We continue at MS-DEFCON 1: Don’t install any of the July patches

Topic

New Reply

With August patches just around the corner, you’d be well advised to give up on the July patches. Yes, some folks dodged the (many!) bullets. But for
[See the full post at: We continue at MS-DEFCON 1: Don’t install any of the July patches]

12 users thanked author for this post.

deuce120, Pepsiboy, Myst, abbodi86, Spiral, SueW, BobbyB, walker, Elly, Mr. Natural, geekdom, Microfix

Reply | Quote

Replies

Almost all problems with this monthly rollup are being fixed in the August monthly rollup (At least on Win 7) so the best option would be to wait until next Patch Tuesday and install both rollups at the same time (Unless there are problems with the next one as well but that wouldn’t happen right?)

Reply | Quote

There is absolutely NO reason to install both Rollups. Rollups are CUMULATIVE.

That means the August Rollup will CONTAIN the July Rollup PLUS the fixes for July errors and additional Aug. fixes included in the non-security part as well as the security and IE11 patches. So trying to install the July AND August Rollups would, in effect, be installing the July Rollup TWICE.

In fact, the August Rollup will supersede the July Rollup and the July Rollup should not even be offered on Patch Tues in Windows Update (unless you hide the August Rollup).

AND, you certainly would be a Guinea Pig it you installed ANYTHING on August Patch Tuesday, under current circumstances!

15 users thanked author for this post.

deuce120, Bill C., Pepsiboy, Myst, LH, Geo, pmcjr6142, WildBill, Frwin, lurks about, Elly, walker, woody, Microfix, zero2dash

Reply | Quote

This is what especially scares me going forward.
Unless they explicitly pull these updates (and since they haven’t yet, I assume they won’t), everything onwards is sketchy (at best) since everything but the Sec Only’s are all cumulative.

Reply | Quote

Realize, in July, for example, the Rollup and the Security-only BOTH contained the same bug – tcpip.sys related BSOD. Unless there is a later “fixed” version of the SO released (like KB4338823/KB4345459 in July) or it is fixed in a later month’s SO, the SO’s don’t get fixed. And if you skip it, you also skip any other included patches and fixes because it is not cumulative.

9 users thanked author for this post.

jburk07, Myst, Cartoonist Aaron, SueW, WildBill, Elly, walker, woody, zero2dash

Reply | Quote

Ah phooey…I did not realize the ‘better’ can of worms had its own can of worms as well.
That’s just great. One more wrinkle, one more thing to watch out for. [sigh]
Thanks for bringing that up – I was not aware of that. I haven’t installed July’s Sec Only and I don’t plan on it…but if I’m following along correctly, unless they add the ‘good’ fixes to August Sec Only (which they won’t), then I’ll have to install July + the fix patch if I actually want the fixes, otherwise I’m just completely missing out.

Ugh. Hey MS, I thought this was supposed to be “simple and predictable”. [rolleyes]

4 users thanked author for this post.

Myst, Cartoonist Aaron, WildBill, Elly

Reply | Quote

Hmmm… situation sounds pretty much “predictable” to me…

4 users thanked author for this post.

Myst, Cartoonist Aaron, zero2dash, Cybertooth

Reply | Quote

Hey PK

In fact, the August Rollup will supersede the July Rollup and the July Rollup should not even be offered on Patch Tues in Windows Update (unless you hide the August Rollup).

Running Windows10 Pro and have hidden the original July KB4338825 (via wushowhide).

Unless told otherwise, I plan to hide the August KB when it arrives this coming Tuesday.

Will hiding the August KB (via wushowhide) automatically remove the July KB from wushowhide, or will they both be there – hidden?

Reply | Quote

The discussion was about Win7, and that is the case with Win7/8.1.

I am going to speculate that supersedence works the same way way n Win10 and that the superseded patch will disappear. They are cumulative too.

1 user thanked author for this post.

walker

Reply | Quote

I would assume that you’re correct – but it’d be interesting to get confirmation!

2 users thanked author for this post.

WildBill, walker

Reply | Quote

Link to Woody’s Computerworld article:

https://www.computerworld.com/article/3296461/microsoft-windows/a-word-to-the-wise-skip-microsofts-july-patches.html

If debian is good enough for NASA...

2 users thanked author for this post.

walker, woody

Reply | Quote

I had started thinking about testing the July OS updates but at this stage of the game I would agree. Why bother? I’m declining all the July updates. Thanks Woody.

Red Ruffnsore

Reply | Quote

If Woody insists we do nothing for July’s updates, I’ll accept that. However, after doing my monthly backup, there are some patches & updates I’m considering. BTW, I’m on Windows 8.1 & Office 2013; your mileage may very.

• KB4338832 – Security Update for Adobe Flash Player. Nothing’s been mentioned about this good or bad, plus these are usually not cumulative. I have Flash deactivated in Firefox anyway & don’t use IE 11.
• KB4340798 – This is the Click-to-Run update for Office. The scurrilous KB4018385 is for Office 2016. Office 2013 doesn’t have it, so updating Office should be okay for me.
• KB890830 – Malicious Software Removal Tool. I believe this is cumulative, so skipping it should be okay.
• .NET – Not talking about July updates; skipping those. According to Raymondcc .NET Detector, I don’t have 4.5, 4.6 & 4.7 installed. Just to be sure I’m up to date, I’m planning to install those.

If Da Boss or any MVP’s say “Absolutely Don’t Do This”, I’ll back off on my plans for the weekend. Otherwise, I believe I’m okay. Backup is Step 0 as always; if any of these supposedly helpful changes hose my system, time to Restore & Wait for August updates in September!

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

My personal opinion is don’t bother with any of them with one exception. Either completely remove flash and don’t use it or always keep it up to date. Never run an outdated flash player.

Red Ruffnsore

1 user thanked author for this post.

WildBill

Reply | Quote

Unfortunately I don’t think you can, as MS now bakes it in to 8.1 and 10, which is why they push out the updates for it.
You may be able to disable it via Windows Features, but I’m not sure about that.

@WildBill, I think you’re fine there. Flash updates don’t (AFAIK) cause issues, and generally the MSRT does not either. Check Susan’s patch list for the C2R Office patch, if possible, but it’s probably fine at this point. As you said, you can always reimage off a backup (and kudos for being a user who has those).

1 user thanked author for this post.

WildBill

Reply | Quote

I just checked my Windows 10 system and the flash files are stored in the same location as all previous versions of Windows. So I would think there are ways to manage flash in that regard. With these types of systems I would just keep flash up to date.

Red Ruffnsore

Reply | Quote

Hello zero2dash. Yes you can completely remove flash from Windows 8.1. From control panel/programs and features, you can uninstall flash. It will not be re-offered in future windows updates if you uninstall it. One of my Windows 8.1 PCs does not have flash installed and one does.

Reply | Quote

I installed the updates on Win 8.1 x64 except for KB2976978 which is some kind of telemetry update.  I hid that one.

All updates installed except KB4340558.   I did what I do best, nothing.  About a week later, Microsoft issued a new KB4340558 which installed successfully.   No issues with the updates.

My Office 2013 updates outside of the Windows update system.  I’m a very infrequent user of Office, but to the extent I do use it, no problems found.   And it did update.

 

Reply | Quote

Woody

I assume you will tell us when to apply the August patches and instructions as to how to do it at the appropiate time?

Sam

Reply | Quote

Sure will, just watch the MS-DEFCON rating, when it reaches 3 or above, instructions will be given on how to apply the patches.

If debian is good enough for NASA...

3 users thanked author for this post.

Myst, walker, woody

Reply | Quote

Just received Window 10 updates:  KB4023057 (again) and KB4295110 (what is this one?)

Should I hide?

Reply | Quote

Don’t apply July and subsequent patches.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

1 user thanked author for this post.

walker

Reply | Quote

Geekdom,  generally good advice; however these Window 10 updates just came down and are not part of the on going Patch Tuesday patch or .NET dilemma.

These address the topic of  updates to the WUpdate process module itself.

Reply | Quote

Read here:
https://www.askwoody.com/2018/patch-lady-august-9th-updates/

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

Here is a translation from the BornCity website regarding these two KB’s.

My first instinct is this is a way for MS to force feed us stuff and maybe even Feature updates, however, upon reading what they say – if true…..

Are those of us who do not install these updates headed for WUpdate problems in the future (eg: it has a sentence to the effect that this was sent to computers not up to date, etc.)

So by not updating regularly, will we start receiving KB’s to “fix” update issues we may not have since we did not install updates?

MVP Edit: Removal of HTML

Reply | Quote

This was created in response to Reply 209754 above to describe what the two KB’s are all about.

Not going to make a lot of sense without the website link to BornCity.

Why was the link removed? MVP error sorry, missed amongst large quantity of HTML.

Question as to whether to install the KB’s or hide them remains.

Reply | Quote

No problem, here is the link again – it is a long one since this is in German and Google needs to translate. It was the only site that had any info on these 2 KB’s.
https://translate.google.com/translate?hl=en&sl=de&u=https://www.borncity.com/blog/2018/08/10/windows10-updates-kb4295110-kb4023057-9-8-2018/

MVP Edit: Removal of HTML

 

2 users thanked author for this post.

geekdom, Microfix

Reply | Quote

For us lazy English-readers, Gunter has an English version: https://borncity.com/win/. It doesn’t have all the entries on his German blog, but it has the Windows-related ones. Which are the ones we’re usually interested about on this side of the pond. They’re already translated, so 1 step saved.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

4 users thanked author for this post.

GoneToPlaid, OscarCP, Elly, SueW

Reply | Quote

KB4023057 – see: https://www.askwoody.com/forums/topic/hey-pk-kb4023057/#post-204715

KB4295110 – Briefly noted, as it concerns only a few. Microsoft has released KB4295110, a new update for the update components. Because this update requires only specific versions of Windows 10 1709 (Fall Creators Update), the update will not ship to all users through Windows Update.

using google translate from:

https://www.deskmodder.de/blog/2018/08/10/kb4295110-windows-10-1709-9-08-18-stabilitaetsupdate-fuer-die-update-komponenten/

1 user thanked author for this post.

Microfix

Reply | Quote

Original OP here:

Thanks for the additional input.  Also see above as my link to BornCity has been re-posted.

Agree they are aimed at Windows 10 ver 1709, and those the MS deems needed; however if you read the BornCity article, MS may deem it is needed because they think there is a problem because we do not have the latest updates (ie: a WU program issue).  And we dont have the latest updates because a lot of us are deferring them or hidding them as per guidance from this website. And we may not really have a WU program issue.

As such, are we creating our own problem with MS updates and being sent KB updates because MS thinks we have an updater problem when its us that are not updating?

So is this a real WU problem brewing, or another ploy by MS to change our system to deliver updates and new features at their discretion by ignoring our settings?

Hide and ignore?  Or?

 

Reply | Quote

See Main blog page: Patch Lady – August 9th updates concerning kb4023057 and kb4295110

Abbodii reminded us on the Patchmanagement.org list that the KBs that some are seeing released on August 9th are merely the infamous two year old update meant to pave the way for future feature upgrades. As Abbodii reminded us, it’s had over 25 releases/re-releases so far.

If debian is good enough for NASA...

Reply | Quote

I have deferral set for 30 days and they popped up today. I also set GP to 2, so I didn’t click “Download” and voila :).

Fractal Design Pop Air * Thermaltake Toughpower GF3 750W * ASUS TUF GAMING B560M-PLUS * Intel Core i9-11900K * 4 x 8 GB G.Skill Aegis DDR4 3600 MHz CL16 * ASRock RX 6800 XT Phantom Gaming 16GB OC * XPG GAMMIX S70 BLADE 1TB * SanDisk Ultra 3D 1TB * Samsung EVO 840 250GB * DVD RW Lite-ON iHAS 124 * Windows 10 Pro 22H2 64-bit Insider * Windows 11 Pro Beta Insider

2 users thanked author for this post.

BobbyB, zero2dash

Reply | Quote

FWIW, yesterday Microsoft forced my Win10 Home desktop from 1709 to 1803.  This in spite of having the 1803 update hidden and the network set to metered.

My anecdotal opinion is that you really need to check available and blocked updates frequently, and keep the telemetry and service stack updates blocked — as well as the 1803 upgrade.  Microsoft is sneaky, they update their patches so that your previous blocks become null and void.

The only problem noted with the upgrade has been that it broke Symantec Endpoint Protection v 14.0, and I had to update it to v 14.2.

2 users thanked author for this post.

Elly, Cybertooth

Reply | Quote

No problems with July patches here, everything installed zero issues.

1 user thanked author for this post.

HarryLeeSmith

Reply | Quote

@anon #209814, Which July patches were installed and for what OS?

If debian is good enough for NASA...

3 users thanked author for this post.

Charlie, SueW, Elly

Reply | Quote

Windows 10 with *GASP* 1803!!!!

Reply | Quote

HarryLeeSmith, perhaps you can answer a lingering Windows 10 question regarding what happens when there is more than one update released in the same month.

Ver 1803 had I believe 3 KB updates released during July

First, did you hide and hold (via wushowhide) or delay any Window 10 updates as they were released by WUpdater?

If not, did you simply let WUpdater automatically download and install then as they came down?  With no problems after any or the 3 installations?  Or describe process.

If you held them, did all 3 updates eventually come down? Were you able to hold all 3 of them simultaneously? Or, did the 2nd one replace the 1st and the 3rd replace the 2nd one? Ultimately leaving you holding only the last KB to install?

If only the first original KB came down due to your holding it, did you take a chance and install only that original KB?  And then did the others come down to install? How many KB’s were eventually installed?

Or, did you get any or all KB’s from the MS Catalog and manually install?

Thanks for answers.

2 users thanked author for this post.

Elly, Microfix

Reply | Quote

Clarification:

I am assuming that HarryLeeSmith is/was the Original anonymous poster who claimed to install the July patches with no problems on Windows 10 ver 1803.

If not, whoever did post, pls respond.  Or, anyone else that has gone through this process and can answer the questions.

Also this question is applicable to all Windows 10 versions including ver 1709 which also had 3 July KB releases.

Reply | Quote

Okay here I go again – sorry – but when you say “Rollup”, are you referring to the Group A everything rollup or is the Security Only Rollup included for us Group B people too?  Are there still Group B people?  I hardly ever here anything offered for them without questions such as this having to be asked.

I’ve seen it written here that Security Only (SO) updates for Win 7 must be installed strictly on a month to month basis without skipping any months.  Has this now changed?

Also, are the updates for Office 2010 dangerous too?  Or can they at least be gotten out of the way?

Being 20 something in the 70's was far more fun than being 70 something in the insane 20's

1 user thanked author for this post.

Cartoonist Aaron

Reply | Quote

@charlie, Rollups indicate the Group A type patching (which are cumulative) Group B Security Only type of patching is non-cumulative which means they need to be installed at some point prior to newer ones. I see you are Group B so, Woody’s advice is not to install July’s patches and to wait, probably until August’s patches have passed testing. Then there will be a methodology post on how to patch Group B SO patches for July AND August.

Office security patches are released on the 2nd Tuesday of the month, which hasn’t happened yet for August. For July Office patches, refer to Susan Bradley’s Master patch list here:

https://www.askwoody.com/patch-list-master/master-patch-list-july-2018/

Hope this is clear for you.

If debian is good enough for NASA...

6 users thanked author for this post.

Myst, Cartoonist Aaron, Charlie, SueW, Elly, WildBill

Reply | Quote

Thank you very much Microfix, that is clear.

Being 20 something in the 70's was far more fun than being 70 something in the insane 20's

1 user thanked author for this post.

Microfix

Reply | Quote

Charlie  #209822    “Are there still Group B people?  I hardly ever here anything offered for them without questions such as this having to be asked.”

Yes, most certainly there are more than a few in Group B here and, yes, we don’t get mentioned a lot. Mostly because those offering comments and starting forums are mostly concerned with Windows 10 first and Group A (Rollups) second. For obvious reasons (their patches have lots of problems). Also those in Group B (never Rollups, Security Only), for the most part, are doing fine. Or, at least, better than everybody else here. Also, for obvious reasons (we have Windows 7 and, or 8.1 and sometimes make our own *cautious* decisions as to when and what to patch, using the DEFCON as one thing to consider among several — and turn out to be right about that more often than not — although we sometimes come to grief too — we live such adventurous lives!).

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

2 users thanked author for this post.

GoneToPlaid, Charlie

Reply | Quote

Very well said OscarCP.  That is the way I feel too.  Once I get past all the confusion with who is talking about what, and what OS they’re referring to, I’ve done just fine with no problems.

Being 20 something in the 70's was far more fun than being 70 something in the insane 20's

1 user thanked author for this post.

OscarCP

Reply | Quote

As I needed to make system partition backups for other reasons I took the plunge and installed the W7 and W8.1 July Security Only (SO) and IE 32 bit updates last weekend without any problems. After making similar backups I installed W7 and W8.1 SO and IE 64 bit updates on my other PC a few days later. (I have ignored the .NET stuff.)

Overall the only problem I have seen is with W8.1 64 bit where (at least one of) the File Explorer file/folder problem(s) which re-occur every few months re-appeared this month (after a gap of several months). When trying to copy files from a folder in a secondary D: partition to a folder in the system partition C: by selecting, drag and drop, Windows informed that it “could not find the files” or something along those lines. Recognising this sort of problem I exported the Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions

and compared it with a know good version of the key and discovered that 2 of the usual suspect sub-keys had re-appeared:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6365D5A7-0F0D-45e5-87F6-0DA56B6A4F7D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}]

Deleting these sub-keys and rebooting the PC brought back the File Explorer drag and drop file copying functionality.

(To be sure I also exported the Registry key and compared it to a good version on my W8.1 32 bit PC and nothing untoward had re-appeared there. So this month this re-appearing faulty Registry stuff is only a W8.1 64 bit issue – for me at least.)

HTH. Garbo.

PS: I’m just a home PC user with a small Microsoft footprint e.g. I use Panda AV not Defender/MSE, Softmaker Office not MS Office, Firefox not IE etc. so my experience might not be typical of other readers here 🙂

6 users thanked author for this post.

abbodi86, GoneToPlaid, SueW, Microfix, BobbyB, Elly

Reply | Quote

@anonymous interesting I run a triple boot at home, 10, 8.1, 7 never noticed that behaviour before, although I generally “copy and Paste” between OS’s and Partitions (inc 1 x VHD like a partition to all intensive purposes) I’ll give this a try tonight, still not installed Win8.1’s July updates yet and if so seems like it may be Joining the July “Patch Prohibition” Pity really as Win8.1 probably is the best and least problematic of all the OS’s I have worked with or used. 🙂

1 user thanked author for this post.

Microfix

Reply | Quote

Interesting and thanks for the feedback, as well as the registry key analysis and your solution. I now have an urge to look at this on my test system when I get the time 🙂

If debian is good enough for NASA...

Reply | Quote

This has generated some interest, so a bit more info’ 🙂

I originally encountered these W8.1 explorer problems in January 2017 when I started to look at W8.1 seriously. (I had bought W8 licenses when MS were selling them cheaply the 1st couple of months after introducing W8, but W8 was just too unstable at that time so I continued with W7.) My initial problem was recovering files out of a Sandboxie sandbox (which at a low level is moving between folders) and I found online info’ including at:

https://www.winhelponline.com/blog/error-rename-move-folders-windows-10/

I know that the article is for W10, but there is a W8.1 “good” version of the failing Registry key in the “Note” in the “Solution” section.

I exported my faulty version of the key and compared it with this “good” version and my faulty version had 8 extra sub-keys. I copied these extra, faulty sub-keys into a .reg file and added minus ‘-‘ symbols in the appropriately places to delete the faulty, extra stuff and “merged” this into the Registry, rebooted and my problem was solved. I kept this .reg file in case I needed it in the future (which I did).

I have encountered other explorer problems at intervals of a few months since then e.g. being unable to rename a folder or (like this month) being unable to copy files. Each time merging this .reg file and rebooting has fixed things. This has occurred in both 32 bit and 64 bit versions.

So the contents of my .reg file to delete the 8 extra faulty Registry entries are:

Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{0ddd015d-b06c-45d5-8c4c-f59713854639}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{35286a68-3c57-41a1-bbb1-0eae73d76c95}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6365D5A7-0F0D-45e5-87F6-0DA56B6A4F7D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7d83ee9b-2244-4e70-b1f5-5393042af1e4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{a0c69a99-21c8-4671-8703-7934162fcf1d}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag]
“ThisPCPolicy”=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{f42ee2d3-909f-4907-8871-4c22fc0bf756}]

I did read some online comments suggesting that the 64 bit Wow6432Node versions should also be fixed, but I have not had to do that myself so far and I think it safer to keep the changes to a minimum. This is why I haven’t just deleted the Registry key and fully replaced it with the early 2017 “good” version – there may be later “good” changes which the early 2017 “good” version did not include at that time.

BTW: I have removed most of the W8.1 Metro “phone apps” so I don’t know if that has caused these explorer problems? Anyway the Registry changes above have kept things working for me so far.

HTH. Garbo.

 

3 users thanked author for this post.

Jan K., BobbyB, Microfix

Reply | Quote

Yup, going to test this out also on W8.1 to start with
I’ll just export the keys then delete, just in case and report back also 😉

If debian is good enough for NASA...

Reply | Quote

anonymous wrote:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6365D5A7-0F0D-45e5-87F6-0DA56B6A4F7D}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}]

Deleting these sub-keys and rebooting the PC brought back the File Explorer drag and drop file copying functionality.

@Garbo, thanks for the heads up on this tweak, my external USB3 drive and secondary W8.1 system drive no longer display lag or file freeze on moving/ copying large/ small files (after exporting within regedit as a fallback), then removing these keys. Soon after I ran sfc /verifyonly to find no errors. Cool!

I’ll leave the others for later to see how this works long term 😉

Excellent tip, you should consider registering with AskWoody, it’s a great forum community.

If debian is good enough for NASA...

Reply | Quote

@anonymous Nice Registry tweaks there so bookmarked for future Reference, I dont think I have ever had that problem before with Win8.1, but as said before I never use “Drag n Drop” normally just “Copy n Paste.” Anyway’s I installed the “chunk” of Win8.1 updates outstanding for July, going against wise advice in here, on a Hunch. Happy to report Win8.1 is ready to go, albeit it with another 565mb (x64) of updates weighing it down. I am afraid unable to recreate the “Dag n Drop” between Windows Partitions and the sole VHD on my Machine fault before and after alas. So a bit hesitant to give the Reg tweaks a try. After all a Working Win8.1 installation is “worth its weight in Gold” after July’s “Patch apocalypse” I still maintain my assertion for Win7 folks thinking of “jumping ship” after Win7 EOL but with an aversion to Win10, Win8.1 is should definately warrant some consideration.

1 user thanked author for this post.

anita.yk

Reply | Quote

I wonder if this a deliberate thing by MS, in order to prevent people from accidentally dragging and dropping stuff from another partition into the Windows OS partition. All of my computers are Win7. I have never encountered this issue since I always do copy and paste instead of drag and drop.

Reply | Quote

Garbo writes: After some more investigation of this issue….

1) I now conclude that the 6 extra unexpected “FolderDescriptions” Registry sub-keys which were present in early 2017 and which I associated with the W8.1 explorer folder and file related problems, but which did not re-appear with the July 2018 W8.1 security only and IE updates which re-introduced the folder and file problems are not relevant.

These 6 sub-keys are actually changes to remove the 6 folder icons for documents, music etc. in Windows 10 (W10) not W8.1 which are present at the top of the file explorer window right pane. As I dual-boot W7 (my default) and W8.1, I keep such “data” in a separate D: “data” partition accessible to both W7 and W8.1 and not in the system C: partitions, I regard these icons as clutter and remove them. There are Registry changes to achieve this in W8.1 and W10, but the actual changes are different and I must have mistakenly merged in the W10 changes in W8.1 before early 2017. So this stuff is a “red herring”. I do not believe anyone else with have these keys in their W8.1 Registry. Apologies for any confusion!

So my Registry .reg file to delete the suspect sub-keys to fix the folder/file problems should be:
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6365D5A7-0F0D-45e5-87F6-0DA56B6A4F7D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}]
i.e. just delete the 2 sub-keys which cause problems.

 
2) Prompted by the suggestion from “GoneToPlaid” above it occurred to me that the folders where I had problems were in:

a) “C:\Portables\…” where I put portable programs to keep them separate from the “C:\Program Files\…” etc installed programs,

b) “C:\Sandbox\…” where Sandboxie puts its sandbox stuff, and

c) “C:\ProgramData\Microsoft\Windows\Start Menu\Programs\…” where I re-arrange start-menu items into logical groupings e.g. “Office” for all “office”-like programs such as Softmaker Office, my printer stuff, CutePDF etc. (I use Classic Shell, but re-arrange the start menu folder structure directly into what to me seems a logical structure.)

The common theme here is that these are places where the controlling minds of Microsoft might not expect users to be making changes i.e. not in “user” areas such as “C:\Users\<user account name>\Documents” etc.

Looking for other places in the Registry where the 636… and 6D8… magic numbers occur, I only found

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Search\Preferences\ExcludeSystemFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Search\Preferences\ExcludeSystemFolders

suggesting that there is some kind of exclusion intended here (as GoneToPlaid suggested). Searching online these “magic numbers” seem to be “folder ids” in the Microsoft jargon. 6D8… relates to “program files” and 636… relates to “program files\common files”, but neither of these are the folders where I had problems.

 
3) To investigate further I thought I would re-introduce the problem by putting back the dodgy Registry keys to re-introduce the problems and try some folder operations in “user” areas as expected by Microsoft. However I was unable to re-introduce the problem!

After making a system partition backup, I tried uninstalling the July 2018 security only and IE updates, before re-installing them again, but the problem did not re-appear.

I restored the system partition backup I had made before installing the July updates on top of this (assuming this simply repeated my actions of 2 weeks ago), but again the problem did not re-appear.

So it seems that there is some other, non-obvious factor involved when this problem re-appears (which might explain why it only re-occurs every few months?). I will have to investigate further if, by chance (from my perspective) this problem re-occurs in the future.

In conclusion:
(i) There are only 2 registry sub-keys implicated in these W8.1 folder/file problems (see my simplified .reg file in 1) above).

(ii) The problems may(?) only occur in folders/files in unusual locations not typical “user” locations (but I cannot confirm this – see 2) above).

(iii) There seems to be some other factor involved in re-introducing these problems. Just installing the same windows update from the same baseline,  in what appears to be the same sequence is insufficient to always cause the problems.

HTH. Garbo.

Reply | Quote

Many Thx @woody for finally confirming what I was starting to suspect that July Patching was a “no go” for July.https://www.askwoody.com/forums/topic/windows-7-patch-tuesday-for-august-2018/#post-209583
Sorry about the next little item on todays Topic about “Patch Prohibition” for July and this is for all those Win10 1803 “sufferer’s” Here’s a couple of posts from the good folks at 10 Forums:
https://www.tenforums.com/tutorials/24742-reset-windows-update-windows-10-a-post1359654.html#post1359654
https://www.tenforums.com/tutorials/24742-reset-windows-update-windows-10-a-post1363205.html#post1363205
I got a couple of Win10 Machines at work (still 1709 at home and its completely different with daily Defender updates etc), with the same GPOL set i.e. “2 Notify to Download, to install” still firmly set with Junes update (KB4284835) installed not notifying nor being offered July’s update (KB4338819), except 1 Machine (Lenovo) in WUMT but not through Win Update. I believe there’s an SSU in the mix somewhere (KB4338853) but M$ says, allegegedly, “it will install its self” errrm well not yet! Any one else seeing this behaviour????
Not really complaining here just, theyre actually reliable and are set to go out Sept maybe back end this month, but its nice to know what the heck’s happening in the interim, is this going to change or is this to be another “Brave New World”? of Windows update to come? 😉

Reply | Quote

PS finally Win10 1803 got its act together and presented July’s updates for Office 2016, Flash and a combined collection of Defender Signature updates approx 41mb’s, 5 days after they first appeared in WUMT. OK I can see WUMT and Win10 using the same policies, maybe that’s how WUMT works its still a mystery to me as most round here, but why 5 days after they’re availble ? Are they already trying it out on us? The AI thing was only supposed to be on user usage patterns with the next Version. One things for sure with Win10 1803 and WUMT and a metered connection your not going to get swamped by machine stopping updates if it continues along these lines.

Reply | Quote

Anyone knows what issues there are with KB4339093  (Cumulative IE11 update for W7 x64, Group B) ?

 

1 user thanked author for this post.

Charlie

Reply | Quote

None I have noticed. E11 Security Cumulative patches have been OK for some time. As have been Office patches, except for Outlook, that I do not use, so can’t speak about that, and a problem with writing equations that was later fixed.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

The MS support page for 4339093 reports no issues. The master patch list here at AskWoody reports no issues being tracked, although it also says to not install it yet (which is the blanket advice for all July patches).

On the other hand, if memory serves, OscarCP has installed it on a Win 7 x64 Pro machine, and I’ve installed it on 2 machines: a Win 7 Starter, 32 bit and a Win 7 Pro SP1, 64 bit. My 2 installs have been fine as, I believe, has been OscarCP’s.

Reply | Quote

DrBonzo: Yes, your memory serves you well: I have installed everything for July except for the .NET patches, and all is well, so far. (Win 7 Pro SP1, x64, Group B.)

But I waited to do that for more than three weeks after Patch Tuesday, paying attention to the accumulating evidence that it was probably OK to go ahead and patch: balancing the DEFCON setting with the notes in the Master Patch List and comments on problems with patches, both here and elsewhere. And what works for me might not for others, if they have some third party applications that might conflict with the changes to the OS introduced by some of the patches.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Thanks for the Reply, OscarCP and DrBonzo. KB4339093 is installed on my PC since yesterday and everything is still OK.

Reply | Quote

I’m now a Group W guy. Bye bye patches! Now to just watch where I click.

Reply | Quote

Well, just so you know, you don’t have to click on something to get malware. Just moving the cursor over something can do it.

2 users thanked author for this post.

jburk07, OscarCP

Reply | Quote

Yay, a whole month off! The zombie of the ‘dead’ Group W strides forth again.

Reply | Quote

Surfing Pensioner: Actually, for Group B and Windows 7, it is not that bad. Most of the current DEFCON setting reflects the horrors of the Win 10 patches and the recurring problems with the Group A Rollups.

I am fully patched through July (except for the problematic .NET patches) and still my PC is in good health. As it has been since I bought it, more than 7 years ago and to this very day, except for catching the occasional cold. But one has to do one’s homework, as the DEFCON by itself is no longer a good guide for Group B. I am widely known to be pretty reckless and nonchalant, but I think that to be Group W is too risky even for me.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

3 users thanked author for this post.

Charlie, Myst, Steve

Reply | Quote

You took me very literally, OscarCP, but I spake in jest. My PC is in excellent health, too, despite 9 years’ hard work (and it came to me reconditioned!) – I haven’t noticed the slightest sniffle. I patch very selectively, researching each update these days, and it works. Meanwhile, I am reviewing the latest Chromebook models.

Reply | Quote

That’s the way.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

KB4338823 2018-07 Security Only Quality Update says:
Known issues in this update

Symptom
After installing this update, some devices running network monitoring workloads may receive the 0xD1 Stop error because of a race condition.
Workaround
This issue is resolved in KB4345459.
Symptom
Restarting the SQL Service may fail occasionally with the error, “Tcp port is already in use”.
Workaround
This issue is resolved in KB4345459.
Symptom
When an administrator tries to stop the World Wide Web Publishing Service (W3SVC), the W3SVC remains in a “stopping” state, but cannot fully stop or be restarted.
Workaround
This issue is resolved in KB4345459.

KB4338818 2018-07 Security Monthly Quality Rollup says:

Symptom
After installing this update, some devices running network monitoring workloads may receive the 0xD1 Stop error because of a race condition.
Workaround
This issue is resolved in KBKB4338821.
Symptom
Restarting the SQL Service may fail occasionally with the error, “Tcp port is already in use”.
Workaround
This issue is resolved in KB4338821.
Symptom
When an administrator tries to stop the World Wide Web Publishing Service (W3SVC), the W3SVC remains in a “stopping” state, but cannot fully stop or be restarted.
Workaround
This issue is resolved in KB4338821.

Is there a similarity here?
The Group A and Group B updates both had the same bug initially, and both were corrected by later releases.

3 users thanked author for this post.

cesmart4125, SueW, Charlie

Reply | Quote

Group B, Windows 7 and Windows 8.1.

Woody, how about the substitutions for the Security-only updates KB4345459 (Windows 7) and KB4345424 (Windows 8.1), which I suppose is to be installed in place of the original security-only updates (Please correct me if I am wrong.) and correct the problems in the original updates?

Are there any problems with them? Are they safe to install?

I am not planning to install them now and will continue to watch and wait, but may do so in the future.

And regarding the issue of delaying updates for some time : I don’t think it is a problem, at least for me. For a period of 5 months (from January to June) I stay on December 2017 patch level for my Windows 7 systems and have not encountered any problems. If necessary I will delay or skip any updates considered to be problematic. There is a risk in doing that, to be sure, but I believe it is about which “risk” is greater : skipping those updates, or install them, which may cause serious problems. I choose to skip in that case.

Hope for the best. Prepare for the worst.

Reply | Quote

For Windows 7 only (I only have that) I first tried installing, as Group B, just the first (July 10) Security Only update, and all was well.

Then I installed KB4345459 on top of that, for good measure and to see what might happen, and all continued to be well. And still is well. In fact, other than .NET updates (the only July patches I have not applied yet), I have not had, or heard of, any real problems with the Windows 7 updates for July. The DEFCON is mostly about Windows 10 and the Group A Rollups, these days.

Before installing anything, first make sure to create a restore point, so you can return your system to what it was before the update if you encountered problems, for example when running some applications that you might have installed yourself in your PC.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

2 users thanked author for this post.

Charlie, Jan K.

Reply | Quote

I`m group A, I installed the .net July  updates and had no problems.

3 users thanked author for this post.

jburk07, Jan K., Myst

Reply | Quote

I just downloaded and installed the Security Only and IE updates with no problems showing.  I did not do the .NET, or 2952664.  The Office 2010 updates were (are) okay too.  So it looks like I’m good shape for another month.

Being 20 something in the 70's was far more fun than being 70 something in the insane 20's

1 user thanked author for this post.

SueW

Reply | Quote

BobbyB wrote:

I got a couple of Win10 Machines at work (still 1709 at home and its completely different with daily Defender updates etc), with the same GPOL set i.e. “2 Notify to Download, to install” still firmly set with Junes update (KB4284835) installed not notifying nor being offered July’s update (KB4338819), except 1 Machine (Lenovo) in WUMT but not through Win Update. I believe there’s an SSU in the mix somewhere (KB4338853) but M$ says, allegegedly, “it will install its self” errrm well not yet! Any one else seeing this behaviour????  

I just got some comments to my German blog post about (it’s this sub-thread), where user wufuc_MaD complains. It seems that WUMT doesn’t work reliable anymore.

Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author

https://www.borncity.com/win/

2 users thanked author for this post.

Microfix, Elly

Reply | Quote

Concerning the WUMT = Windows Update MiniTool, a quote from the MDL Forum:
Cumulative Update is processed by UUP since W10 1709 and WUMT cannot handle UUP correctly

https://forums.mydigitallife.net/threads/windows-update-minitool.64939/page-44#post-1453258

1 user thanked author for this post.

Microfix

Reply | Quote

So, If WUMT cannot handle the Unified Update Platform, what does this mean, in laymens terms, for average users who rely on WUMT to control patching in W10 v1709 and v1803?

If debian is good enough for NASA...

Reply | Quote

@gborn @microfix @anonymous I amended the post above https://www.askwoody.com/forums/topic/we-continue-at-ms-defcon-1-dont-install-any-of-the-july-patches/#post-210215 WUMT still has some quirks but not any what I would call dangerous misleading perils that can thrust you in to, say, an unwanted upgrade but as Win10 is a tricky OS you still need to keep an eye on it, unless of course you want to “dismember” WUD, which I am not a fan of. It does throw up a few odd things like misreporting of size in my experience, but its perefectly fine to use day to day just run it when you reboot or resume from Hiberfil Hibernate, heck if your adventurous why not set up a Task in task Scheduler to so run at those times.
Only problems I did have are listed here but theyre not biggies, its not perfect and we don’t know quite how it works but it seems to Mirror WUD policies as you have them set. in Win10 Pro and above i.e. Defer 30 days in Win10 and it will present in WUMT after 30 days etc. I listed this a bit back see what you think about it ?https://www.askwoody.com/forums/topic/patch-lady-black-screen-issue-acknowledged/#post-194262

Reply | Quote

Does this Defcon warning include the 4 outstanding Office 2010 updates that I have pending (KB4022202, KB4022206, KB4022208 & KB4022136)? OR are those updates okay to install? Also what about the MSRT update (KB890830), is that safe to install? Thanks in advance!!

Reply | Quote

Woody’s ComputerWorld article says this about the July Office Patches:

The Office patches passed relatively unscathed, except the KB 4018385 non-security patch for a bug in a three-month-old security patch that crashed Office — and the new non-security patch also crashes Office.

You can check Susan’s Master Patch List for July for the status of the other Office updates.

5 users thanked author for this post.

jburk07, KarenS, SueW, DrBonzo, Elly

Reply | Quote

Hi everyone,

All of my Win7 computers are Group B through June 2018. When the August Security Only updates are released, I will wait and test them on the following Saturday after I do my Friday backup. I will also test to see if the August Security Only updates have proper supersedence over the July Security Only updates, or if the August Security Only updates completely replace the July Security Only updates. The latter would be confirmed by, after installing the August, then trying to install the July should result in a “This updates is not applicable to your computer” message.

Note that I will not be testing any Security Only .NET or IE updates just yet, as I prefer to examine things one step at a time.

Best regards,

–GTP

 

7 users thanked author for this post.

jburk07, Seattle27, Grond, SueW, amraybt, DrBonzo, OscarCP

Reply | Quote

I always follow your advice, Woody, and my widows update is set to defer quality updates for 30 days both in settings and in the Group Policy Editor.

Suddenly on August 10, I received a notice from within Windows 10 1709, to restart my computer to complete installing updates. Besides the updates for Office 2010 there was a cumulative update for Windows 10 1709, KB4338825. After the restart I checked the build number. Its 547 not 579. The latest update is KB4338817, but when I tried running it I was told that it does not apply to my system. When I ran Windows Update to check for updates I was told that my system is up to date.

How can an update with a later number result in an earlier build number?

Susan Bradly’s patch management  email does refer to this cumulative patch, but so far Woody has not mentioned it.

So far everything seems to be working all right.

Reply | Quote

Just to say that I’ve today installed the four Office 2010 updates for July without any issues thus far.

All other updates have been hidden, and both my Windows 7 desktops are now set to “Never check for updates”.

Thanks as always to Woody, Susan, and the rest of the team/fellow commenters for helping to keep me sane as well as up and running for another month! Goodness only knows what August will bring…

2 users thanked author for this post.

jburk07, SueW

Reply | Quote

You know, if this keeps up, there won’t be much point in sticking with a “supported” version of Windows. Maybe it’s time to reconsider putting Windows 8.0 back on my old eMachines computer.

Nah. I REALLY LIKE Elementary OS on that machine. But if I were to decide to go with Windows on that machine, it would be 8.0.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

2 users thanked author for this post.

Seff, Elly

Reply | Quote

MrJimPhelps: ” You know, if this keeps up, there won’t be much point in sticking with a “supported” version of Windows ”

I am sticking with Win 7 at least until its present EOL date, maybe longer if MS relents and extends its support, in practice and however grudgingly, well beyond that date. The way things are going, I starting to think that could really happen. My loyalty to Win 7 is reinforced by the fact that I have been patching it on my PC (Group B-style) for years now without serious problems, all the way through last month.

That said, maybe not Win 8.0 exactly, but other OS are options worth considering either as dual boot installs or as places one could migrate to, and for those interested in either option you, along with AlexEiffel and others, have been quite helpful explaining how to install and use Linux, particularly certain flavors of it, such as Mint.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Elementary OS is a very lightweight distro of Linux based on Ubuntu:

https://www.askwoody.com/forums/topic/elementary-os/

It looks and feels a whole lot like a MAC.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

1 user thanked author for this post.

OscarCP

Reply | Quote

MrJimPhelps: “Elementary” sounds interesting, based on what you have been posting on it.

Has someone tried it on a virtual machine, preferably one running on Windows 7 x64, and how did that work out? Thanks.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Oh, come on guys – isn’t it possible to keep even one Windows Updating topic free of discussion on Linux???
😉

I know there’s a lot of frustration, but the concept of keeping discussions On Topic seems to be lost far too often…

3 users thanked author for this post.

SueW, jburk07, walker

Reply | Quote

I suspect that the following hypothetical conversation explains why Windows discussions here so often veer off into Linux:

Kids: Are we there yet???

Dad: No, kids, we still have a way to go.

Mom: This road we’re on, if we stay on it the map shows it goes straight over a cliff.

Dad: Is there any place to turn off?

Mom: Yes, there’s a fork five miles down the road where you can go to the right and go around the mountain.

Dad: OK thanks, we’ll turn off there.

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

1 user thanked author for this post.

OscarCP

Reply | Quote

Well, Kirsty, you might be glad to know that some of us, occasionally, talk about Macs too.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

And we encourage that, but in the right places! 😉

1 user thanked author for this post.

Elly

Reply | Quote

@Kirsty, I’ve had a one-track mind (Linux) ever since I installed it on my computer and then started using it.

I’ve got it bad!

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

OscarCP wrote:

Has someone tried it on a virtual machine, preferably one running on Windows 7 x64, and how did that work out?

I’ve never tried Elementary OS as a virtual machine; but it is really light-weight, so I have no doubt that it will run very well.

It would be very easy to try it out; if you do, perhaps you could report back the results of your test.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

question on patching servers.  Im using GFI Languard and patch servers monthly.  Back in March I excluded KB4088878 from all servers due to my confusion of clarity if it was ok to apply this patch.  I also excluded KB4093118 in April.  if I have patched since then do I still need to apply those older patches to protect against the Spectre/Meltdown or have future Monthly rollups covered all of the vulnerabilities that these two KB’s were to have patched.  Sorry to sound like a newbie but I dont want to add these back in to the patch cycel if they are not needed.  However if they are I need to know.  Thanks

Reply | Quote

@alwayslookingforanswers, “if I have patched since then do I still need to apply those older patches …” No, you do not.  Win 7 Rollups are cumulative, so you do not have to install older ones.  By the way, KB4088878 was March’s Security Only update, not a Rollup; perhaps you meant KB4088875.

Win 7 SP1 Home Premium 64-bit; Office 2010; Group B (SaS); Former 'Tech Weenie'

1 user thanked author for this post.

walker

Reply | Quote

While OnWindowsRoad

MsgBox  “I’ll turn at the next Linux fork”

IgnoreLinuxFork

Wend

Reply | Quote

I’ll add another data point.

Windows 7 x64 group B.

I’ve installed July security only KB4345459 and IE KB4339093 without any issues. I’m not touching the .NET stuff yet.

3 users thanked author for this post.

Bill C., SueW, OscarCP

Reply | Quote

Win7Pro-64_SP1 on Intel DX58SO2 MB and i8-960 CPU, wired network.

I installed the July updates today, Group B Security Only KB4338823 and IE Rollup KB4339093 manually, as well as all Office 2010 patches without issue via WU. Also installed the KB4345459. All installed without issues. I have held off on the July .NET Rollups on WU and the Optional, but Recommended .NET Version 4.7.2.

I have not touched the August updates at thios point (too early).

Interestingly, today, Belarc Advisor is showing 2 “missing” patches KB4343205 Cumulative security update for Internet Explorer: August 14, 2018 and KB4343899 August 14, 2018—KB4343899 (Security-only update) . I have never had Belarc show the 2 Group B Security Only patches, only the Rollups.

1 user thanked author for this post.

columbia2011

Reply | Quote

If you are going to hold at December 2017, make sure that you use the latest versions of either Firefox or Chrome for all Internet activities. Why? Because Meltdown is so easy to exploit in comparison to Spectre.

Reply | Quote

amraybt, I was in your position up until a week ago but I finally pulled the trigger and updated to June. I used the Roll-Up so I didn’t have to bother with the patch order song-n-dance and so far, everything is running smoothly on 2 Win7 machines.

I originally feared the Meltdown/Spectre patches might result in slowdowns to my systems but I benchmarked both machines before and after (using CrystalDiskMark, AS SSD, Cinebench, and UserBenchMark) and no change to performance could be found. Neither machine is new, the desktop being a Nahalem Core i5 and my laptop being a Sandybridge Core i7.

1 user thanked author for this post.

amraybt

Reply | Quote