Win7 October Monthly rollup KB 3185330 hiding browser search history

Topic

New Reply

I’m seeing reports all over the web that KB 3185330, the “October 2016 security monthly quality rollup for Windows 7 SP1 and Windows Server 2008 R2 SP
[See the full post at: Win7 October Monthly rollup KB 3185330 hiding browser search history]

Reply | Quote

Replies

Woody, perhaps I do not understand the need to update, but if your computer is running fine why update? I do not know why people just don’t turn off updates completely and stop all this misery. With a good Internet Security Program why do we need to be updating all the time anyway?

Reply | Quote

Security updates are important, not just for you, but for everybody else on the internet.

Whether it’s worth going through the hassles to update – that’s a decision you get to make.

Reply | Quote

We’re just hearing about this NOW… wasn’t this released over 30 days ago?

I’d like to think I’m one of the lucky ones by being in Group B since I only installed the security update after I saw the Defcon 3 thread a couple weeks ago, but what about 3192391 for Win 7 that was released at the same time as 3185330?

Am I alone thinking only an IE patch would screw up browsing history? Wouldn’t the same IE patch be in BOTH of those updates?

Reply | Quote

One of those moments I appreciate having chosen ‘Group W’ : no more Windows Update, not even Security only. Microsoft is pathetic. Of course this requires more than ever a solid OS defense, but then it is and will remain : Shut up, Microsoft. A total chaos.

Reply | Quote

Updates are very important to you and everyone you communicate with. You might pick up internet”disease” and inadvertently pass it on to whomever you communicate with. This is because there is no perfect protection service. Things get in and out without being caught.

Reply | Quote

Woody,
Perhaps I missed this, but I have not yet seen your comments on the Win 10 Update rollup. Is it safe to install?

Reply | Quote

What is important is a strong OS defense configuration, and either this policy should include Windows Updates is a question in itself, IMO.

– Avoid IE/Edge systematically. Try to perform connections as much as possible from your browser (other than Microsoft’s) and beware of applications establishing connections as they will call IE routines for that.

– Avoid ADOBE products, mainly its PDF reader and if possible its Flash player as well. For the latter get information to apply security/privacy settings on its mms.cfg file.

– Avoid Java : avoid, avoid, avoid.

– Keep your anti-malware up-to-date; choose a good product, not one of those free absurdities which half-protect and often full-track its users.

– Use DNSCrypt to protect your DNS resolutions.

– Remember a good Hosts file can protect quite well depending on the filters, use the HostsMan application to concatenate several pertinent filter sources.

– I strongly advise HitmanPro.Alert on system-wide, uBlock origin for your browsers.

– Last but first : think, never rely on the protections you have, never download applications elsewhere then from their developer’s site, never give a true email (use Disposable Emails).

WWW is both World Wide and World Wild : keep that in mind, always.

With and after that all… choose to include or not Windows Updates.

Reply | Quote

If you’re in Group B and haven’t yet installed the October Security-only patch, then you should go ahead and do so.

If you’re in Group A and haven’t yet installed the November Monthly roll-up, wait for the MS-DEFCON level to change.

Reply | Quote

Ed:
Can you explain the meaning of “Group A” vs. “Group B”?
Thanks.

Reply | Quote

A data point:

I have been vetting/testing KB3197874 (Win 8.1 November rollup) and haven’t seen any performance or other problems in Internet Explorer. This page, for example, displays in less than 1 second.

http://Noel.ProDigitalSoftware.com/ForumPosts/Win81/AskWoodySite.png

However, I don’t have the add-ons mentioned. I don’t choose to run very many add-ons at all on my system.

It occurs to me to wonder whether the security updates may actually be doing their intended jobs…

ActiveX and Add-ons, being the source of many security problems, might have been doing things they shouldn’t have, and are now being blocked from doing so.

People tend to think “increased security” should come without a cost. But people may make poor choices, have questionable computing habits, and just not know when something is wrong. It may be that “increased security” actually stops their systems from doing wrong things, in noticeable ways.

Or maybe Microsoft just un-borked something in November that they did wrong in October.

-Noel

Reply | Quote

Woody touched on the fact that your computer does not stand alone; you are a member of a connected community. But beyond the possibility that your system could become infected and cause others problems (e.g., by propagating the infection)… An example of why it might be good even for you to take a security update:

KB3174644 is an improvement to the Diffie-Hellman Key Exchange process. Without getting into detail, this process governs your system establishing a secure connection with another system online.

Do you want your system to have the most up-to-date algorithms and cryptography key requirements when communicating with your bank?

You must never rest when considering the potential future risk of NOT taking updates against the potential risk that Microsoft may bork your system.

Under certain, selected conditions – for example, a special purpose computer that just sits and hums in the corner as a server and isn’t used to browse the web – it may be appropriate to stop updates entirely. You need to weigh the needs and risks. As with most things in life, hard and fast rules of thumb aren’t enough. In short, “never say never”.

I myself always vet/test the latest set of updates in a throwaway virtual machine so that I can get an idea if, for my uses, the updates do harm or reduce performance. Once I get past the basic testing, and determination of whether/when I can afford potential downtime, I ALWAYS have backups from which I can restore an entire system if that becomes necessary. I anticipate bringing my older systems up to date sooner or later.

Given Microsoft’s recent motion toward cumulative updates, beyond it being a marketing push to assert more control, I can only imagine that it means individual updates are less likely to respect boundaries and may be tied to one another. Microsoft has said that cumulative updates avoid fragmentation. We assume that means “in the past” but it may be that they’re actively planning to cause fragmentation. It would be cheaper for them not to have to be so careful!

-Noel

Reply | Quote

http://www.infoworld.com/article/3128983/microsoft-windows/how-to-prepare-for-the-windows-781-patchocalypse.html

Reply | Quote

@Ed,

This is why in September I decided that with the new patching system, I would wait an extra month before doing anything (such as installing Group B patches) — so I could see what problem reports might be coming in from other users.

For some reason, I often have unusual problems that only a small % of people have (though the problems are real and have real consequences), so it takes time for news of those to filter through the normal reporting channels.

I can’t be in Group A, so I am choosing between B and C/W.
If I do go into Group B, I will wait until the end of November to install the October second-Tuesday security-only and Office patches.
Given my generally-careful internet usage, I don’t think waiting an extra month for patching should be too unsafe, most of the time.
If there ever comes a really crucial patch, which sometimes happens, then I probably would risk doing it immediately.

Reply | Quote

Woody,
Thanks for the link explaining the 3 groups. It appears from the posts here by Windows experts like you, Noel, and others that avoiding telemetry updates is a complicated, time consuming process. As for the Windows 10 Pro group who use metering and wushowhide to control the update process, do you consider this group as “Group B”?

Reply | Quote

Metered connections and wushowhide are two different ways to block updates.

You can block update – prevent them from installing as soon as they’re rolled out – and be in Group A, Group B, or Group W. What matters is the actions you take after they’re blocked.

Reply | Quote

Follow-up: I just saw an SFTP session (with the Beyond Compare application, not IE) take longer than usual. However, it DID work. That kind of thing sometimes happens with web servers that are burdened or doing a backup or something, so maybe it’s too early to pass judgment.

-Noel

Reply | Quote

But the bottom line, whatever group one is in–I don’t now what group I’m in–is to wait for Defcon 3 before updating Win 10 rollup?

Reply | Quote

From a security point of view I also recommend running Windows from a Standard (limited) user account, especially when you’re connected to the Internet.

Reply | Quote

Yes.

Reply | Quote

Turns out that was just a slow server. It worked fine a little later.

Now I’m investigating a possible issue with RunDLL32 not being able to properly execute 32 bit DLLs.

-Noel

Reply | Quote

For what it’s worth, I haven’t seen any problems. I don’t use Google Toolbar or Chrome. I switch between IE and Firefox (FF has NoScript enabled)and my search history is unaffected in both. This on a 5 year old Dell XPS 7100.

Reply | Quote

I am probably very lucky, I finally decided to full patch my w7 pro. Installed the november roll up 2 days ago, I had no issue. I use firefox with no script and request policy. I have an adblocker (I’m a bit paranoid about malwares LOL) My laptop is getting old, but everythings seems OK.

But I answered on someone’s question in a French forum, about this exact issue about missing google’s browsing history. I now see this question with a different view! I might have to dive about it!

Reply | Quote

Looks like the October security only update (3192391) does not cause this…at least I haven’t had this issue with that update applied.

Reply | Quote

On Win 7 x64 with latest Monthly Quality Rollup of Oct. and now Nov. patch. Not having any so-called disappearing search history and from what you’ve quoted or linked above, it seems to be situated with certain add-ons installed alongside the browser.

Reply | Quote

My initial questions appear to have gotten side-tracked and remain unanswered so I’ll try asking them again.

Is this problem being caused specifically from the IE patch included in KB3185330 or not?

And again, if that IS the case… wouldn’t this same IE patch be included in KB3192391?

I’m not a programmer nor am I capable of dissecting patches but the idea seems quite realistic to me that the patch that would effect a browser’s functionality would be the patch for the browser itself.

Reply | Quote

Yes, we’re just hearing about this now. In fact, it hasn’t hit the mainstream computer press yet – I think this is the first announcement, and it will probably get picked up in the next few days. Or maybe nobody thinks it’s important enough to write about it.

It’s highly likely that it was caused by the IE patch in KB3185330, the Monthly rollup. Whether it’s also in 3192391 is an interesting question, and I don’t know the answer. We’d have to find someone who’s applied 3192391 and not applied 3185330 to know for sure. I also don’t know if 3192391 has fixed the problem – although that seems unlikely at this point.

Reply | Quote

Thanks! The reports are scattered and incomplete – and may be confined to the Google Toolbar. I had a question from a reader and he wasn’t clear if the missing history was in IE, or in the Google Toolbar.

Reply | Quote

Thanks for the confirmation!

Reply | Quote

It isn’t clear to me if it’s (a) limited to Google Toolbar, or (b) something that only happens on some IE installations.

Reply | Quote

I installed KB3192391 when you unleashed Defcon 3 a couple weeks ago Woody… I am NOT experiencing any History issues what-so-ever using IE-11.

It’s my understanding that the “Monthly Rollup” contains the same SECURITY patches that are offered in the “Security Only” update… along with other non-security patches. It’s also my understanding that the IE patches are included in the Security Only update.

I’m hoping somebody can either confirm this or explain to me exactly what IS included in the Security Only updates.

As for the last sentence in your above reply Woody… how could that be possible if they were both published on the same day?

Reply | Quote

GACK!@ I got my KB numbers wrong. That’s what I get for typing before my first cup of coffee. You’re right, they were both published on the same day.

Yes. The Monthly rollups contain the same security patches that are in the same month’s Security-only patch. At least, that’s what we’ve seen so far.

Reply | Quote

I can add another Win7 x64 machine which did not see a problem with the October and November cumulative. No Google toolbar installed.

The wider discussion on this thread is the single policy(out of many), for me, that Microsoft has got so very wrong.

By tangling security updates up so completely with telemetry, pointless new features, altering user settings without explicit permission etc,etc and to then make the whole process so utterly byzantine is just plain wrong.

That they are the creator of the worlds widest used OS and are driving experienced users to feel that they want to abandon getting security patches altogether is a form of corporate negligence in my book.

Ignoring security patches for almost any system, any user can never be a good idea.
Instead of industry leadership we are getting arrogant, bullying, shortsighted stupidity by the truckload.

But hey, you can free doodle with your fingertip soon – so that’s ok then.

Reply | Quote

Forgive me if this isn’t exactly on topic, but in reading through the comments, I was wondering if there is an antivirus program that you prefer or recommend.

Reply | Quote

I have decided to go with Group B and install only the security updates from the catalogue (KB3192391). I hid the Oct 2016 security monthly quality rollup (KB3185330) so I would not accidentally install it. After performing these tasks, I checked the ‘view update history’ log and October, 2016 Security Only Quality Update for Windows 7 for x64-based Systems (KB3192391) was listed. I then checked the ‘restore hidden update’ log and October, 2016 Security Monthly Quality Rollup for Windows 7 x64-based systems (KB 3185330) was listed.

After all this discussion of the browser history disappearing, I decided to check the window update logs to see if the entries still exists. I discovered that the October, 2016 Security Only Quality Update for Windows 7 for x64-based Systems is no longer listed. It is now indicated as ‘Security update for windows KB3192391’. It appears just like every other install. I also installed the rollup for .NET framework (KB3188740). This update still appears in the log as: October, 2016 Security and Quality Rollup for .NET framework 3.5.1 for Windows 7 SP1. It has not changed.

As for the hidden monthly quality rollup (KB3185330), it no longer exists in the log. If one chooses to restore and install from windows update, it is not available . I did check Microsoft catalogue, and it does exist in the catalogue.

Reply | Quote

Lots of opinions here:

https://www.askwoody.com/2016/is-microsoft-crushing-the-antivirus-industry/

I still use Microsoft Security Essentials. But, as you see, many have other preferences.

Reply | Quote

Thanks for clearing that up Woody, now I don’t have to utilize the “Bang Head Here” target on the wall… again!

When did you add the “Update” to the bottom of the original post, I don’t recall seeing that until just now. It would make sense if it’s a Google Toolbar issue as I don’t have Google ANYTHING on any of my computers.

Reply | Quote

FWIW, I’ve started testing KB3197867, the security-only patch for Windows 7 for November, and it’s so far, so good. I’ve never used IE for anything beyond Windows Updates back in the XP days, or Chrome for anything, nor have I ever heard of this Google toolbar (toolbars, ugh), so I have no idea how it would affect those.

The Connected User Experience service, or whatever it’s called these days, is still not installed. This is the telemetry service that the full patch (“security quality”) was supposed to install. I looked for the service by both of its names (I can’t recall them now, but I had them in front of me when I was looking for them), and it’s not there.

Reply | Quote

Exact same problem occurs with KB3197868, Nov 2016 Monthly Security Rollup as with KB3185330.

Reply | Quote

I have installed the October Security only (KB3192391) on my Lenovo Laptop with Win7-64 Pro. I have installed the October Rollup (KB3185330) on a friends Acer Laptop with Win7-64 Home. Neither has any issues with the IE History that I saw, but both are set to delete history when the browser closes.

Caveat: Both have now also been updated with the appropriate November patches. No ill effects that I can see. I did allow the history to save and it was there.

Reply | Quote

Are you losing the Internet Explorer search history? Or the search history in an IE add-on, such as the Google Toolbar?

Reply | Quote

Does anybody still use IE? Let alone Google Spybar… I mean Toolbar… As a matter of safety I have all browsers set to delete all history every time they close… It sucks big data has to subvert what could be a beautiful thing… but they do… and I have to do what I have to do…

Unfortunately I have one of the most expensive Smart Bricks made… oh well…

Reply | Quote

Sorry for the string of posts, but I got to the bottom of the RunDLL32 issue. It was not connected to the Windows Updates.

So at this point a Win 8.1 machine with all available updates, security and reliability, seems to be fine.

-Noel

Reply | Quote

Please describe exactly how to reproduce or observe said problem.

Thanks.

-Noel

Reply | Quote

Win 7 , Group A. I use Firefox. Did both Oct and Nov. full patches didn`t lose my history.

Reply | Quote

I know this is unrelated to the topic, but does anybody know if there is a speed up for November for windows update or was the permanent solution speedup using two kb mentioned in an article the only way that helps it speed up? And follow up-will it remain at fast scanning speed for november and such?

Reply | Quote

Somewhat O.T.
Do we know how many coders/programmers Microsoft employs in the U.S for Windows?

Reply | Quote

I believe the “permanent for now” method from last month still works.

Reply | Quote

Thanks!

Reply | Quote

Reply | Quote

And you’ve tested the permanent for now method still works? Have you or anyone tested it to ensure it still works?

Reply | Quote

No, I have not tested it. But I haven’t heard of any problems.

I’d be very, very interested in hearing if it was broken!

Reply | Quote

Thanks for that DNSCrypt hint.
Was already using OpenDNS instead of common GoogleDNS, but this makes it even better.

Reply | Quote

Thank you Woody – I uninstalled Windows 7 Nov 2016 security update KB3197868 and rebooted. Google web search history is now happily displayed. On an exception basis I’ll wait for Microsoft to issue a corrected security patch before re-installing – perhaps December update will fix the issue. BTW the uninstall also now allows me to delete my search history while knowing what I am deleting.

Reply | Quote

I have installed KB3185331 on W8.1 machine and have not experienced any of the issues noted about IE11 search history. There could be an issue I have not detected but so far all appears normal.

Reply | Quote

When the culprit of this problem is finally discovered I’m going to lay odds that it’s something M$ included in an October IE patch that doesn’t get along with Google ANYTHING.

I’ve seen several different renditions of browser/history complaints out there allegedly beginning after the October updates were installed and the word Google was the only “common” word mentioned in every one of them.

Reply | Quote

Thanks for the report. When you say “Google web search history,” are you using Google Toolbar in IE?

Reply | Quote

That’s certainly what it looks like at this point.

Ya gotta wonder if it’s intentional.

Reply | Quote

I’m curious if you have particularly privacy-invading friends or family because your browsing history deletion measures will only protect you from them. If you want to ensure your online privacy from the state then you need to be using a decent encrypted VPN service or at least use the tor browser, even though they can still tell you’re using the tor browser based on the traffic just not what that traffic is.

Reply | Quote

Simpson:
Thanks for the security tips.
How do you suggest reading .pdf files if not using Adobe pdf reader?
Also, as the main DNScrypt programs seems much too complicated, what do you think of SimpleDNSCrypt?

Reply | Quote

>How do you suggest reading .pdf files if not using Adobe pdf reader?

Chrome.
Of Foxit reader if you want more options.

Reply | Quote

Woody,

I went ahead and was able to work the Group B routine for the October Security Update (Win7 Pro x64). That part went fine. When I checked for the Office updates, it looks like Secunia had taken care of that part of it. And the .NET 4.6.1 that is on my 2 machines also. I did install the Malicious Software Removal KB.

Installed during Group B process:

KB3192391 Security Only Quality Update for Windows 7 for x64-based Systems – October 2016

KB3188740 Security and Quality Rollup for .NET Framework 3.5.1 on Win 7 Sp 1

KB8900830 Windows Malicious Software Removal Tool x64 – October 2016

The “check for updates” part did take many hours. I haven’t added any of the KB’s that deal with speeding that part of it up. I do see the value in doing so.

As I haven’t put those speed up KB’s on, can you tell me which I would need to add, starting from scratch, if you will? Where would I find them?

I’m not sure where to go to find the “Catalog” you guys speak of. Any guidance would be greatly appreciated.

Group B seemed difficult at first, but I followed your excellent directions and it went just as advertised. The “check for updates” is a bore though. I definitely need guidance on how to make that more efficient.

Thanks, Chip

PS: You are a God among we mere mortals.

Reply | Quote

If you installed

KB3192391 Security Only Quality Update for Windows 7 for x64-based Systems – October 2016

Then you already know how to get into the Microsoft Catalog and pull out what you need. (If you got the download link from the KB article, that’s fine – no need to futz with the Catalog.)

The other two patches are exactly what you want.

I’m impressed that Secunia patched Office, but kept its hands off Windows.

To speed up your check for updates, just follow along here:

http://www.infoworld.com/article/3136677/microsoft-windows/how-to-speed-up-windows-7-update-scans-forever.html

Reply | Quote

FYI, one direct blow against telemetry can be struck by disabling the DiagTrack service.

But there is more that needs to be done overall. There are a lot of scheduled tasks to be reviewed and disabled as well.

-Noel

Reply | Quote

I’m not as skilled as most of you and getting older, but I decided to switch to OpenDNS based on the suggestions of all of you. I changed both my home router and my notebook and will also change my wife’s notebook shortly. I would appreciate your advise in regards to using DNSCrypt and DNSSEC. I’m mostly comfortable with my local network, but I do have a hardware box that wirelessly connects so as to receive special TV programs in another language for my wife and our iphones both connect to the home router as well. With all the IOT device vulnerabilities I’m not sure if these 2 additional programs should be installed on the router or the notebooks or both and how they should be configured and which version or release of these programs I should use? Any suggestions would be greatly appreciated and Thank You for your time in reading my posting.

Reply | Quote

Woody,

That article on speeding up the Win7 updates seems to have done the trick. KB3020369 was already on board. It took a couple of attempts to install KB3172605, but on the 3rd attempt it installed correctly.

The “check for updates” took only 3 minutes, instead of the 8 and 9 hours that were required last time. My Dell Precision M6800 Mobile Workstation (Intel Core i7) took approximately 3 minutes; and my Dell Optiplex 390 (Intel Core i3) took about 5 minutes.

I did one slight procedure error on try #3, with the M6800. I started the reboot before I switched the Wi-Fi back on; I actually switched it on during the reboot, but it looks like it didn’t bother the process.

Thanks Mate – well done.

Chip

Reply | Quote

Woody,

The 3 attempts were on the M6800. When I installed on the 390, I got it right on the 1st attempt. Practice makes perfect?

Chip

Reply | Quote

Thank you!

Reply | Quote