With no warning, Win 7/8.1 ‘Get Windows 10’ nagware patch KB 3035583 suddenly re-appears

The tenth version of the Microsoft’s much-maligned malware rolled out Tuesday afternoon

InfoWorld Woody on Windows

Thanks to everyone who participated in the fact-gathering,  here on AskWoody, via Twitter, and on my new AskWoody Facebook page.

KB3035583, the “Get Windows 10” app is re-re-re-released

Please check your Windows 7 and 8.1 machines, and tell me if KB 3035583 appears in Windows Update? Post here and tell me (1) Windows version, (2) Does the patch appear in the Important or Optional list, (3) Is the box to the left of the patch checked or unchecked, (4) Italicized or not. Thanks!

(Before you ask, I’ve never seen a definitive explanation about why patches appear italicized.)

I’ve seen three many independent reports that KB3035583 – the notorious “Get Windows 10” patch – has been re-released. Not clear if it’s recommended or not, checked or not.

Be careful out there.

It still isn’t listed on the official Windows Update site, and the KB article hasn’t been updated, at close of business East Coast time on Tuesday.

I’m seeing it as unchecked, Optional, italicized on Windows 7 machines.

On my sole surviving Windows 8.1 machine, KB 3035583 appears as optional, unchecked, italicized.

Look for the story tomorrow morning in InfoWorld.

The inside scoop on Windows snooping

Microsoft won’t give us any decent documentation about its telemetry/snooping efforts. Ed Bott, on the other hand, has lots of contacts on the Windows team and has turned out an important piece on Windows security.

Yes, I know that Ed writes books for Microsoft. Yes, I know he generally comes down on the side of the Redmondians. Nonetheless, if you read his article carefully, you’ll learn a lot.

I know I did.

I’d love to see a companion piece on Windows 7 and 8.1 snooping.

It took MS eight days to fix an Office 2013 Click-to-Run bug

Not an auspicious precedent for Windows 10, and Microsoft-as-a-Service.

InfoWorld Woody on Windows

Which hard drive should you buy?

I get this question all the time. Of course, the answer is never definitive, and depends on all sorts of things, but there’s a new analysis from data storage/backup firm Backblaze that talks about the reliability of their hard drives in 2015. It’s a very broad analysis: by the end of the year, they had 56,224 hard drives in use.

Highlights:

• HGST, in general, had the lowest failure rate.
• Seagate’s 1.5 TB drive has problems, the 3 TB model ST3000DM001 was so bad (28.34% failure rate) that it was retired in 2015, but its 4 TB and larger drives do well, with an average 3% failure rate per year.
• Western Digital’s 2 TB and 3 TB drives aren’t particularly reliable, but the 4 TB drive has high reliability.

For precise model numbers (which are important), you can read the report.

This comment seems to sum up where things stand for those who need to store a lot of data:

All of the 4TB drives have acceptable failure rates, but we’ve purchased primarily Seagate drives. Why? The HGST 4TB drives, while showing exceptionally low failure rates, are no longer available having been replaced with higher priced, higher performing models. The readily available and highly competitive price of the Seagate 4TB drives, along with their solid performance and respectable failure rates, have made them our drive of choice.

A relevant observation from our Operations team on the Seagate drives is that they generally signal their impending failure via their SMART stats. Since we monitor several SMART stats, we are often warned of trouble before a pending failure and can take appropriate action. Drive failures from the other manufacturers appear to be less predictable via SMART stats.

Just in case you haven’t priced them lately, Newegg sells the HGST H3IKNAS40003272SN 4 TB for $159, the Seagate ST4000DM000 4 TB for $122, and the Western Digital Red WD40EFRX for $150. If you want an external drive, look here, and pay attention to the ratings.

Latest firmware patch for Surface Book / Surface Pro 4 may actually work

And there’s a bit of lagniappe for you Windows 10 users.

InfoWorld Woody on Windows

How to roll back your Windows 10 upgrade

What works, what doesn’t, suggestions and fixes.

InfoWorld

New Surface Book, Surface Pro 4 firmware updates

They’re supposed to fix the (many!) lingering problems with SB and SP4.

I find it interesting that MS is releasing this as four separately identified patches. I hope — hope! — that this is the first step toward separating out Windows 10 patches, instead of cramming everything together.

Brad Sams has the early scoop.

Avoid the Windows 10 “update” KB 3140742

Just like KB 3136562, it’s a downloadable patch — available on Microsoft’s servers — that’s not yet official. The earlier patch didn’t become a real cumulative update. No reason to believe this one will, either.

Should I patch now or wait?

Just got a good question from reader IB:

Woody, I know you’re a busy guy. Thanks for all you do…
I have a basic question. I have ONE home computer, win7 pro, 64 bit (whatever that means)
I use GWX control panel, and have ZERO desire to update to win 10. Heck, I just got rid of XP less than a year ago! My windows updates are set to “let me choose” etc.

As per your advise, I always install DEFENDER updates immediately.

But my confusion is about “important” updates: I think you have told us that anything with “security” in the title needs to be installed. (I currently have a couple security for “.NET FRAMEWORK” and about 10 for WIN7 64bit…”). But in response to a comment within the last week (I forget which thread) about security updates, you said, “wait”.

So my question…when I see ‘security’ updates…should I install them immediately, or wait till DEFCON says it’s time?

Thank you.

I say, always wait for the MS-DEFCON rating to come down, then follow the specific instructions I give when the number goes down.

There’s a reason for waiting. Many problems with Microsoft’s patches don’t appear in the first few days, or even the first few weeks, in some cases. For Win7 and 8.1, Microsoft pulls and re-issues the really bad ones. For Win10, well, we’re still not sure exactly what Microsoft will do. In all cases, within a few weeks we have a pretty good idea of what’s going to clobber systems, and what’s benign.

Not infallible, mind you, but reasonably accurate.

You also need to keep in mind that very, very few patches cover holes that are being exploited. There are fixes for zero-day problems, but most zero-days these days are directed at very specific targets – government installations, military, financial institutions and the like. For you and I, zero-days are rarely a concern.

Take a look at the latest SANS Internet Storm Center list. See the column marked “Known Exploits”? There aren’t any known exploits for any of the patches (although there’s one that had a published exploit later). Even when an exploit “Proof of Concept” is published, it takes weeks or months or years for the exploit to become a problem for you and me.

If you’re carrying a hundred thousand Social Security numbers, or storing nuclear launch codes, it’s a different problem, of course. But for the vast number of people, the vast majority of the time, waiting for patches to show their fangs is a very good idea.

You need to patch sooner or later. Yes. Definitely. But you don’t need to dance to Microsoft’s tune.

Citrix verifies ongoing problems between VDA and Windows 10 build 10586 cumulative updates

If you use Citrix VDA with Windows 10, you’re in for a rough ride.

InfoWorld Woody on Windows

29 non-security patches just released

Oh boy. Here’s the Cliff Notes version:

• Update for Windows Server 2012 (KB3055343)
  https://support.microsoft.com/kb/3055343
• Update for Windows 8.1, Windows Server 2012 R2, Windows Server 2012, Windows 7, and Windows Server 2008 R2 (KB3063109)https://support.microsoft.com/kb/3063109
• Update Rollup for Microsoft Windows MultiPoint Server 2012 (KB3075566)https://support.microsoft.com/kb/3075566
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3103699)
  https://support.microsoft.com/kb/3103699
• Update for Windows MultiPoint Server 2012 (KB3104431)
  https://support.microsoft.com/kb/3104431
• Update for Windows 8.1 and Windows Server 2012 R2 (KB3106637)
  https://support.microsoft.com/kb/3106637
• Update for Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Server 2012, Windows 7, Windows Server 2008 R2, Windows Server 2008, and Windows Vista (KB3118401)
  https://support.microsoft.com/kb/3118401
• Update for Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Server 2012, Windows 7, and Windows Server 2008 R2 (KB3121255)
  https://support.microsoft.com/kb/3121255
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3121260)
  https://support.microsoft.com/kb/3121260
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3121261)
  https://support.microsoft.com/kb/3121261
• Update for Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard and Windows Server 2012 (KB3123242)
  https://support.microsoft.com/kb/3123242
• Update for Windows Server 2012 R2 (KB3123595)
  https://support.microsoft.com/kb/3123595
• Update for Windows Server 2012 R2 (KB3123913)
  https://support.microsoft.com/kb/3123913
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3125210)
  https://support.microsoft.com/kb/3125210
• Update for Windows 8.1 and Windows RT 8.1 (KB3126030)
  https://support.microsoft.com/kb/3126030
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3126033)
  https://support.microsoft.com/kb/3126033
• Update for Windows Server 2012 R2 (KB3127060)
  https://support.microsoft.com/kb/3127060
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3128650)
  https://support.microsoft.com/kb/3128650
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3130896)
  https://support.microsoft.com/kb/3130896
• Update for Windows Server 2012 (KB3130902)
  https://support.microsoft.com/kb/3130902
• Update for Windows Server 2012 R2 (KB3130934)
  https://support.microsoft.com/kb/3130934
• Update for Windows Server 2012 R2 (KB3130939)
  https://support.microsoft.com/kb/3130939
• Update for Windows Embedded 8 Standard and Windows Server 2012 (KB3133679)
  https://support.microsoft.com/kb/3133679
• Update for Windows Server 2012 R2 (KB3133717)
  https://support.microsoft.com/kb/3133717
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3133924)
  https://support.microsoft.com/kb/3133924
• Update for Windows Server 2012 R2 and Windows Server 2012 (KB3134242)
  https://support.microsoft.com/kb/3134242
• Update for Windows 8.1 and Windows Server 2012 R2 (KB3134812)
  https://support.microsoft.com/kb/3134812
• Update for Windows Server 2012 R2 (KB3134813)
  https://support.microsoft.com/kb/3134813
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3134815)
  https://support.microsoft.com/kb/3134815