|
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Still at MS-DEFCON 2: MS10-002 is out, but you don’t need it
Posted on January 22nd, 2010 at 13:26 25 commentsMicrosoft has released MS10-002 / KB 978207 as expected. You don’t need it right away unless you’re running IE 6. And if you’re running IE 6, what you really need is Firefox, not this patch.
None of the current patches are worth worrying about. We remain at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
25 responses to “Still at MS-DEFCON 2: MS10-002 is out, but you don’t need it”
-
Santosh January 22nd, 2010 at 17:27
Do we have any known issuing as in “Problem opening certain websites” or certain application stops working after installing the patch.
-
Santosh -
It’s still much, much too early to know if there are going to be any major problems. The KB article – http://support.microsoft.com/kb/978207 – is up to Version 3.0, in less than 24 hours. That’s not a good sign.
The smartest thing to do is to get rid of IE 6 – upgrade to IE 7 or 8 – and start using Firefox or Chrome or Opera. -
Oops, I did it before the warning, but I do use firefox (and I’m waiting for the prompter to tell me they are upgrading when it’s beyond beta, for firefox)…Haven’t notice a problem yet…uh uh…knocking on wood.
-
4 questions:
1) install KB915597 windows Defender update?
2) install KB 97227 for windows vista?
3) use monthly Malicious Software Remover Tool monthly KB89083?
4) if we have IE 7 should are you saying to install IE 8, & not use? (I’ve been trying Firefox lately; with lots of crashes, esp. since they upgraded me to 3.5.6 about a week ago!
I’m not an early adopter, I like to get the bugs out before I adopt! -
rc primak January 23rd, 2010 at 04:44
Make that Firefox 3.6. It’s being pushed on users now through the firefox Updater.
-
Sanda -
Don’t worry about it. We’ll see if it has any unforeseen problems. The MS10-002 patch is HUGE, as are all of the cumulative IE rollup patches. That usually means there will be some wailing and gnashing of teeth.
-
Mel -
1) Dump Windows Defender (and any antivirus programs you may be using), and get Microsoft Security Essentials.
2) Not sure which KB article you’re looking at. The number’s wrong.
3) Always install the Malicious Software Remover Tool, but see #1.
4) How is Firefox crashing? It’s remarkably stable for me. If you have IE7 you’re OK, but installing IE8 wouldn’t hurt. Update either, but use Firefox or Chrome or Opera or… -
On Jan 22 a patch for Vista was automatically installed on laptop. Presumable this one. The laptop automatically shut down after- on rebooting got Windows error recovery which could not repair startup.
My fault for allowing automatic updates? Luckily I have an XP desktop.
I await reply from Microsoft.
-
Okay…1)how do I dump Defender, avg (paid version)?
2) Where do I get MSEssentials safely?
3) It is KB972270 for windows vista.
4) It may be 3.6, not positive, it came “forced”!
4) Firefox goes poof if I change location in e-mail, go to a previous page, other normals that should be no prob cause poof! Get message it has crashed, well, yeah! Sometimes that I’ve opened, when I changed or tried to close, or closed something.
5) I’ve got Ghostery but nothing else, not NScript.
6) What are safe, good ad ons for Firefox? -
Russell January 24th, 2010 at 02:55
Mark Minasi has a new URGENT Tech Page in his latest Tech Newsletter.
“… there’s an out-of-band security fix from Microsoft, released today. I’m urging you to install it NOW, without even testing it. Yup, that’s unusual, but so is this fix. I’ll tell you why in this Tech Page. PLEASE read it.
You can find the Tech Page here:
-
Russell -
Mark and I have different audiences. He’s writing primarily to system admins – people in charge of keeping big multinational companies out of spearphishing problems. (It’s sobering to think that all of the companies that got hit with the “Aurora” caper employ cadres of computer security experts, and all of them got bushwacked.)
My audience is more mainstream. And for most Windows users, M10-002 right now isn’t even remotely important. It IS important that people get rid of IE6, and that they use a browser other than IE. But narrowly-defined spearphishing attacks by PRC operatives looking for human rights activists and corporate secrets aren’t high on the priority list. For most of us, anyway.
-
Mel -
Oy! You’ve touched on topics I’ve been covering here and in Windows Secrets Newsletter for months.
1) 2) For MSE and dumping AVG, see http://www.askwoody.com/2009/microsoft-security-essentials-da-facts/
3) KB 972270 is MS10-001. That’s one of the security bulletins I’m currently recommending that you NOT install. That’s why we’re at MS-DECFON 2.
4) I haven’t upgraded to Firefox 3.6 because AI Roboform isn’t up to speed yet – or if it is, it only just got updated. I hope you’re reporting those crashes to Firefox. They’re rare. If Firefox is crashing, disable your add-ons. No idea if Ghostery is causing problems, but that’s the first thing to check.
I only use a small handful of Firefox add-ins: the most important one is AI Roboform. I also use SearchStatus, to keep track of Google PageRanks. I’m sure other folks watching can fill you in on zillions of add-ons that they like. Personally, I like to keep FF lean.
-
Akko -
Keep us posted. Scary, eh? (And I hope you turned off Automatic Updates!)
-
I have certainly turned off Automatic Updates on this XP desktop I am using to send this! But the Acer laptop with Vista is completely shut down. F8 Safe Mode-just returns me to Windows Error Recovery.
System Restore tells me that there is no restore points created. Backup restore- can’t find back up files on any disk, but there is a partition with full backup which I was meticulous to create regularly.
The update was also installed on this XP desktop at the same time as the laptop, without any trouble. Is it possible that an update for Xp can find it’s way into a Vista machine? That could be the trouble. -
Akko -
Have you heard back from Microsoft? (Nope, the XP update would’ve been applied to the XP machine, and the Vista update to Vista.)
-
Not yet. It was Sunday yesterday, perhaps they all go to church? I will let you know if they do.
-
Email from MS yesterday, said: just go to the Knowledgebase. Spent 2 hours looking for similar problem. Nix. Decided to look at the Acer site. Found that I needed to use a different key combination to access the Acer facility to recover the factory settings from a partition on the HD. Decided not to waste any more time, so installed the original set up, and spent quite a bit of time installing all the programmes, luckily Mozilla, OpenOffice, AVG etc, and all my data which I luckily had backed up. I doubt if MS would ever really help anyone, especially if they thought it was not their fault. But it is too much of a coincidence that the update installed itself, shut down the laptop, and the a Black screen.
Thanks for your comments Woody, I have most of your books ever since I started with WIN 3.1 all those years ago, or was it 95 you first wrote about? -
Akko -
It’s tough isolating problems like yours. I’m just glad you were able to recover.
You’ve got a good memory, too.
My first book was “Windows 3.1 Programming for Mere Mortals.” -
Could the patch “disappear” software? I went to view Apple trailers (using Firefox, of course) and got a ? Couldn’t find the Quicktime 7 and Itunes that I’d updated at start of month.
-
Sanda -
Not likely, particularly because you’re using Firefox. Just re-install QuickTime – or get something better like VLC.
-
Woody, What is VLC? I’d hate to install the wrong VLC.
-
rc primak February 4th, 2010 at 12:54
Sorry to post so long after the original Comments here, but it needs to be noted that Apple Trailers are located only at The Apple iTunes Store, and Apple only allows access there through Genuine Apple QuickTime. VLC Player cannot get into the iTunes Store.
And as for Ghostery causing Firefox 3.5 or 3.6 to crash,I use Ghostery, NoScript, and quite a few other Firefox Extensions. No crashes or hangups on Windows XP Pro. None, never. Now Personas is a far different story…
-
I am having these issues “Do we have any known issuing as in “Problem opening certain websites” or certain application stops working after installing the patch.” Any clue as to why? I have an enterprise wide installation with about 2400 users and this is widespread, and seems to be after MS10-002 was deployed. Were there prerequisite patches that needed to be in place before applying MS10-002? Thanks — Don
-
In addition, it seems we can go into tools/internet options/advanced and click on the reset… button and things will start working again, but seem to come back in a couple of days…
-
Don -
I don’t know why. Have you approached MS for support? See http://support.microsoft.com/kb/978207
But I know the best solution: switch to Firefox, or any of a half-dozen alternatives to IE.
Leave a reply
-
Support AskWoody.com
Click on this list to get
Woody ’s books at Amazon.com
- Windows 7 All-In-One For Dummies
- Green Home Computing For Dummies
- Windows Vista All-In-One Desk Reference For Dummies
- Windows Vista Timesaving Techniques For Dummies
- Windows XP All-In-One Desk Reference For Dummies
- Windows XP Timesaving Techniques For Dummies
- Windows XP Hacks & Mods For Dummies
- Windows Home Server For Dummies
- Special Edition Using MS Office 2007
- Special Edition Using MS Office Home & Student 2007
- Special Edition Using MS Office 2003
- Office 2003 Timesaving Techniques For Dummies
- Special Edition Using MS Office 2003, Student-Teacher Edition)