Woody Leonhard’s no-bull news, tips and help for Windows and Office
RSS icon Email icon Home icon

  • MS-DEFCON 4: Pass on a couple of patches

    Posted on July 10th, 2011 at 06:57 woody 10 comments

    I’m moving to MS-DEFCON 4. If you’re willing to trudge through the details, you should apply most outstanding Microsoft patches. If you don’t want the headache, you can safely pass on the June Black Tuesday patches – for now.

    Susan Bradley has an excellent roundup of the problems with the .NET patches in her Windows Secrets article. There are two .NET patches in this group, MS11-039 and MS11-044. They’ve spawned an evil mess of KB articles and, unfortunately, you have to wade through the KB numbers to get the right patches. These are the ones to avoid:

    XP: KB 2478656, KB 2478658, KB 2478663, KB 2518864, KB 2530095, and KB 2518870;

    Vista: KB 2478657, KB 2478659, and KB 2478663, KB 2518863, KB 2518865, and KB 2518870;

    Win7: KB 2478662, KB 2478663, KB 2518867, KB 2518870, and KB 2518869

    Like I said, it’s a mess. If you don’t want to fool around with individual patches, I say avoid the current round altogether: pick them up next month.

    At this point, I would also avoid Office 2010 Service Pack 1. There’s no benefit in it, if you’ve kept up on patching Office 2010.

    The other Microsoft patches look like they’re good to go.

    By all means, make sure you download and run the Malicious Software Removal program, and apply Microsoft Security Essentials updates.

    We’re at MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.

    Windows Patches/Security ,
     

    10 responses to “MS-DEFCON 4: Pass on a couple of patches”

    1. rc primak July 10th, 2011 at 08:36

      Strange, but this posting wasn’t showing up the other day, even though the more recent posting (above this one) was showing up.

      Anyway, there actually are three or four .NET patches for most folks. On Windows XP Pro SP3 32-bit, I got one round of them, and there were three in all. On Windows 7 Home Premium 64-bit SP1, I got one round of three patches. Then, after rebooting, there was a fourth .NET patch which had not shown up the first time through MS Updates.

      Microsoft is not offering to the public through MS Updates the new Microsoft Security Essentials program update (2.1). They have a thread in their security support blog about why not, and it is pure rubbish through and through. After reading the official MS party line on not having MSE release notes and not telling folks when the new program versions might be stable, I nearly dumped MSE altogether.

      But I can report that the update to MSE and the .NET updates went well for me and all else seems to be OK at this point. Manually updating MSE means downloading the installer to your desktop in an administrator account, right-clicking and choosing to Run As Administrator (even if this is an administrator account). Then the option to upgrade MSE is offered and the installation may proceed. The Run As Administrator choice is necessary in Windows 7 because so-called Administrator Accounts do not have full Administrator privileges. Go figure!

    2. Ann July 11th, 2011 at 00:36

      Woody: 7-10-11 WinXP Pro – Per your instructions today copies below:
      “These are the ones to avoid:

      XP: KB 2478656, KB 2478658, KB 2478663, KB 2518864, KB 2530095, KB 2518864, and KB 2518870;”
      Please note you listed KB 2518864 twice. Is this an error that should have listed a different KB update?
      I only have one of the “evil” updates (KB2478658) but I’ll wait to hear from you before proceeding with the downloads just in case you have to correct the duplicate with another one.
      Thanks

    3. flavet July 11th, 2011 at 02:21

      @Woody – clarifications needed:

      1. In list of .net items to avoid, for XP, one number is repeated: KB2518864.
      2. There are two indications that you have moved to DEFCON 4, yet you start the item saying DEFCON 3.
      3. Black Tuesday – is that the first Tuesday postings, or the second Tuesday postings?

      Thank you

    4. Mordechai (Morty) Schiller July 11th, 2011 at 05:37

      Woody,
      Thanks. Basically all the XP exclusions are the .NET stuff. (I can’t remember why I installed NET in the first place! I don’t know if I ever use it.)
      Morty

    5. Martin Sapsed July 11th, 2011 at 18:43

      Hi Woody,
      Your post seems a little confused – are we at 3 or 4??

    6. otto July 12th, 2011 at 14:37

      on XP, both you and Susan have KB 2518864 listed twice.

      Enjoy reading your columns!

      Otto

    7. woody July 12th, 2011 at 19:43

      Ouch. Can you tell I posted that in a hurry, while on vacation? Will be back in the saddle on Friday. For now, I’m having a great time in Bali….

    8. rc primak July 12th, 2011 at 23:17

      It is now Patch Tuesday, isn’t it? time to get locked back down to MS DEFCON 2, right?

      Hope you’re having a great vacation — wish I were there (on Bali).

    9. woody July 13th, 2011 at 08:45

      @Bob -

      Could you tell I’ve been having problems getting a reliable Internet connection?

    10. rc primak July 15th, 2011 at 07:14

      Oh. That explains it — never mind.

    Leave a reply

Search

Ads by Google

Windows and MS Office books by Woody Leonhard

Support AskWoody.com
Click on this list to get Woody ’s books at Amazon.com



More Ads by Google

 

May 2012
M T W T F S S
« Apr    
 123456
78910111213
14151617181920
21222324252627
28293031  
Powered by WordPress
Theme designed by My Mobiles, modifications by PapayaSoft