft is actually kind of nice; not having to work through all the trouble of what to do to prevent your computer system from melting down or doing things you don’t want after patching IS indeed a relaxing thought!

      For Windows 8.1, January already saw no patches from Microsoft. Now we’re skipping February too. So my workstation can be run for another few months before an update requires a reboot. It’ll be interesting to see how long that will be, since Windows Updates are really the only reason I reboot it any more… Right now, having installed the December patches in January, my uptime is 34 days.

      ScreenGrab_NoelC4_2017_02_16_120139

      Thoughts turn toward security vulnerabilities, but always keep in mind that the vulnerabilities being patched have often been in the operating system forever. If you have a reasonable security environment and practice common sense computing, hackers and malware shouldn’t be knocking at your door constantly, so the risk isn’t high for leaving those vulnerabilities in for a while longer.

      If you have a stable system, enjoy the additional time off from waiting on Windows Update to do what YOU want to do, not what Microsoft wants you to do. 🙂

      -Noel

      Attachments:
      You must be logged in to view attached files.
      4 users thanked author for this post.
    • #94738 Reply

      Bill C.
      AskWoody Lounger

      I wonder if this is related. Original Windows 10 life support extended.

      http://www.infoworld.com/article/3170874/microsoft-windows/microsoft-quietly-prolongs-life-of-original-windows-10.html

      Maybe it is to spread out increased server demand in March.

    • #94741 Reply

      abbodi86
      AskWoody MVP

      At least, Vista users will have a free month of wotking Windows Update

      ending article is up
      Windows Vista support is ending

      • This reply was modified 8 months ago by  abbodi86.
    • #94744 Reply

      Microfix
      AskWoody Lounger

      Is this happening to anyone else on the WU catalog?

      | 3 PC W8.1 Pro x64 | | 1 PC Linux Hybrids x64 | | 1 PC Windows XP Pro x86 (offline) |
        No problem can be solved from the same level of consciousness that created IT - AE
      Attachments:
      You must be logged in to view attached files.
      1 user thanked author for this post.
      • #94747 Reply

        PKCano
        AskWoody MVP

        Mine is working OK in Firefox.

        • #94750 Reply

          Microfix
          AskWoody Lounger

          Yup, working fine now after clearing browser cache, thanks.

          | 3 PC W8.1 Pro x64 | | 1 PC Linux Hybrids x64 | | 1 PC Windows XP Pro x86 (offline) |
            No problem can be solved from the same level of consciousness that created IT - AE
        • #95077 Reply

          rc primak
          AskWoody Lounger

          The Catalog works fine. Even in Linux and Chrome Browser, I can see all the downloads. But the new patches aren’t there. Not even Flash Player. So this is pretty much a useless exercise at this point.

          -- rc primak

    • #94752 Reply

      WildBill
      AskWoody Lounger

      Interesting as to a possible cause for this. Whether it’s fear of SMBv3 zero-day, Windows Update is broken, or (my guess) a serious bug in a patch. Due to Cumulative Updates & Monthly Rollups, the only way to avoid the bug is to avoid Everything; even if it takes a month. (It Shouldn’t take that long to fix it, but shipping the package after the bug is fixed will throw off the Windows Update schedule. Maybe?

      Wild Bill Rides Again...

    • #94821 Reply

      Seff
      AskWoody Lounger

      According to the BBC:-

      “February was also when Microsoft was due to break its security fixes into two – one for Windows and another for its browsers. Getting the separation and testing system to work reliably is believed to have caused the delay.”

      http://www.bbc.co.uk/news/technology-38992298

      1 user thanked author for this post.
      • #94825 Reply

        woody
        Da Boss

        All due respect to the Beeb, but I doubt the delay is due to separating out IE patches.

        2 users thanked author for this post.
    • #94910 Reply

      anonymous

      This is why the updates should have just been kept individual. I like the idea of the rollup model but when stuff like this happens then it means we have to go another month without getting updates. If it were up to me, security updates would have been kept as individual patches. But fixes and all that I don’t mind having in a rollup, but for security updates I feel should be separate from the bug fixes.

      Also Woody, say there was an exploit so dire and they were having trouble with a rollup (like they are now) do you think MS would issue an emergency update to fix said exploit or do you think they’d keep you waiting until next month? Because I really feel they should issue a temporary patch for the SMB exploit that’s been affecting some people.

      Also I will say this. I will commend Microsoft for not releasing this month’s updates since they found an issue last minute. I would rather wait a month to make sure I get a working update rather then having them ship out a glitchy update. But still. I feel they should at least issue a temporary patch for that SMB exploit. That’s my 2 cents.

      2 users thanked author for this post.
    • #94926 Reply

      ch100
      AskWoody MVP

      The March 2017 Preview is due next Tuesday, February, 21.
      Let’s see what surprise we will get.
      Maybe version 5 of KB3125574 with all outstanding issues from version 4 fixed?

      1 user thanked author for this post.
    • #94928 Reply

      anonymous

      Concerning the Flash updates – my source told me, that MS intends to ship the update as early as possible. But we will know within the next two weeks, if that’s true – or an “alternative fact” ;-).

      It seems, that only a few heads in the inner MS circle knows, what’s going on with the patch machinery.

      Günter Born

      4 users thanked author for this post.
      • #95136 Reply

        ch100
        AskWoody MVP

        We might even see a newer Windows Update back-end platform implemented which takes time to implement and test.
        There are known issues with delivering Windows 10 updates and upgrades and Delivery Optimization does not work well.
        Microsoft is making preparations to implement the newer mechanism for delivering updates via UUP.
        https://blogs.windows.com/windowsexperience/2016/11/03/introducing-unified-update-platform-uup/

        • #95154 Reply

          abbodi86
          AskWoody MVP

          UUP is for upgrades only.. so far 😀

          i tested it in its both forms:
          – canonical
          complete segmented ESD files

          – express
          differential delta-downloaded files = the exact mechanism used by regular Windows Update

          2 users thanked author for this post.
          • #95159 Reply

            ch100
            AskWoody MVP

            @abbodi86
            Do you know if UUP is related or uses DO or is an entirely new mechanism?
            Also do you know what is different between BITS and DO delivery mechanisms?
            I have a particular interest in DO and its configuration.
            There was another thread here dealing with DO and another issue not related, with posts only between me and one anonymous user which I think was lost when the site went down not long ago.
            I am currently of the opinion (unless or until someone convinces me otherwise) that the only reliable mechanism for Windows 10 1607 delivery of the updates is via BITS, i.e. option Bypass (100) in the Group Policy for DO.
            For 1507 and 1511 the only available good option which disables DO is option HTTP (0), which has different behaviour in 1607.

    • #95029 Reply

      abbodi86
      AskWoody MVP

      The March 2017 Preview is due next Tuesday, February, 21.
      Let’s see what surprise we will get.
      Maybe version 5 of KB3125574 with all outstanding issues from version 4 fixed?

      I’m pretty sure we won’t get new version of KB3125574
      because it contain .NET fixes, but no IE fixes
      while the Monthly Rollup contain IE fixes, but not .NET fixes

      they said that old fixes will be added on bulks, not whole 🙂

      and if the issue is withinh delivery system, we won’t see any updates till March 🙁

      • #95139 Reply

        ch100
        AskWoody MVP

        @abbodi86
        You don’t have to take everything seriously. 😀

        • #95151 Reply

          abbodi86
          AskWoody MVP

          Yeah, but i must find something to contribute 😀

    • #95079 Reply

      rc primak
      AskWoody Lounger

      While all this gets sorted out, I’ll continue to update third-party software and security software. But I would not trust Windows right now. I will continue doing the bulk of my work (and play) in Linux, at least until this mess clears up.

      -- rc primak

    • #96387 Reply

      anonymous

      So much for being careful on the web being enough:
      https://krebsonsecurity.com/2017/02/how-to-bury-a-major-breach-notification/

    • #96801 Reply

      anonymous

      From https://support.microsoft.com/en-us/help/894199/description-of-software-update-services-and-windows-server-update-services-changes-in-content-for-2017:

      “This is a summary of the new and changed content to be released on Wednesday, February 22, 2017

      New nonsecurity content:

      Windows Malicious Software Removal Tool – February 2017 (KB890830)”

    • #96903 Reply

      anonymous

      Today MSRT (KB890820) February version showed up and was installed with no problems. What is going on?
      Leif Lagerstedt

    • #97557 Reply

      anonymous

      Ahoy Cap’n Woody!

      Sainty Here.

      Just caught up with the Win Update No-Show for Feb.

      Hence MS-DEFCON 2, I presume.

      So nice of The MS-BORG to give us all a break this past month!

      Must have put “Take Me To Your Leader” on hold for the moment.

      Wonder Why…?!

      Heading for the Holo-Deck for the extra R&R – any suggestions what to play?

      Cheers!

      Sainty⚓️????

      1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: February’s patch Tuesday will be in March

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.