|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
MS-DEFCON 3: Patch Windows, but beware the snoops
It’s time to get caught up with your Microsoft patches. The September Black Tuesday patches have festered, gone through a few re-releases, and generally stewed enough to warrant applying to your machine.If I count Susan Bradley’s list of patches correctly, there were 75 patches released for Vista, Win 7 and Win 8.1 in September, and another six — many of which are nagging or snooping patches — released so far in October.
I don’t see any patches screaming to get out, as long as you aren’t using Internet Explorer. Of course, as I’ve been advising for a long time (a decade?), you should update IE but not use it. Instead, use Firefox or Chrome for your day-to-day browsing. If you have Windows 10, Edge is a secure choice, but it’s still way behind the ball on features – most Windows 10 users have moved to Chrome, for good reason.
Here’s what I recommend:
Vista – install all available updates.
Windows 7 – This is hairy because of the snooping patches just re-re-released. Start by reading this article in InfoWorld, then search through your list of available patches (in Windows Update, see the tab above that says “Automatic Update” for instructions). If you see any of these patches: KB 3035583, KB 2952664, KB 2977759, KB 3068708, 3022345, 3075249, or 3080149, [UPDATE: or 3083324, which now appears to be “Important”] [UPDATE: or 3090045, which is supposed to help upgrading to Win10] make sure they’re unchecked, right-click on the patch and “Hide” it. They’re all Win10 nags or telemetry patches. If you don’t see one or more of those patches, don’t worry about it. I have an article in the works that’ll show you how to turn off most Windows 7 telemetry.
(If you’re double-checking with last month’s recommendations, note: I received official information back from Microsoft about those patches, and it was demonstrably incorrect and/or misleading.)
After installing all outstanding patches, reboot, then immediately follow the instructions here to run the GWX Control Panel. That should turn off the Windows 10 upgrade nags. Reboot again.
Windows 8.1 – Similar to Windows 7, but uncheck and hide KB 3035583, KB 2976978 KB 3068708, 3022345, 3075249, and 3080149 [UPDATE: or 3090045, which is supposed to help upgrading to Win10]. If you don’t see one or more of those patches, don’t worry about it. I have an article in the works that’ll show you how to turn off most Windows 8.1 telemetry. Reboot, use GWX Control Panel to remove the Windows 10 nagging software, and reboot again. If you have trouble getting KB 3069114 to install, try installing KB 3096053 and see if that helps.
Windows 10 – If you’ve been using the metered connection trick to block Windows 10 updates, now’s a good time to turn off the metered connection and let the updates flow. (Start, Settings, Network & internet, Wi-Fi, click on your connection, then Advanced options, turn Metered Connection off. Let Windows do its update thing, then turn the metered indicator back on.) We’re up to Cumulative Update 7.
If you’re using the new Windows Store setting to block Automatic Store app updates, turn the switch in Windows Store on, then in Windows Store, click on your picture, choose Downloads and Updates, then click to Check for updates. Remember to turn the switch off again.
If you have problems installing the Cumulative Update, don’t worry about it. Microsoft will get its act together one of these days. All of the Win10 patches to date are cumulative (with a couple of driver exceptions), so when Microsoft gets caught up, you will, too.
We’re going down to MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems. Specifically, I’m concerned about adding Windows 10 nagware and Microsoft snooping to Windows 7 and 8.1 machines. I’ll be following that closely in InfoWorld’s Woody on Windows.
The usual admonitions apply: In Vista, Win7 and Win8.1, use Windows Update, DON’T CHECK ANY BOXES THAT AREN’T CHECKED, reboot after you patch, and then run Windows Update one more time to see if there’s anything lurking. When you’re done, make sure you have Automatic Update turned off. I always install Windows Defender/Microsoft Security Essentials updates as soon as they’re available – same with spam filter updates. I never install drivers from Windows Update (in the rare case where I can actually see a problem with a driver, I go to the manufacturer’s web site and download it from the original source). For Windows 10, the situation’s more complicated, depending on how far you’ve gone to block forced patches. The general procedure’s described above.
-
Don’t check that box! Stealthy Win7 patch KB 3083324 arrives with no warning, little documentation
Now available in InfoWorld Woody on Windows
People all over the world are waking up this morning to a nice little present in their Windows 7 (and Server 2008 R2) Windows Update boxes – KB 3083324, which describes itself as “Windows Update Client for Windows 7 and Windows Server 2008 R2: September 2015.” Here’s what the KB article says:
This article describes an update that contains some improvements to Windows Update Client in Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1.
That’s it. If there’s any further description, I can’t find it. In particular, as of this writing anyway, it isn’t even listed in the official Windows Update catalog.
There’s some conjecture that the patch may fix the intolerably long wait some people are experiencing when checking for updates in Win7.
Fortunately, the patch is optional – it appears in the Windows Update list as an unchecked item in the Optional list.
Are you feeling lucky? Want to beta test a Windows Update update? Enjoy the feeling of exhilaration when Microsoft releases yet another stealthy patch?
My advice: Don’t check that box.
t/h Bogdan Popa, Softpedia
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Uninstalr Updates
by 1 minute ago
-
Apple zero days for April
by 31 minutes ago
-
CVE program gets last-minute funding from CISA – and maybe a new home
by 10 hours, 13 minutes ago
-
Whistleblower describes DOGE IT dept rumpus at America’s labor watchdog
by 10 hours, 23 minutes ago
-
Seeing BSOD’s on 24H2?
by 3 hours, 3 minutes ago
-
TUT For Private Llama LLM, Local Installation and Isolated from the Internet.
by 47 minutes ago
-
Upgrade from Windows 10 to 11
by 19 hours, 3 minutes ago
-
Microsoft : AI-powered deception: Emerging fraud threats and countermeasures
by 21 hours, 53 minutes ago
-
0patch
by 55 minutes ago
-
Devices might encounter blue screen exception with the recent Windows updates
by 15 hours, 15 minutes ago
-
Windows 11 Insider Preview Build 22631.5261 (23H2) released to Release Preview
by 1 day ago
-
Problem opening image attachments
by 1 day, 2 hours ago
-
advice for setting up a new windows computer
by 1 day, 17 hours ago
-
It’s Identity Theft Day!
by 21 hours, 29 minutes ago
-
Android 15 require minimum 32GB of storage
by 1 day, 22 hours ago
-
Mac Mini 2018, iPhone 6s 2015 Are Now Vintage
by 1 day, 22 hours ago
-
Hertz says hackers stole customer credit card and driver’s license data
by 1 day, 22 hours ago
-
Firefox became sluggish
by 1 day, 19 hours ago
-
Windows 10 Build 19045.5794 (22H2) to Release Preview Channel
by 2 days, 2 hours ago
-
Windows 11 Insider Preview Build 22635.5235 (23H2) released to BETA
by 2 days, 3 hours ago
-
A Funny Thing Happened on the Way to the Forum
by 1 day ago
-
Download speeds only 0.3Mbps after 24H2 upgrade on WiFi and Ethernet
by 4 hours, 59 minutes ago
-
T-Mobile 5G Wireless Internet
by 1 day, 1 hour ago
-
Clock missing above calendar in Windows 10
by 1 day, 2 hours ago
-
Formula to Calculate Q1, Q2, Q3, or Q4 of the Year?
by 2 days, 17 hours ago
-
The time has come for AI-generated art
by 1 day, 21 hours ago
-
Hackers are using two-factor authentication to infect you
by 2 days, 7 hours ago
-
23 and you
by 2 days, 14 hours ago
-
April’s deluge of patches
by 18 hours, 45 minutes ago
-
Windows 11 Windows Updater question
by 8 hours, 41 minutes ago
Remembering Woody
