MS-DEFCON 2: Make sure auto updates is turned off, as MS re-re-…-releases KB 2952664 and KB 2976978

Topic

New Reply

We’re seeing a replay of February’s Patch Tuesday run – Microsoft re-releases snooping patches KB 2952664, KB 2976978 Except this time it isn’t Patch[See the full post at: MS-DEFCON 2: Make sure auto updates is turned off, as MS re-re-…-releases KB 2952664 and KB 2976978]

5 users thanked author for this post.

walker, WildBill, Morty, JDeC, Pepsiboy

Reply | Quote

Replies

As ch100 mentioned in another thread, these are new versions of these updates. The standalone updates were digitally signed on February 23, 2017.

Windows Update for Windows 7 shows two versions of KB2952664, both of which are classified as Optional updates, and both are unchecked by default.

4 users thanked author for this post.

WildBill, SueW, HiFlyer, ch100

Reply | Quote

Version 22 this time.

1 user thanked author for this post.

walker

Reply | Quote

v22 of KB2952664

v21 of KB2976978

Reply | Quote

Thanks to radosuaf for mentioning the 2 KB2976978 updates for Windows 8.1. Not doing Anything until woody gives the all clear… whenever that may be.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

These patches are only for Windows 7 and Windows 8, so isn’t Windows 10 still at Defcon 5?

Reply | Quote

The DEFCON number applies to all versions of Windows

Reply | Quote

Windows and Office.

Reply | Quote

I know it applies to all versions, that’s why I’m confused.

Why is Windows 10 now Defcon 2 when these new patches don’t apply to it?

Wouldn’t it make sense to have a slightly less generalized system?

Reply | Quote

It applies to ANY patches that are released until the number changes to 3 or above – any version of Windows, Office, etc

Reply | Quote

You hit on one of several fundamental flaws in the MS-DEFCON system. In order to be a bit more granular, I’d have to have separate MS-DEFCON levels for Win 7, 8.1, 10 Anniversary Update, possibly other versions of Windows, plus separate levels for Office 2013 and 2016 and Click-to-Run. Add to that the distinction between Group A and Group B, and I’d spend half my life just maintaining the MS-DEFCON list.

I decided long ago to keep it simple – basically go or no-go, with a bit of nuance.

Right now, it’s safe to patch Win10 – but there weren’t any patches for Win10 in Feb (aside from the Flash update), and those who keep up on the MS-DEFCON level have had a week to get Win10 patched.

A week from now, we’ll be in lockdown anyway for all versions of Windows and Office.

4 users thanked author for this post.

walker, ch100, Morty, HiFlyer

Reply | Quote

You may install as you wish, but for consistency, once new patches are released, until they are proved to be working as intended, all patches are considered rated at MS-DEFCON2.
This is even more important for Windows 10 which installs all updates in one batch once the Check for updates button is clicked or the update procedure has started in any other way. It is too late to make a selection by then, unless you use special management solutions.
Currently there are new patches for Office 2013 and Office 2016 which have just been released and the recommendation for the wider public is not to install yet.

If you want my personal opinion, I think the current Office patches are not faulty, I installed them all, but I am not concerned if I have to recover or uninstall patches which may be retired later by Microsoft or cause even worse problems. I can recover from ANY problem, including BSOD. There is a recent history of faulty Excel patches which have been retired, so for most people few weeks delay is more effective than installing immediately.

As I said earlier, you are under no obligation to follow the MS-DEFCON system and if you don’t and wish to effectively become a tester for everyone else, you are more than welcome to do so and provide feedback.
However, most readers here have found the MS-DEFCON very useful.

2 users thanked author for this post.

woody, walker

Reply | Quote

2 versions on Windows 8.1 as well – one dated Feb 21st, the other dated “Today”.

Fractal Design Pop Air * Thermaltake Toughpower GF3 750W * ASUS TUF GAMING B560M-PLUS * Intel Core i9-11900K * 4 x 8 GB G.Skill Aegis DDR4 3600 MHz CL16 * ASRock RX 6800 XT Phantom Gaming 16GB OC * XPG GAMMIX S70 BLADE 1TB * SanDisk Ultra 3D 1TB * Samsung EVO 840 250GB * DVD RW Lite-ON iHAS 124 * Windows 10 Pro 22H2 64-bit Insider * Windows 11 Pro Beta Insider

1 user thanked author for this post.

WildBill

Reply | Quote

Just because an update has a new version doesn’t mean the recommendation on its installation is any different. Once a dog, always a dog! If MS want to issue a new update with altogether different (and hopefully better) content they will give it a new number, and if it’s important that it should be installed they will categorise it as Important, not Optional.

Reply | Quote

I had to re-hide KB 2976978 last week when you first went to MS-DEFCON 5 Woody. Is it released AGAIN?

I wonder what good, productive things the team working on that privacy-invading stuff could actually be doing to make the OS better…

-Noel

1 user thanked author for this post.

HiFlyer

Reply | Quote

… or maybe make an updates system which doesn’t crash?

-- rc primak

1 user thanked author for this post.

HiFlyer

Reply | Quote

It’s Optional not Recommended, so no worries here. But I do agree there are more interesting things they could do for 8.1. Implementing Start menu and DX12 wouldn’t take much more time :).

Fractal Design Pop Air * Thermaltake Toughpower GF3 750W * ASUS TUF GAMING B560M-PLUS * Intel Core i9-11900K * 4 x 8 GB G.Skill Aegis DDR4 3600 MHz CL16 * ASRock RX 6800 XT Phantom Gaming 16GB OC * XPG GAMMIX S70 BLADE 1TB * SanDisk Ultra 3D 1TB * Samsung EVO 840 250GB * DVD RW Lite-ON iHAS 124 * Windows 10 Pro 22H2 64-bit Insider * Windows 11 Pro Beta Insider

Reply | Quote

the re-re-re-released KB295664 & KB2976978 updates will remain Optional until March 14 (patch Tuesday of March), by then the updates will become either Important or Recommended.

2 users thanked author for this post.

walker, ch100

Reply | Quote

EP wrote:

the re-re-re-released KB295664 & KB2976978 updates will remain Optional until March 14 (patch Tuesday of March), by then the updates will become either Important or Recommended.

As long as they’re not folded into the cumulative update…

-Noel

Reply | Quote

Don’t give them ideas…

César

2 users thanked author for this post.

PhotM, rc primak

Reply | Quote

@Cesar: Quick question….. how did you manage to get your attachment/gif in your post without having the ‘duplication’ of the attachment/gif as below mine…… LT

Reply | Quote

@lizzytish: I have the file (GIF image) stored on another server, and I’m hotlinking it in my signature using BBCode:

[ img ] http://www.example.com/image.gif [ / img ]

(remove all the blank spaces to make it work)

Hope this helps.

César

1 user thanked author for this post.

lizzytish

Reply | Quote

@LT/Cesar
Using the same example location, this is how BBCodes format the location, using the “img” command in the text editor box:

Just click the IMG box, and follow the prompts. If you do that in a reply post, you can then copy and paste that into your signature profile, as far as I can tell.
Great theory, poor in execution! I see your frustration, and I’m trying things without success too

3 users thanked author for this post.

Elly, Cesar, lizzytish

Reply | Quote

Many thanks Cesar and Kirsty for your help…….. trying yet again! LT

This is driving me nuts!!!! I’ve tried to link it to my dropbox and also to my website and
it’s just not working. Must be something obviously that I’m doing wrong but WHAT….. anyway
I will come back to this later and see what I can come up with. As you know Kirsty its just a simple jpeg (4k)   I have tried so many variables….. I’m going cross eyed.   I even put it up on my website on an html page……. but nothing seems to work.    I have checked that it comes up when I call up the html page and it does….. so it’s there….  it’s just the challenge that if Cesar can do it…….. it’s possible.     I will now go and catch up with stuff around the house.   thanks for everything Cesar and Kirsty………. much appreciated.   Onwards & Upwards  LT

2 users thanked author for this post.

Elly, Cesar

Reply | Quote

I only achieved success when I used a secure location for the online graphic.
There’s the secret (I hope):
[ img ] https://example.com/image.png [ /img ] (minus the spaces)

Reply | Quote

Yes………. thanks Kirsty….    That’s an attachment which I can do……. but what I wanted to do as you know was to include in my signature (as Cesar has done) and then you don’t get the ‘duplication’ of details below your message about the said attachment/image.     Remember I tried to do this at the early stages of the Lounge and we thought perhaps we weren’t allowed. But if Cesar can do it…….. it appears we can!      Ah well!   will mull it all over and try some more a bit later………… but many thanks for being there and helping out!   You’re the best!  LT

1 user thanked author for this post.

Elly

Reply | Quote

That attachment was a screenshot of my signature after I managed to add a graphic to it, before I deleted it

2 users thanked author for this post.

lizzytish, Elly

Reply | Quote

@lizzytish: try HTTP instead of HTTPS:

(And sorry for going completely off-topic. :$)

César

 

Edit: Oops, it looks like it doesn’t work, either. Maybe using a different server (some of them don’t allow hotlinking) or a different type of image (GIF seems to work fine) could do the trick.

2 users thanked author for this post.

lizzytish, Elly

Reply | Quote

Thanks Cesar……… I’m currently trying out the ‘gif’ idea via Dropbox…… and also giving it a little time to see if it goes through……… I remember hearing others say it sometimes is a little slow! and yesterday I tried Kirsty’s link an another server with images and that somehow worked after a few minutes! (apologies Woody for being off topic – AGAIN!) LT

PS…. Have waited for over 5 minutes…… so have reverted back to the .jpg checking that now. LT

1 user thanked author for this post.

Cesar

Reply | Quote

Looks good, LT. You’ve obviously located a secure source, as I mentioned yesterday

1 user thanked author for this post.

lizzytish

Reply | Quote

Aw!!! would you believe I can’t see it !!!! I’ve refreshed………. maybe I should close my browser……… and if that doesn’t work ….. delete the cookies….. I’m so glad it’s finally come through….. am just going to try and see on my husband’s computer…. It will be so nice to have sorted this out!!! Many, many thanks to you and also Cesar for your help! LT

PS…… Just seen it on my husband’s computer……… woweeee!   way to go!  Thanks again LT

1 user thanked author for this post.

Cesar

Reply | Quote

Just wanted to firstly let you know what the culprit was and secondly to put all this to rest finally. I could see my signature on my husbands computer but not mine. I cleared the cache, rebooted – still couldn’t see it. I also have IE – so opened that and was able to see it! So went back to IRON/chrome – couldn’t see it……….. then checked the add-ons/plugins on IRON……. and lo and behold it was Privacy Badger that was blocking Dropbox!! unchecked that et voila…… I could see my signature. In case anyone is interested in continuing this thread about BBCoding I started a forum https://www.askwoody.com/forums/topic/bbcode-and-html-how-to/ … bascially because I felt perhaps that the subject was irrelevant to others in this particular area. Apologies again Woody if I’ve over stepped the mark and thanks to you and all the others that helped!! LT

2 users thanked author for this post.

Cesar, Kirsty

Reply | Quote

Glad you finally figured out what the problem was. Nice picture, by the way.

César

1 user thanked author for this post.

lizzytish

Reply | Quote

They probably think they are improving the OS with the privacy-invading stuff.  After all, they got rid of most of the QA testers to save themselves a few bucks… which means regular paying customers are now doing the beta testing, whether they want to or not.  The problem is that most of them could not perform trials to narrow the scope of the bug or fill out a decent bug report to save their lives, so the monitoring and telemetry of everything that goes on in the beta tester’s Windows installation is that much more important.

It’s why MS is so dead-set against allowing people to turn off telemetry or to have control over updates (they must test the new beta releases as they come; we’re on a schedule here, you know).  Even at the expense of losing a number of customers, MS forges ahead with its forced updates and its telemetry… because SOMEONE has to do the beta testing, and if we non-enterprise users aren’t willing to do that, then MS has no use for us anyway.

Taking out the spying and forced updates would be akin to a major software company “downsizing” their beta testers.  That would be madness!  No serious OS provider would ever send its updates out into the wild largely untested.  Simply unthinkable!

3 users thanked author for this post.

Elly, lizzytish, walker

Reply | Quote

You got it. Although if push come to shove, I can see how in a pinch MS would dump untested stuff on users–less unthinkable than rehiring the professional testers. Nadella would not make his bonus.

Reply | Quote

There’s more money to be made in telemetry than there is to be lost. M$ will undoubtedly keep tracking their profit margins even more closely than they are tracking Windows 10 users.

-- rc primak

Reply | Quote

That was me again.  Wish there was a checkbox or something before an anonymous post would be sent…

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon 6.2
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, Kubuntu 24.04
Acer Swift Go 14, i5-1335U/16GB, Kubuntu 24.04 (and Win 11)

2 users thanked author for this post.

walker, Seff

Reply | Quote

I too have TWO KB 2952664 unticked sitting in Optionals on Win7 Pro 64bit. They have different dates that they were issued on (as per everyone else.) Now I wonder why are these 2 being offered. In my mind surely one would supersede the other? No ? why would one install both ?? (Not that I would) My Win7 machine is set to Check but don’t download/install.
I’m presuming that would also be the case on my husbands Win8.1 machine, but I’ve locked that down to Never Check for updates so not able to see or want to see what’s on offer there at the moment! LT

“Unless someone like you
cares a whole awful lot,
nothing is going to get better.
It’s not.” – Dr. Seuss

1 user thanked author for this post.

Elly

Reply | Quote

When the files are two different versions (the latest is v22) they are actually two different entities with the same number. You will usually find that one is optional (probably the latest) and one is recommended (the older one). When MS promotes the latest one to recommended, it will supersede the older one and the latter will become unavailable (disappear).

MS practice has been to stage upcoming important updates through the optionals. They are optional until just before patch Tuesday release (some time Monday or early Tuesday morning. Then they disappear from the optionals and when updates are released on Tuesday they show up checked in the important list. They have peen promoted to recommended and the earlier one is retired/superseded.

Clear as mud. Right?

5 users thanked author for this post.

Elly, walker, ch100, HiFlyer, lizzytish

Reply | Quote

“Then they disappear from the optionals and when updates are released on Tuesday they show up checked in the important list.”

I might add here… this only happens if you have the “Give me recommended updates the same way I receive Important updates” option checked. If you don’t have that option checked they stay put in the Optional group.

5 users thanked author for this post.

Elly, Pepsiboy, ch100, HiFlyer, SueW

Reply | Quote

Was trying to reply to PKCano’s answer and found after I had hit submit the notice came up that the comments were closed!!! Nice to see it re-opened!

PKCano wrote:

Clear as mud. Right?

all I wanted to say was : Yep….. your answer was clear as mud! and that possibly sooner than later will be even clearer after the rinsing/spinning cycle in the MS Washing Machine has
finished. Thanks for replying so quickly! LT

Reply | Quote

I had a report that this Topic was closed. Sorry about that – internal hiccup. It’s back open for business now.

Thanks to whomever submitted that “Report” – that’s exactly how reports should work.

5 users thanked author for this post.

Elly, Pepsiboy, walker, ch100, lizzytish

Reply | Quote

That was me Woody, I was trying to reply to PKCano’s comment.

3 users thanked author for this post.

woody, ch100, Noel Carboni

Reply | Quote

It had been here for almost 3 years, and it’s a long time towards 2020/2023

you better/should get used to it, nothing to panic

2 users thanked author for this post.

ch100, lizzytish

Reply | Quote

Not really panicking just trying to get a handle on it!!! which I think I have with all your help!
thanks, LT

Reply | Quote

Sorry, no topic yet for this IMPORTANT “Windows 8.1 driver” update I received today:

Microsoft – WPD – 2/22/2016 12:00:00 AM – 5.2.5326.4762

Very strange it’s dated “2016”.  Not sure what this does.  Will avoid it for now.

 

Reply | Quote

WPD = Windows Portable Devices = MTP Device = USB Media Devices

such as smart phones

1 user thanked author for this post.

walker

Reply | Quote

This WPD Driver Update shows up as an Optional (by Recommended) update in Windows 7.

Reply | Quote

Just got it posted.

Sounds like another one of those weird driver updates, like we saw in December.

https://www.askwoody.com/2017/mysterious-win10-update-microsoft-wpd-2222016-120000-am-5-2-5326-4762/

Reply | Quote

I got a post for this Topic that said, basically, “cant anybody say directly to MS that we dont want their furshlinger malware and spyware so maybe they would stop throwing out this kind of cr*p?” Pardon my bowdlerization.

I wanted to make “anonymous” very aware of the fact that we complain constantly, and nothing’s being done about it.

You, on the other hand, CAN do something about it. Tell your friends and neighbors – and friends’ neighbors’ car mechanics and father confessors – that there’s a problem with Windows updating, we know there’s a problem, and they can help by chiming in on any public forum. They should also be made aware of the alternatives to Windows.

2 users thanked author for this post.

Elly, lizzytish

Reply | Quote

Off topic a bit…. but in relation to your comments above about every one giving voice to complaints to MS. I was looking on line for some thoughts on SKYPE. I have it but don’t use it much lately, and all of a sudden MS in their wisdom have locked me out and told me I need to update in order to sign in. I have never had that from them before so was most incensed about it and shut SKYPE down. My feelings for not wanting to update to a newer version is basically I wonder if they might be including more telemetry/snooping in it. I was on a page where in 2012 SKYPE had been installed on business computers and the ADMINS were up in arms about it all….. it was rather good reading and the ADMINS were really lashing into MS and telling them not to keep repeating that this wouldn’t happen, because IT DOES. Susan Bradley too was in the conversation. (think it was a TECHNET page) Reading about it………. yes MS seems to be rather thick skinned and also seems to turn a deaf ear to all the complaints……….. even then……
We need a MISCROSOFT SPRING…… perhaps to enlighten them! LT

I know a guy who’s addicted to brake fluid. He says he can stop any time.

1 user thanked author for this post.

Elly

Reply | Quote

Woody,
Well, I got those 2 PLUS updates for KB2992611 (Security update), KB2973337 (Windows update), KB3042058 (Security update), KB3172605 (Windows update). I know the ones you mentioned should be hidden, but what about these other 4? I’m thinking HIDE ! ! !

Dave

Reply | Quote

Well, it’s Saturday and I haven’t seen anything new show up on WU on my Win 7 machine. It’s still showing the January All in one roll up, Group A update.  I’m a Group B’er so there’s nothing for me, but I should have gotten something for March by now.  Guess I’ll check the MS Update Catalog and see if there’s anything there.

Being 20 something in the 70's was far more fun than being 70 something in the insane 20's

Reply | Quote

Patch Tuesday isn’t until the 14th – this coming Tues. And you don’t want to install then anyway.
WAIT for Woody to change the MS-DEFCON number to 3 or higher.

Reply | Quote

Thanks, guess I’ve got too much on my mind and didn’t look at my calendar.  I’ve been using Woody’s advice for a long time and always wait until he gives the update approvals.

Being 20 something in the 70's was far more fun than being 70 something in the insane 20's

Reply | Quote

I have WU set to check for updates but let me choose when to download and install.  Today it searched for updates…but I noticed that KB2952664 was no longer showing up in the list of Optional updates.  I have never installed this and have had past releases hidden and recent ones just sitting in Optional unchecked.  I noticed today that my list of hidden updates is completely gone.  Microsoft must be updating so I guess we’ll see if they roll 2952664 into cumulative updates or bring it back as Optional.  I checked my installed updates to be sure it didn’t get installed automatically and it didn’t. So MS must have pulled it getting ready for Tuesday’s updates.  It’s not in important update list either

1 user thanked author for this post.

ch100

Reply | Quote

@Pixie
You picked the retirement of the KB2952664 right.
KB2976978 and MSRT – November 2016 version have also been retired as part of the regular cleanup.
It is expected that KB2952664 and KB2976978 to return as Recommended during the next release or earlier.

4 users thanked author for this post.

Elly, Pixie, Pixie, abbodi86

Reply | Quote

Hey Woody,

It is gone??? KB2976978 ????? I went to install it on my main partition as I have done with all of them and it is not there like you saw here.

I wonder what they are up to know???? On Sunday not Monday???

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

Reply | Quote

kb3150513 just appeared this morning on Important tab as Recommended Update published 5/11/2016. More information link page at bottom states Article ID: 3150513 – Last Review: Mar 15, 2017 – Revision: 7.

Edited to remove code

Reply | Quote

That is a compatibility definition update (telemetry/compatibility). The prerequisites are KB2952664 (Win7) and KB2976978 (Win8.1). These two updates were reissued this month in their 22nd and 21st revisions respectively. Depending on your version of Windows, you probably installed one of these updates recently, then KB3150513 appears in Windows Update.

It is also being offered on Win10 1511 and 1607 after the install of the March patches and a reboot.

Edit to add Win10 info

Reply | Quote

KB article says “Last Review: 15 Mar 2017”, so it might have been re-released as well… Although looking at file dates, only W10 ones were updated (11 Mar)

Fractal Design Pop Air * Thermaltake Toughpower GF3 750W * ASUS TUF GAMING B560M-PLUS * Intel Core i9-11900K * 4 x 8 GB G.Skill Aegis DDR4 3600 MHz CL16 * ASRock RX 6800 XT Phantom Gaming 16GB OC * XPG GAMMIX S70 BLADE 1TB * SanDisk Ultra 3D 1TB * Samsung EVO 840 250GB * DVD RW Lite-ON iHAS 124 * Windows 10 Pro 22H2 64-bit Insider * Windows 11 Pro Beta Insider

1 user thanked author for this post.

ch100

Reply | Quote