MS-DEFCON 3: Time to get patched, but watch out for a few gotchas

Topic

New Reply

InfoWorld Woody on Windows. In many ways it’s easier getting up to date this month than at any time in recent memory. There wasn’t any patch for Windo
[See the full post at: MS-DEFCON 3: Time to get patched, but watch out for a few gotchas]

Reply | Quote

Replies

So once the article posts, we’ll know which updates to install and what ones not to install since you said to watch out for a few gotchas.

Reply | Quote

Yep. It’s lengthy, but easy to follow.

Reply | Quote

I just checked my adobe reader a noticed it installed the latest patch by itself, should I roll back?

Reply | Quote

what version of Adobe Reader do you have, SH?

If it’s Adobe Reader XI or earlier, there’s an option to disable automatic updates for Adobe Reader and you could uninstall it and install an older version [and also disable the “Adobe Acrobat Update Service” from the services.msc dialog box]. If it’s Adobe Reader DC version, then you don’t get the option to “roll back” updates or disable automatic updates. The DC version of Adobe Reader uses “forced” auto updates similar to Windows 10.

Reply | Quote

More important is that you check Chrome and make sure the extension is deleted or deactivated.

Then figure out a way to use something other than Acrobat Reader.

Reply | Quote

I appreciate Woody’s clearly written article on installing January’s Windows patches. Interestingly, on my Windows 7 x64 machine, the only patches Windows Update offered this month were the January Security Monthly Quality Rollup (KB3212646) and the Windows MSRT (890830). There were no Office 2010 patches, .Net updates, or anything else offered.

Reply | Quote

I dont use chrome much, and i rarely touch adobe, only when I need to scan a few documents, but I will deactivate the extension just in case, thanks for the tip

Reply | Quote

Q:if i have a laptop with one monitor, switchable graphic card & and i run games with 3D rendering ” my 4 years old laptop ” 1511 win 10, am i safe to patch since i do not wanna deal with MS lousy patchs on this lappy ” study play for my kid “

Reply | Quote

Win 7 64 Hm Prem Group B: Uneventful rapid install of KB3212642 Security Only Update & MSRT.

In FF Applications If “Preview in Firefox” is Selected for PDF Vs. Optional Use Reader DC or Acrobat in Firefox does THAT solve the Spy issue?

Do alternate PDF Readers(Foxit, Sumatra, etc. ) install Plugins for IE 11 (which I rarely use}? Foxit speaks of OS compatibility Vs Browser so I’m not sure HOW IE Alternates work WITHIN it. Anyone know?

Reply | Quote

You’re lucky! Must be living the right way….

Reply | Quote

Noted 🙂
thanks woody

Reply | Quote

I use Windows Update MiniTool so I don’t have to be afraid that Windows will update my drivers. This tool will find new drivers but there is an option to hide them and don’t update them.

Reply | Quote

I’m in Win 7 group B and when I check for updates I do not find KB321642 but I do find KB321646 which I did not install.
What gives?

Reply | Quote

Those in Group B have to manually download and install the Security-only patch, KB3212642. When you run Windows Update, you get the Monthly Rollup, KB 3212646 – which is the patch for folks in Group A.

It’s ridiculously complicated, but those are the hoops those in Group B have to jump through.

Reply | Quote

Exactly the same for me.

Reply | Quote

@Woody:

I am seeing a “different” instruction as follows for Group B, updats:

Step B3: Get your settings right.
****Then check the box marked “Give me updates for Microsoft products and check for new optional Microsoft software when I update Windows.*****

This is “new” as in the past I just did the DL and installed the “Security Only” update from the link in your message, and then checked for the updates.

ALSO, a question regarding the “need” to stop the Win Update Services, which the last time was not required. Is this still not required?

Apologies for the questions, however with this “new” instruction about checking the box for MS products, etc. I just want to verify that is necessary.(???).

Thank you once again for all of your help. 🙂

Reply | Quote

What are some good free .pdf readers?

I’m tired of Adobe’s…stuff.

Reply | Quote

See https://www.askwoody.com/2017/latest-adobe-reader-security-patch-installs-chrome-spyware/

Reply | Quote

That’s for folks who have Office installed.

Reply | Quote

OK what are the hoops?

Reply | Quote

I need to update my post directly above.

I also saw this in Optional (unchecked):

“INTEL – System – 10/3/2016 12:00:00 AM – 10.1.1.38

Download size: 58 KB

You may need to restart your computer for this update to take effect.

Update type: Optional

INTEL System driver update released in October 2016

More information:
http://sysdev.microsoft.com/support/default.aspx

Help and Support:
http://support.microsoft.com/select/?target=hub”

I hid it, and I’m sorry if this has particular update has been discussed here before (I’ve been a very very busy dude the last couple-three weeks); I did read the notice about a month? ago about the Intel “mystery” patches and hid those then as well. Is this one of those?

Reply | Quote

Thanks, Boss. 🙂

Reply | Quote

Btw woody, I’m group A and read some stuff about the monthly rollup wrecking the pc audio on64 bits win7, I run 32 bits win 7 pro, should I be worried?

Reply | Quote

Looks like the problem was with the audio driver. I say go ahead.

Reply | Quote

My Win7x86 machine (Group B) only came up with the security rollup, MSRT & .Net patches. None of the optional patches were checked (and remain that way). It’s worth noting that I have no MS Office or any other MS software (aside from Win7 itself) installed on this box, nor do I have any Adobe software on ANY of my gear – with the exception of Photoshop CS2 on an old WinXP box.

Guess I’m good to go?

Now to go check my Win8.1 rigs…

Reply | Quote

See https://www.askwoody.com/2016/bottom-line-dont-install-the-intel-system-8192016-120000-am-10-1-2-80-patch/comment-page-1/

Reply | Quote

See the article.

Reply | Quote

So, no problem then? Since I dont have have much memory on my pc I cant create restore points, so I would be pretty screwed

Reply | Quote

Make a backup copy just in case, but yeah, the coast is clear.

Reply | Quote

I have a netbook (so no CD drive), but i will install them later, and if anything goes wrong I’ll report here *fingers crossed*

Reply | Quote

@Craig: look here for info on SumatraPDF:
https://www.sumatrapdfreader.org/free-pdf-reader.html

I have this installed on all my machines and Sumatra loads much faster than Foxit Reader and Adobe Reader.

Reply | Quote

Win7 x64 Group B here.

No problems with install, checked with SFC /SCANNOW afterwards and all seems clear.

Reply | Quote

@ Woody

Are we certain the malware is on the version 11 series of the standard reader, which remains still available?: https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotes/11/11.0.19.html

Reply | Quote

I haven’t heard anything to the contrary.

Reply | Quote

Thanks, EP. Sumatra PDF Inst’d and so far so Good.

Reply | Quote

Been using Sumatra for some time, nice little program.

Reply | Quote

Use a flashdrive or USB external HDD for backup.

Reply | Quote

after installing security only update (KB3212642) and this servicing stack (kb3177467) another search for updates shows kb3185278. what is it and should i install it?

Reply | Quote

I don’t have any Office 2010 updates showing in WU either. This is really a first!

Reply | Quote

Woody:
I did not see your usual link to the the Windows 7 patches we are supposed to do.

Reply | Quote

Woody, the KB 3212642 Security Only update for Win 7 64 bit does not contain an update for IE-11. Does that mean there isn’t an update for IE-11 this month or do I have to hunt for it somewhere else?

Reply | Quote

Win7x64 Group A here:

After install the “January 10, 2017—KB3212646 (Monthly Rollup)” my pc start to crash, restarting without advise or something. when i revert my pc to december (using 3rdparty backup software) my pc back to run again smooth and fine.
as a bottom of line, before revert, my records say: System warning: SYSTEM Microsoft-Windows-Kernel-PnP

Reply | Quote

Is it possible you installed a driver update?

Reply | Quote

That’s correct. There is no update this month for IE 11 – neither Security nor Non-Security.

Reply | Quote

It’s all in the InfoWorld article.

Reply | Quote

Woody, just thought I’d mention that I don’t have the issue of getting nothing when I click on the “More Info” link in WU. it takes me right to the KB article for KB3212646.

Reply | Quote

Yep, they resuscitated the KB article. There’s some speculation as to why it disappeared.

Reply | Quote

@Woody:

Thank you so much for answering the question I asked!! I appreciate your help MORE than words can say! 🙂 🙂 🙂

Reply | Quote

I don’t suppose someone could simply compile a short list of links to ALL the Group B security patches for Windows 7? Cause I’m having to sift through layers and layers of pages to find what I can only assume are the right things to download. Plus, I can’t be sure I got all of them.

Reply | Quote

Okay, think I figured it out. I’m running W7 x64. So I need the past four Security-Only updates, in order:

KB3192391 (October 2016)
KB3197867 (November 2016)
KB3205394 (December 2016)
KB3212642 (January 2017)

Reply | Quote

I like PDF-XChange Viewer: https://www.tracker-software.com/product/pdf-xchange-viewer . Allegedly, the Viewer has been discontinued and replaced by the PDF-XChange Editor, but there was an update for the Viewer in November.

Reply | Quote

Correct.

Reply | Quote

Sorry. It’s on the to-do list, for when the Lounge appears.

Reply | Quote

How much space does it require? My pc only has 50gb, and i have a few spare 16 gb flashdrives laying around

Reply | Quote

I only have 2 updates on the list, kb3212646(the rollup) and the malicious software removal tool, do any of those include these bad driver updates?

Reply | Quote

wow,it certainly does load faster.

Reply | Quote

Thanks Woody ?

Reply | Quote

It’s only in DC version. Not in 11 version and not in DC longterm branch (you probably don’t have that one).

Reply | Quote

so today i ran wushowhide & i discoverd that MS UNHIDDEN feature update 1607 on my machine, wtf? seriously? i do not want to upgrade to that viruse & apperently MS wont make it easy as a choice, now what should i do? close the malware called windows update?

Reply | Quote

You can use wushowhide to stay on 1511 for as long as you like. Not sure how it was unhidden, but hide it again.

Reply | Quote

Rt Clk a PDF/Open With + Choose Default Program made Sumatra the Default Reader; Wasn’t sure How IE 11 would handle Alt. reader. Fast it is!

Reply | Quote

New version released, this time all we get it, wether defered or not
https://blogs.technet.microsoft.com/windowsitpro/2017/01/19/windows-10-v1607-media-now-available/

Reply | Quote

today it got unhidden on 3 pc’s i know about including mine according to the replys on twitter, i unhidden it again of course waiting for the unicorn called MS-DEFCON 5 😀

Reply | Quote

I recommend changing a few SumatraPDF settings for security and usability reasons; see https://www.askwoody.com/2017/latest-adobe-reader-security-patch-installs-chrome-spyware/comment-page-1/#comment-114660.

Reply | Quote

You’re saying the 1607 upgrade got unhidden on more than one machine?

Reply | Quote

Soooo… anybody who has manually hidden the 1607 upgrade, using wushowhide, will receive 1607 today?

Yikes.

Reply | Quote

exactly

Reply | Quote

Yes, that’s the purpose of declaring CBB 🙂
Windows 10 users must stay current

Reply | Quote

OK, but 1511 is still supported, and will be for quite some time.

???????

See https://www.askwoody.com/2017/win10-machines-with-1607-upgrade-hidden-are-getting-upgraded/

Reply | Quote

Sure, that’s why there is group policy for Pro to defer the feature upgrade more 8 months
http://www.computerworld.com/article/3005569/microsoft-windows/how-to-defer-upgrades-and-updates-in-windows-10-pro.html

the regular “Defer upgrade” setting = defer 4 months (that’s ended now)
the group policy “Defer upgrade” = up to 8 months (that’s started now)

Reply | Quote

C:Users
Right click on the folder and choose “Properties.” This will give you the size of your user DATA. This does not include the OS and programs. You can copy Documents, Music, Pictures, etc if there is enough room on your flashdrive.
To back up the OS and Programs, you will need to make an image. Macrium Reflect (or something equivalent) is free software that does this. You can use this to back up the whole thing – OS, Programs and data. It will take more than 16GB, so you will need a small external USB hard drive.

Reply | Quote

Right, but I didn’t know that wushowhide would get overriden with this new update.

“Defer upgrade” in 1511 and “Defer feature updates” in 1607 are for four months, as best I can tell. Aug. 2 + 4 months = Dec. 2. And I realize that releasing the 1607 “CBB” bits yesterday makes a difference. But I had no idea that it would override the wushowhide setting.

Reply | Quote

@honx re. KB3185278

read this:
https://support.microsoft.com/en-us/help/3185278/september-2016-update-rollup-for-windows-7-sp1-and-windows-server-2008-r2-sp1

AND THIS (wifi issues):
https://social.technet.microsoft.com/Forums/lync/en-US/789f5266-fb6a-4878-bafc-23d1ab9d8ec8/kb3185278-wifi-issues?forum=w7itpronetworking

Reply | Quote

I’ll look into this then, thanks for the info. I’ll also free some space and see if I can fix the restore points, for some reason they disappear everytime I reboot the pc, so I assume it is a memory (i have 2gb of free space and 469mb dedicated to the restore points)

Reply | Quote

I’m in Group B, have been since it started. KB 3212642 Security Update for Windows failed on my Win 7 Home Premium SP 1 netbook. It created an infinite loop updating / rebooting. Using repair disk, tried restoring to most recent restore point. Failed. Tried Repair, which failed a few times, but each time I rebooted there were more options on what I call the Safe Mode Selection screen. On the 3rd or 4th try, repair worked.

Reply | Quote

Oops. It’s a 64-bit installation.

Reply | Quote

Although I am on Group B (Win7x64), I had one Optional, unchecked, for “INTEL – System – 10/3/2016 12:00:00 AM – 10.1.1.38” (a driver). Is it possible that you might have inadvertently installed any Optional software?

Reply | Quote

@ SH ……. If yr Win 7 C:/Drive is about 30GB in used space, u can try using the High compression setting in Macrium Reflect Free to create the System Image on a 16GB USB-stick. If unsuccessful, use/buy a 32GB USB-stick or an external USB Hard-drive.

Reply | Quote

so better not install it and hide it, i guess…

Reply | Quote

Is the same drivers from december

Reply | Quote

that update don’t appear in my update list (i have amd based computer)

Reply | Quote

Group A person reporting in. KB3212646 failed to install the first time around, but succeeded the second. No issues to report as of yet, but I will be keeping an eye on things over the next few days before I’ll be willing to say I’m in the clear.

Reply | Quote

i forgot something really important: Thanks!! =)!!

Reply | Quote

🙂

Reply | Quote

I’m confused, did you install the drivers seperately or not?

Reply | Quote

@Woody:

Group B
Win 7 x64, Home Prem.

Question about “hiding updates” which we don’t intend to Install. I’ve seen various opinions on the issue of “hiding”, and with TWO updates sitting in Optionals (UNCHECKED) should these be hidden??

From what I’ve read these are best to not install. Is it best to HIDE them, or just leave them there? One is INTEL, and the other one is Realtek Semiconductor.

ALSO: Question about KB3212646 – – – the January Monthly Quality Rollup for Win 7 x64. This is one which GROUP B does not install. Should it be HIDDEN, or just left in the updates? This one still has the original date of JANUARY 11TH I think.

I understand the reasons why some do not want to “hide”, however what is the “PREFERRED” method – – – – To HIDE or NOT TO HIDE??

Apologies for asking, however I don’t know what is the “PREFERRED” method. Thank you for all of the help you provide to us all!! 🙂 :0 🙂

Reply | Quote

There’s never any reason to hide anything.

Reply | Quote

@ SH ……. Data stored on a USB-stick is rated to last for UP TO 10 years but in practice, may only last for about 3 years b4 the data is lost/corrupted.
……. Data stored on a write-once DVD is rated to last up to 100 years.

So, u should refresh the system image stored on a USB-stick about once a year by copying the system image to a cptr n then writing it back to the USB-stick. Or create a newer system image on the USB-stick about once a year.

Reply | Quote

So both my husband and I are in Group A (find anything else too complicated). I installed both the MSRT and the January monthly rollup (KB3212646) on both of our pcs (Windows 7 home premium 64 bit) last night. Everything seemed to go fine, took about 25 mins to download, install and then reboot. After restarting I turned off my husbands pc, the trouble came when he turned it back on today. He got a “Failed to connect to a windows service” message in what looked like a speech bubble coming off his taskbar. It said that Windows could not connect to the System Event Notification Service service. What happened and what does that mean? Did it have anything to do with the either of the updates? We tried restarting the pc but it wouldn’t restart it just removed everything from the desktop but the background picture and that just hung there. The on/off button had to be held down to shut the pc down. We rebooted his pc again but it still gives the same message.

Reply | Quote

Most likely you’re having a problem with an antivirus product.

But if that doesn’t free the system up, look here:

https://social.technet.microsoft.com/Forums/office/en-US/21488611-2011-4242-90a5-ba1f536ca5f6/could-not-connect-to-system-event-notification-service?forum=w7itprogeneral

Reply | Quote

@Woody:

Thank you once again! 🙂

Reply | Quote

Thank you for your reply Woody. As far as I know the only antivirus product that we use is Microsoft Essentials. We use Malwarebytes as well but that is something different, as far as I know. I let it sit for a bit and then shut it down and starting it from fresh (instead of just trying to restart it). Upon rebooting everything seemed to open fine and is working well. Now I am timid of shutting it down again for fear that it will happen again. Is this something that could/will reoccur?

Reply | Quote

I should have also said thank you for the link, I have read the article but when it comes to computers it is all gibberish to me.

Reply | Quote

I attempting to get the Windows7 ‘Security Only’ rollup KB 3212642, but when I select Method2 (Microsoft Library), I am being asked to install ‘ActiveX’ which when read about can cause problems with files etc… it appears like I cannot proceed without doing this install. This never happened with downloading the previous Monthly Security Rollups. Any suggestions?

Reply | Quote

But by the same token, is there any reason not to hide an update you don’t intend to install?

By not hiding it, you simply build up a collection of visible updates you don’t want and have to remember each month which they are and whether you want them or not. Moreover, if by chance the machine installed the updates without being prompted by the user (which has happened!) then all the unwanted ones will get installed along with any you might want.

If a hidden update gets revised or upgraded to Important then it will be re-offered anyway.

I’ve always followed the maxim that if there’s an update I don’t want either because it’s bugged, or it’s for a driver or something else I don’t need, then it’s best hidden and out of the way. Is that wrong?

Reply | Quote

All the same, I will wait until end of January to see if any later “Gotchas” occur from the 1st responders.

I always immediately install the Malicious Check utility.

Everything else I wait.

I am in Group B.

Thanks for this site Woody.

Reply | Quote

Yes. ch100 has a lot of experience with hidden updates that go wonky.

That part about being re-offered is 1000% correct. But a re-issued patch will be re-offered, even if you’ve hidden it! We’re seeing that play out with the Win10 version 1607 upgrade on Friday.

Reply | Quote

Not sure where you got a “Method 2.”

As explained in http://www.infoworld.com/article/3158713/microsoft-windows/nows-the-time-to-patch-windows-and-office.html , you can just download it, with any browser.

See Step B1.

Reply | Quote

Naw, it sounds like you’re over the hump. If it’s working fine on a reboot, there’s a 99% chance it’ll be fine when you reboot again.

Reply | Quote

???

***
KB 3212642, is NOT the “rollup”.

It’s the “Security Only” update listed as follows:

Security Only Quality Update 3212642

Reply | Quote

Woody,

I’m solidly Group B and security/privacy conscious. Could you please address these 3 items. I think the answers may benefit many of your readers:

1. The direct links to security-only Windows updates on the InfoWord are great, but shouldn’t we be concerned that the website is not secure (https)?

2. KB3212642 when downloaded from the above site has a very long alphanumeric sequence attached to it. Is this to facilitate MS tracking, or is it not an issue?

3. When is a good time to use “Clean up system files” on Windows Disk Cleanup utility?
I understand it can save GB of data but could limit future removal of problematic Windows updates.

Thanks for all your work and assistance.

Reply | Quote

1. If you are worried about somebody hijacking the link to the download – and the download is on Microsoft’s site – then, yes, I guess you should be concerned. I need to get the links set up here, where we have https everywhere.

2. Not an issue. Microsoft uses the ID for its own internal purposes.

3. Individual choice. Some people have LOTS of extraneous system files, and they should probably run cleanups after they’re happy with the latest build. Most people have enough hard drive space that it doesn’t really matter. The next version of Win10 (Creators-no-hyphen Update) will make it easy for you to automate the job.

Reply | Quote

It’s generally right, but not with respect to cumulative updates (Monthly Rollups).

You will not be offered this month’s Rollup next month anyway. On the other hand, you’ll be offered next month’s Rollup regardless.

There is simply no point in hiding a cumulative update.

Regards, VZ

Reply | Quote

My view: “For Windows 7 users who use Disk Cleanup to remove superseded updates (see https://support.microsoft.com/en-us/kb/2852386), I recommend that you use it immediately before installing the monthly Microsoft updates.” – see https://www.askwoody.com/2016/patch-tuesday-for-win7-and-8-1-brings-order-but-its-still-too-early-to-install/comment-page-2/#comment-111730.

Reply | Quote

Okay, Thank you for your help once again! We shall see what happens after the pc is shutdown the next time.

Reply | Quote

i do not install any -intel- driver because my pc is a -amd- based, and, i do not upgrade any driver from…. july

Reply | Quote

Group B Windows 7 x64 user reporting that everything was smooth. The best part is that checking for updates took less than 10 minutes instead of over 2 days! Only the MSRT showed up, no Office patches. Thanks for all your guidance, especially over the past few months.

Reply | Quote

So you only installed the roll up rigth? Are you still getting problems?

Reply | Quote

So you only installed the january roll up rigth? Are you still getting problems with the pc crashing?

Reply | Quote

Woody,
Group B Win7x64 and I had only 1 Office 2010 KB3115475 from Aug 16, 2016 update. Is this one ok?

Reply | Quote

I don’t think the Disk Cleanup is a good choice if you are in Group B.
In fact you should not use Windows Update at all if you are in Group B, unless you use an enterprise managed solution.

Reply | Quote

Yep.

Reply | Quote

ch100: please clarify. How else do those of us “home users” in Group B find and install relevant updates to Office or .Net but to use WU?

Of course, we use WU only AFTER we’ve followed Woody’s instructions to download/install a given month’s Security Only Quality Update for Windows 7.

Reply | Quote

Realize that I stand by my instructions. ch100 has a different opinion – which is fine. There’s no one “right” way.

Reply | Quote

🙂

Reply | Quote

Exactly, so i finished block that update and wait for the next month

Reply | Quote

I installed the January update (Group A) and everything was fine for a day but now I have lost my audio. Is there a known issue with this?

Reply | Quote

Woody,
the instruction you mentioned in the article for group B, “If you see any “Security and Quality Rollup for .Net Framework” boxes checked, leave them checked.”. But aren’t Group B supposed to only install the security-only .Net framework patch instead? Thanks.

Reply | Quote

As Abbodi explained, this month the .NET Security and Quality Rollup is the same thing as the Security Only patch.

Reply | Quote

If your audio worked immediately after rebooting, following the January cumulative update – and it isn’t working now, the problem isn’t with the update.

Reply | Quote

I see. It seems the .Net Security and Quality update is the better choice since it covers all the .Net versions while the security-only just covers the latest one. I have already installed the security-only before realizing this fact. Well, better install the other one then because I also have other versions of .Net installed which I still intentionally keep installed for the sake of certain app’s backwards compatibility issues that might happen. Thanks again.

Reply | Quote

I am embarrassed to tell you this…it was my headphone connection causing the problem. A wire had become frayed, which I only discovered after searching everything else for hours. It was your reply that made me look at other possible causes and there it was in plain view.

I wanted to let you know so that others would not worry about a potential audio issue. I updated 3 Win7 64 bit machines and they all work fine with the January update (group A).

I have sent a Paypal donation as my way of thanking you for all the helpful advice I receive here.

Reply | Quote

Glad to hear it turned out well.

Donations are greatly appreciated!

Reply | Quote

Hi, I’m a lax Group B member and it’s been a while since I checked in here. I haven’t been keeping up with the security-only updates. Checking my update history, I see that I installed the November update but not the October one. If I understand correctly, these are not cumulative so I would have needed the October one first. Can I install it after the fact, and then go on to install December and January? (Or do I need to uninstall November and then reinstall it after the October one?)
Also, I have my Windows Update set to never download anything, period; and yet my update history shows Microsoft Security Essentials updates for practically every single day, many of them optional. Is this something I should be worried about? (It worries me that I don’t understand it.)
Thanks for your help!

Reply | Quote

No need to uninstall Security-Only patches. You install each of them independently.

I wouldn’t worry about MSE updates. They’re innocuous.

Reply | Quote

Hi Woody,

I have not be able to get or install updates for several months. Now my Windows 7 updates include 47 important updates most of them security. Some are almost a year old. Is it okay to update?
Thanks

Reply | Quote

Yes. Any time you’re installing Win7 fresh, or you’ve waited a long time to get caught up, it’s well worth installing everything. Assuming you’re in Group A

http://www.infoworld.com/article/3128983/microsoft-windows/how-to-prepare-for-the-windows-781-patchocalypse.html

Just run through Windows Update repeatedly until it’s done.

Reply | Quote

Given your answer above and that they are not cumulative, I am assuming that it is OK to install Oct/Nov/Dec/Jan Security Only updates in one session without the need to restart between each one. Is that correct ?

Along with the speeded up WU check as well, this will reduce the time needed to update several machines if I don’t have to do multiple restarts.

Reply | Quote

+1

Reply | Quote

Don’t really understand your response to #1. Are you implying that a hijacker could modify the download module?

Reply | Quote

Not necessarily, but a man-in-the-middle attack is certainly feasible.

Reply | Quote

Try it. If they need a reboot, they’ll tell you.

Reply | Quote

I did research on this recently; see https://www.askwoody.com/2016/turn-off-windows-update-if-you-want-to-force-feed-individual-patches/#comment-112244.

Reply | Quote

It happens to all of us now and then. I sometimes have a brief moment of panic when I try to watch something on Youtube and get no sound… only to look up and realize I’d forgotten to turn my speakers on 😛

Reply | Quote

Thank you for writing this…it’s good to know I’m not the only one that has those ‘oops’ moments!

Reply | Quote

It’s that time of the month again…

Done all the updating with the security-only patches you’ve linked for october, november and december in the (http://www.infoworld.com/article/3158713/microsoft-windows/nows-the-time-to-patch-windows-and-office.html) article, ran windows update and found only kb3187754 (from september, weirdly), and uh…one other that i can’t find anywhere all of a sudden,
but ignoring that second one, if i have indeed done everything else correctly, was i also supposed to install kb3187754 (as it was already checked when manually searching for updates with WU)?

Does it sound like i did things correctly, or does something sound worrying?

(Microsoft, for a company with “soft” in it’s name, you sure make it hard for us…)

Thanks for any help Woody, i don’t know what i’d do without you…(Probably go to camp W/C or something).

Reply | Quote

You’re doing fine. Yep, install 3187754, if it’s still being offered.

Reply | Quote

Alright, will notify if i run into any problems 🙂

Reply | Quote

I would be interested to know what @abbodi86 has to say about the practice of hiding updates. We may find a definitive answer after all.

Reply | Quote

Here, here!

Reply | Quote

I would not hide for the reasons I stated in my other comment:
“Secondly, there is a bit of a problem with hiding updates – you hide one, next pops up. With cumulative rollups you hide December, November shows up, you hide November, October shows up and so on… While this route is quite short, the one with timezones can go for ages.”
Basically, when you start hiding, it may take quite a while to get rid of everything.

Reply | Quote

I’m with the concept of “Never Hide” 😀

most updates have a chain of superseded updates, hiding one will present you the previous, and so on

Reply | Quote

I had different considerations for recommending to not hide, but yours is a valid one and an argument in favour of the same concept. 🙂
Basically what I said is when an update like KB2952664 is re-released under the same number and the previous one was hidden by the end-user, the one hidden will remain in the database without a reference to the back-end servers and impossible to unhide in the future.
So this ends with an orphaned record in the DataStore.edb.
It is unknown what that record will do for the calculations or if just stays there unused. It can be removed only by resetting the database, which in itself would scare a lot people, although it is not so bad practice to be done now and then.
Thanks for adding another useful argument in support of not hiding as common practice, while it is OK for testing in the short term. 🙂

Reply | Quote

Ugh. I’m in Group B. Just checked Windows Update for any other updates I’d need. I unchecked and hid the Monthly security update KB3212646 and it installed itself anyway!

Reply | Quote

Hi All,

So I understand that for .Net Framework this month, the Security and Quality Rollup is what should be installed.

My question is, will it be labeled as “December 2016”? That is what is in my WU:

KB3205402 – December, 2016 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 on Windows 7 and Windows Server 2008 R2 for x64

Thanks for the help, as always!

Reply | Quote

If you abide by Woody’s DEFCON rules (ie, wait till the number is 3 or above) the .NET Rollups that appear checked in the WU important updates are safe to install.

1 user thanked author for this post.

woody

Reply | Quote

Thanks! I figured as much, but I wanted to check, as I hadn’t seen a .Net Framework update listed for a bit in my WU & I had accidentally unchecked the “Give me updates for Microsoft products and check for new optional Microsoft software when I update Windows” option a while back and wasn’t sure if I was missing things because of it…..

Reply | Quote

For my main workstation earlier this month I brought in the latest full set of Windows 8.1 patches (minus a very few that were hidden months/years ago that are probably not even applicable/visible any more, such as the GWX update).

One thing I noticed is that the December update broke System Protection (i.e., the System File Checker – SFC /VERIFYONLY and SFC /SCANNOW – would fail).

I finally got to the bottom of it. There was something wrong with the database entry for, of all things, “Sound Recorder.lnk” – which showed up as “hash doesn’t match actual file” messages for several different copies. This was the key blob of messages in CBS.log:

2017-01-30 16:14:48, Info CSI 00000976 [SR] Verify complete

2017-01-30 16:14:48, Info CSI 00000977 [SR] Repairing 1 components

2017-01-30 16:14:48, Info CSI 00000978 [SR] Beginning Verify and Repair transaction

2017-01-30 16:14:48, Info CSI 00000979 Hashes for file member \SystemRoot\WinSxS\amd64_microsoft-windows-soundrecorder_31bf3856ad364e35_6.3.9600.17415_none_9014408a06a0ccbb\Sound Recorder.lnk do not match actual file [l:36{18}]”Sound Recorder.lnk” :
Found: {l:32 b:v0WEU04aXPq6p2n0N0VxZtp8AvDkGMPzXNwgdRtZRx0=} Expected: {l:32 b:lZzTQXwor5OIEqh3ok3qxjkPmzaWxMQ+XuQmVbN7wtk=}

2017-01-30 16:14:48, Info CSI 0000097a [SR] Cannot repair member file [l:36{18}]”Sound Recorder.lnk” of Microsoft-Windows-SoundRecorder, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2017-01-30 16:14:48, Info CSI 0000097b Hashes for file member \SystemRoot\WinSxS\amd64_microsoft-windows-soundrecorder_31bf3856ad364e35_6.3.9600.17415_none_9014408a06a0ccbb\Sound Recorder.lnk do not match actual file [l:36{18}]”Sound Recorder.lnk” :
Found: {l:32 b:v0WEU04aXPq6p2n0N0VxZtp8AvDkGMPzXNwgdRtZRx0=} Expected: {l:32 b:lZzTQXwor5OIEqh3ok3qxjkPmzaWxMQ+XuQmVbN7wtk=}

2017-01-30 16:14:48, Info CSI 0000097c [SR] Cannot repair member file [l:36{18}]”Sound Recorder.lnk” of Microsoft-Windows-SoundRecorder, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2017-01-30 16:14:48, Info CSI 0000097d [SR] This component was referenced by [l:166{83}]”Package_1133_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3321_neutral_GDR”

2017-01-30 16:14:48, Info CSI 0000097e Hashes for file member \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk do not match actual file [l:36{18}]”Sound Recorder.lnk” :
Found: {l:32 b:v0WEU04aXPq6p2n0N0VxZtp8AvDkGMPzXNwgdRtZRx0=} Expected: {l:32 b:lZzTQXwor5OIEqh3ok3qxjkPmzaWxMQ+XuQmVbN7wtk=}

2017-01-30 16:14:48, Info CSI 0000097f Hashes for file member \SystemRoot\WinSxS\amd64_microsoft-windows-soundrecorder_31bf3856ad364e35_6.3.9600.17415_none_9014408a06a0ccbb\Sound Recorder.lnk do not match actual file [l:36{18}]”Sound Recorder.lnk” :
Found: {l:32 b:v0WEU04aXPq6p2n0N0VxZtp8AvDkGMPzXNwgdRtZRx0=} Expected: {l:32 b:lZzTQXwor5OIEqh3ok3qxjkPmzaWxMQ+XuQmVbN7wtk=}

2017-01-30 16:14:48, Info CSI 00000980 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]”\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories”\[l:36{18}]”Sound Recorder.lnk”; source file in store is also corrupted

2017-01-30 16:14:48, Info CSI 00000981 [SR] Repair complete

It’s pretty clear it was Microsoft’s fault, as implied by the last few words of the “Could not…” message:

…source file in store is also corrupted

If this happens to you, or you have uncorrectable errors reported, it’s often a pretty easy fix. The following commands will generally fix a system right up – they cleared the problem for me:

DISM /Online /Cleanup-Image /RestoreHealth

SFC /SCANNOW

The first command updates the data store, the second corrects the detected problems with the newly updated data. Note that they take a long while to run. For more info: https://technet.microsoft.com/en-us/library/hh824869.aspx

Now I’m back to passing an SFC /VERIFYONLY check with flying colors and all is right with the Windows I choose to continue to use.

-Noel

Reply | Quote

Just returned from hols and down loaded January updates. Group A Desktop Win 7 Pro and Laptop Win 7 Home. No problems to report.

Reply | Quote

I’ve been following InfoWorld and AskWoody since I successfully thwarted the automatic GWX attempt to load Windows 10 on my laptop in July 2016, but I just registered on this site.

I have Windows 7 Sp1 x64. My Windows Change Settings are per Group B but so far I have chosen to install the Monthly Roll-Ups and have not installed any Security Only Updates.

I previously installed the October and November Security Monthly Quality Roll-Ups (KB3185330) and (KB3197868).

I have not yet installed either the December Security Only Update (KB3205394) or December Security Monthly Quality Roll-Up (KB3207752) despite the current MS-DEFCON 3 status.

I have not yet installed either the January Security Only Update (KB3212642) or January Security Monthly Quality Roll-Up (KB3212646) despite the current MS-DEFCON 3 status.

I’ve read all about the different problems that these patches have caused.

I must install the December and January updates now.

Should I sequentially install the non-cumulative December and January Security Only Updates (KB3205394) and (KB3212642) or would it be acceptable to install the cumulative January Security Monthly Quality Roll-Up (KB3212646). What is the risk of installing KB3212646 now that the status is MS DEFCON 3. Is the risk the same as when KB3212646 was originally published on January 11 or has the risk been lowered to an acceptable level? I realize that the telemetry risk is always a factor. I’d like to get feedback about the risk of other computer performance problems.

I appreciate your advice about which action to take.

Reply | Quote

Mike W wrote:

I previously installed the October and November Security Monthly Quality Roll-Ups (KB3185330) and (KB3197868).

If you have installed the ROLLUPS you have chosen Group A. ROLLUPS contain security and non-security patches. Group B installs the “Security Only Quality UPDATES” that have to be downloaded from the Update Catalogue and manually installed. The difference is in the terminology – UPDATE is security-only, ROLLUP is the whole thing.

Mike W wrote:

Should I sequentially install the non-cumulative December and January Security Only Updates (KB3205394) and (KB3212642)

If you choose to follow Group B from now on, the answer to this is “yes.” You will have to UNCHECK the ROLLUP in Windows Update before you install the other updates so it doesn’t get installed.

Mike W wrote:

or would it be acceptable to install the cumulative January Security Monthly Quality Roll-Up (KB3212646)

If you choose to go forward with Group A, the answer to this is “yes.” Since the ROLLUP is cumulative, you will only need Jan’s b/c it contains Dec’s.

The MS_DEFCON number pertains to this month’s (Feb) patches. You should WAITt to install anything with a Feb release date (on the right when you click on the “Important” list) until Woody’s DEFCON number goes to 3 or above. That gives time to see it they will cause problems.
Past patches (Jan and before) have been OKed to install.

1 user thanked author for this post.

Mike W

Reply | Quote

Thank you, PKCano.

You correctly point out that I have chosen Group A by installing Roll-Ups through November.

I appreciate your clarification about the monthly timing. I will decide whether to install the December and January Security-Only Updates or Security + Non-Security Roll-ups before the February patches are released next Tuesday.

I’m still mainly interested in feedback about the performance issues caused by the cumulative January Roll-Up (KB3212646) which includes the previous December Roll-Up (KB3207752). These Roll-ups have reportedly caused the following problems:

+ Prevented PC Reboot
+ Prevented Log Into Windows
+ Slowed Down Start-Up Programs
+ Task Bar “Safe To Remove Hardware” Stopped Working
+ Printer Stopped Working
+ Connection To System Event Notification System Stopped Working
+ MSE Right-Click To Scan Document Stopped Working,

My question is: Are these problems prevalent and likely to occur if I install (KB3212646) or are these problems infrequent and less likely or unlikely to occur if I install (KB3212646).

I hope that people will provide their experience considering that the December Roll-Up was published two months ago and the January Roll-Up was published one month ago.

Reply | Quote

I’ve seen very few reported problems with KB3212646.

Do you have links to reports for those screw-ups?

Reply | Quote

Woody – Here are the links and the problem statements:

The first three problems are for the December Roll-Up (KB3207752) which is included in the January Roll-Up (KB3212646):

(1) https://www.askwoody.com/forums/topic/security-patches-kb-3205394-3206632-3205386-crash-active-directory-admin-center/

Brandon wrote:

KB3205394 OR KB3207752 were causing a client’s machine not to boot correctly, it would cause the machine to state a hardware or software change has prevent windows from booting correctly and select repair- I would select the repair and then a Window Would appear and state the OS couldn’t be repaired, as soon as I removed these 2 updates the Machine hasn’t had a problem since.

(2) http://www.pchelp.zone/threads/security-monthly-quality-rollup-for-windows-7-kb3207752.155514/

Tweety6&22 wrote:

This update (KC3207752) has failed to install multiple times. It stalls everytime at 61% complete. I let it try for hours but it never progresses. This started happening after windows kept giving me a login failure. Because of the login failure, I had to restore my computer. Since the restore I have been able to login but I now am having this update installion problem. To make this even worse, when I logged into Windows support they said my Windows account had been closed because malicious emails had been sent from my account. Windows Support allowed to me log on after they sent me a security code.

[My Note – After re-reading the above problem statement, it seems to indicate that (KB3207752 was not the root cause of he problem, but rather that the computer restore caused the problem.]

(3) https://www.sevenforums.com/news/403526-kb3207752-kb3205394-update-windows-7-sp1.html

Benjamin76 wrote:

After installing the following updates KB3207752, KB3205402 and KB890830, MSE right click option to scan a file was gone again. I deleted KB3207752(I randomly picked that one first, had planned to delete all three), restarted computer and MSE right click option was back.

The next set of problems are for the January Roll-Up (KB3212646)

(4) https://www.askwoody.com/forums/topic/windows-7-8-1-patches-are-up/

Toa of Justice wrote:

KB3212646 slowed down startup programs for me. After I uninstalled KB3212646, my startup programs went back to normal.

(5) https://www.askwoody.com/forums/topic/windows-7-8-1-patches-are-up/

Perry Andrew wrote:

Subsequent to installing KB3212646 for Windows 7-32 bit, I no longer get bubble saying “safe to remove hardware” when I use the disconnect feature located in the system tray.

(6) https://www.askwoody.com/2017/ms-defcon-3-time-to-get-patched-but-watch-out-for-a-few-gotchas/

Jayendra wrote:

After install the “January 10, 2017—KB3212646 (Monthly Rollup)” my pc start to crash, restarting without advise or something. when i revert my pc to december (using 3rdparty backup software) my pc back to run again smooth and fine.

Karen wrote:

I installed both the MSRT and the January monthly rollup (KB3212646) on both of our pcs (Windows 7 home premium 64 bit) last night. Everything seemed to go fine, took about 25 mins to download, install and then reboot. After restarting I turned off my husbands pc, the trouble came when he turned it back on today. He got a “Failed to connect to a windows service” message in what looked like a speech bubble coming off his taskbar. It said that Windows could not connect to the System Event Notification Service service. What happened and what does that mean? Did it have anything to do with the either of the updates? We tried restarting the pc but it wouldn’t restart it just removed everything from the desktop but the background picture and that just hung there. The on/off button had to be held down to shut the pc down. We rebooted his pc again but it still gives the same message.

Woody – The above problems are just about all of the problems that I found for the December Roll-Up (KB3207752) and the January Roll-Up (KB3212646). I wouldn’t want to have these problems, but it seems like there’s a low incidence of problems which is why I asked whether it would be low risk and acceptable to install the January Roll-Up (KB3212646) at this point in time. Do you think it is relatively safe to install January Roll-Up (KB3212646) at this time? If you say it’s relatively safe, then I will probably install (KB3212646). If not, then I will probably install the December Security Only (KB3205394) and January Security Only (KB3212642) Updates.

I really appreciate and value your feedback

1 user thanked author for this post.

satrow

Reply | Quote

Referring to my previous post:

I installed January, 2017 Security Monthly Quality Rollup for Windows 7 for x64 Based Systems (KB3212646) which by definition puts me in Group A. I only decided that it was acceptable to install (KB3212646) after carefully researching on InfoWorld, AskWoody and elsewhere whether it has caused any problems. I waited and installed it just one day before the February 2017 patches are due to be published. (KB3212646) has not caused any of the reported problems on my PC.

After I installed (KB3212646), another important patch appeared in my Windows Update list — Update for Windows 7 x64 Based Systems (KB3177467). My research on InfoWorld, AskWoody and elsewhere indicates that this patch is a necessary innocuous Windows servicing stack update that was published on October 11, 2016. There has reportedly only been an installation problem, where the installation hangs up, which is easily resolved by pressing Control-Alt-Delete. Also, apparently this patch cannot be uninstalled after it is installed because it is associated with the Windows servicing stack which I understand to be the actual Windows Update support program.

I’m inclined to install (KB3177467) now based on all of the available information. I’m writing this post now to solicit feedback which will hopefully indicate that it is safe to install (KB3177467).

Reply | Quote

You should go ahead and install the servicing stack. Servicing stack updates are stand alone patches – they must be installed alone. They will not show up in WU until there are no other checked important updates pending

1 user thanked author for this post.

Mike W

Reply | Quote