Newsletter Archives

  • Microsoft rereleases botched December patch KB 3004394 — and it works

    Posted on February 18, 2015 at 08:46 CST by Comment in the Forums

    Thanks to JB and MM for the heads-up, and SB for corroboration.

    Remember that monster patch from last December — the one that required a Silver Bullet patch to zap it away? The Root Cert patch is back – and it seems to be working.

    InfoWorld Tech Watch

    Uncategorized ,

  • MS-DEFCON 4: Two caveats, but install all outstanding Microsoft patches

    Posted on January 28, 2015 at 20:34 CST by Comment in the Forums

    The two caveats:

    If you use Excel macros, you’re better off avoiding the December patches KB 2726958 for Office 2013, KB 2553154 for Office 2010, and KB 2596927 for Office 2007. Microsoft still hasn’t fixed the bug that breaks various aspect of Excel macro programming and execution, although it has issued a manual fix: KB 3025036.

    If you have an ASUS, Dell, or HP machines, check and see if it’s running an AMD processor. If so, Susan Bradley at Windows Secrets Newsletter — who’s my go-to authority on the subject — advises that you avoid KB 3004365, the January Windows Error Reporting fix. 

    With those two exceptions, Microsoft has either pulled or fixed all of the outstanding patches, as best I can tell. It looks like Avast has fixed whatever was dogging KB 3000850, from November, and the other problems mentioned earlier don’t seem to be generating the level of screams they once did.

    I’m moving us down to MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.

    My usual boilerplate advice:

    For those of you who are new to this game, keep in mind that… You should always use Windows Update to install patches; downloading and installing individual patches is a clear sign of impending insanity. I always install Windows Defender/Microsoft Security Essentials updates as soon as they’re available – same with spam filter updates. I never install drivers from Windows Update (in the rare case where I can actually see a problem with a driver, I go to the manufacturer’s web site and download it from the original source). I almost never install “Recommended” patches (reader Marty suggests that you uncheck the Windows Update box that says “Give me the recommended updates the same way I receive important updates”). If Windows Update has a patch but the box isn’t checked, DON’T CHECK THE BOX. It’s like spitting in the wind. I use Chrome and Firefox, and only pull out IE when I feel very inclined — but even if you don’t use IE, you need to keep up with its patches.

    Windows Patches/Security ,

  • Still at MS-DEFCON 2 — but should have an update tomorrow

    Posted on January 28, 2015 at 07:21 CST by Comment in the Forums

    For those of you who are still holding off on installing the December and January patches…

    Except for a few known problems, they’re looking OK. I’m going to wait and see what Susan Bradley says on Thursday in Windows Secrets Newsletter before giving a blanket go-ahead with warnings.

    The warnings will likely include as-yet-unresolved problems with Excel macros and several others.

    Let’s see how it shakes out. In the interim, rest assured that, unless you have state secrets or your work for a foreign intelligence organization, you don’t have much to worry about — there aren’t any mass clobberings going on with the December and January patches.

    Keep your powder dry and use Firefox or Chrome…

    Windows Patches/Security ,

  • MS-DEFCON 2: Skipping the December patches, for now

    Posted on January 12, 2015 at 07:57 CST by Comment in the Forums

    You all know that I wait and give the “all clear” when it looks like Microsoft has finally fixed a given month’s patches.

    Well, for December, I waited and waited and… and I’m still waiting.

    If you want to install individual patches, go right ahead. Reader Frank, posting in the original patch-kvetching thread, has a good compromise for Windows 8 users:

    After some careful study I decided to triage KB2726958, KB3008923, KB3008925 and KB3004394 as offered in December for Windows 8.1 64 bit system. I installed the other December patches without incident and have not experienced any discernible issues as of yet. I think KB3004394 will be OK to install as the issues it created seem to surface on Windows 7 and Server 2008 only. However, out of an abundance of caution the four patches noted will not be installed until the confidence level becomes clearer.

    But for those of you who don’t want to pick-n-choose, I say wait. Don’t install the December patches yet. We’ll look at the mess again at the end of January.

    Helluva note, ain’t it?

    Windows Patches/Security

  • Microsoft’s December patch hangover: KB 3008923 unrepentant; Fixit for some 2553154, 2726958 problems; 3004394 dead; and 3011970 re-issued

    Posted on January 6, 2015 at 14:38 CST by Comment in the Forums

    What a mess.

    If you know of any other problems, please comment on the InfoWorld article!

    InfoWorld Tech Watch.

    Windows Patches/Security , , , , ,

  • Botch brigade: KB 2553154, 2726958 clobber Excel ActiveX; KB 3011970 Silverlight and KB 3004394 Root Cert both pulled

    Posted on December 11, 2014 at 07:35 CST by Comment in the Forums

    But wait! There’s more!

    KB 3008923 crashes IE, KB 3002339 still hanging on install, KB 2986475 still pulled.

    Details at InfoWorld Tech Watch.

    I just had an independently reported crash, from PB:

    I wanted to mention that I work for a small company and starting yesterday everyone in the office started getting IE failure messages “Internet Explorer has stopped working A problem caused the program to stop working correctly……. Close Program” I have found that be removing the new update KB3008923 has resolved the problem on all computers.

     Thanks, PB

     

    Windows Patches/Security , , , , , , ,

  • MS-DEFCON 2: Make sure Automatic Update is turned off

    Posted on December 9, 2014 at 03:44 CST by Comment in the Forums

    Microsoft’s Security Bulletin Advance Notification for this month looks suitably innocuous.

    The most interesting part: Microsoft’s apparently releasing the security bulletin that was announced last month — one of the two “placeholder” bulletins that were numbered, but didn’t get sent out the Automatic Update chute. The other one was released a couple of weeks ago. Look for MS14-075.

    Now’s a good time to make sure you have Automatic Update turned off. See the Automatic Update tab above if you need instructions. (And realize that you can’t turn Automatic Update off in Windows 10 Technical Preview.)

    I’m moving us to MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

    Let’s see what kind of brimstone comes raining down this month.

    Windows Patches/Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.