|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
MS-DEFCON 4: Microsoft begins a strong push for 24H2
ISSUE 22.04.1 • 2025-01-28 
By Susan Bradley
Last week, Microsoft announced that Windows 11 24H2 is now “broadly available.”
This notice was contained in the Microsoft Learn post Windows 11, version 24H2 known issues and notifications.
Except for my continuing recommendation not to install 24H2, I’m lowering the MS-DEFCON level to 4. There are some problems, but they are manageable. Go ahead and patch.
Microsoft’s language in the Learn post was more direct than usual and included Windows 10 in the mix.
Anyone can read the full MS-DEFCON Alert (22.04.1, 2025-01-28).
-
MS-DEFCON 4: Consumers get a break
ISSUE 21.26.1 • 2024-06-25 By Susan Bradley
We’re halfway through the patching year!
It’s time to install the June updates, which is why I’m lowering the MS-DEFCON level to 4. I’m not seeing any widespread issues or major impacts. Most side effects seem to be with Win11 Insider versions and 24H2.
It appears that new technology allowing you to sync your phone with your computer is causing a bit of a CPU hit in the 24H2 release. Microsoft is trying to fix this issue before it gets released to the rest of us. That’s good news.
In the very good news category is the delay in releasing Microsoft Recall, the much-hyped “reminder” software. The company pulled back at the last minute, due to concerns from security researchers and businesses.
Anyone can read the full MS-DEFCON Alert (21.26.1, 2024-06-25).
-
MS-DEFCON 4: A “sort of” quiet February
ISSUE 21.09.1 • 2024-02-27 By Susan Bradley
The February updates have generally been well behaved, with one major exception: gamers.
Otherwise, things have been mostly quiet. That’s why I feel comfortable lowering the MS-DEFCON level to 4. Patches are unlikely to cause most users any problems.
Anyone can read the full MS-DEFCON Alert (21.09.1, 2024-02-27).
-
Microsoft kills off Internet Explorer — mostly
ISSUE 20.08 • 2023-02-20 PATCH WATCH
By Susan Bradley
Not feeling the love from Microsoft this month?
That might be because the company is saying goodbye to its aged Internet Explorer Web browser (IE), albeit only on certain platforms.
For Windows 10, the death of IE is not part of this month’s Windows update but rather part of the update to the Edge browser. That update would have been in the background, silent, and you may not have noticed it. Even if you did, you probably didn’t pay much attention. Unless, of course, you had moved from IE to Edge a while back. For you, the update re-migrated your favorites and bookmarks, making a duplicate list.
Read the full story in our Plus Newsletter (20.08.0, 2023-02-20).
This story also appears in our public Newsletter. -
Patch Lady – SQL patching in August
For the folks with SQL server and in particular SQL 2014: I’ve seen this come up a bit in forums and other venues:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8273
In that post it implies that other versions of SQL besides 2016 and 2017 are vulnerable.
The way I read it and understand the situation it’s only SQL 2016 and 2017 that are vulnerable. If you have SQL 2014 SP2 which is supported until 2024 and still in mainstream support – it’s not vulnerable.
Just because newer stuff is newer doesn’t mean older stuff is vulnerable too.
“The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected.”
Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.
That second statement is totally not true. SQL 2014 sp2 is very much supported.
In fact as you can see from the link below it’s supported until 2024 for security updates (Extended support is the final date of support for security patches)
And definitely mainstream until 2019 (which means it not only gets security updates but general fixes as well.
Apologies to the MSRC folks but I rate this on the Pinocchio scale for this portal entry as Not Transparent enough and thusly confusing.
-
NET Security/Quality rollups KB 3210137, 3210138 pulled over conflict with SQL Server, Veritas backup
The 3rd Tuesday “preview” rollout isn’t working the way it’s supposed to.
UPDATE: Following up on comments posted on the patchmanagement.org mailing list, it looks like the KBs installed through WSUS are KB 3205403 and 3205404, and both of those are still available in the Update Catalog.
There’s also a note that the patch for .NET 4.5.2 (the only version affected by this problem) would be mighty hard to extricate from the rollups, because they deal with many versions of .NET.
I’m pulling the article on InfoWorld, will fix it and re-release in the morning.
-
Hotmail #FAIL
Microsoft lays an egg in the cloud.
Infoworld Tech Watch.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
HP Pavilion Will Not Wake Up After Being Idle for Longer Period
by 5 hours, 37 minutes ago
-
Make a Windows 11 Local Account Passwordless
by 1 hour, 13 minutes ago
-
Ubuntu 25.04 (Plucky Puffin)
by 8 hours, 46 minutes ago
-
24H2 fixed??
by 11 hours, 28 minutes ago
-
Uninstalr Updates
by 13 hours, 55 minutes ago
-
Apple zero days for April
by 19 hours, 20 minutes ago
-
CVE program gets last-minute funding from CISA – and maybe a new home
by 1 day ago
-
Whistleblower describes DOGE IT dept rumpus at America’s labor watchdog
by 1 day, 12 hours ago
-
Seeing BSOD’s on 24H2?
by 19 hours, 34 minutes ago
-
TUT For Private Llama LLM, Local Installation and Isolated from the Internet.
by 1 day, 3 hours ago
-
Upgrade from Windows 10 to 11
by 1 day, 21 hours ago
-
Microsoft : AI-powered deception: Emerging fraud threats and countermeasures
by 2 days ago
-
0patch
by 1 day, 1 hour ago
-
Devices might encounter blue screen exception with the recent Windows updates
by 1 day, 17 hours ago
-
Windows 11 Insider Preview Build 22631.5261 (23H2) released to Release Preview
by 2 days, 3 hours ago
-
Problem opening image attachments
by 2 days, 4 hours ago
-
advice for setting up a new windows computer
by 2 days, 19 hours ago
-
It’s Identity Theft Day!
by 1 day, 23 hours ago
-
Android 15 require minimum 32GB of storage
by 3 days ago
-
Mac Mini 2018, iPhone 6s 2015 Are Now Vintage
by 3 days ago
-
Hertz says hackers stole customer credit card and driver’s license data
by 3 days ago
-
Firefox became sluggish
by 17 hours, 16 minutes ago
-
Windows 10 Build 19045.5794 (22H2) to Release Preview Channel
by 3 days, 4 hours ago
-
Windows 11 Insider Preview Build 22635.5235 (23H2) released to BETA
by 3 days, 5 hours ago
-
A Funny Thing Happened on the Way to the Forum
by 2 days, 2 hours ago
-
Download speeds only 0.3Mbps after 24H2 upgrade on WiFi and Ethernet
by 43 minutes ago
-
T-Mobile 5G Wireless Internet
by 2 days, 3 hours ago
-
Clock missing above calendar in Windows 10
by 4 hours, 42 minutes ago
-
Formula to Calculate Q1, Q2, Q3, or Q4 of the Year?
by 3 days, 20 hours ago
-
The time has come for AI-generated art
by 3 days ago
Remembering Woody
