Posted on June 13th, 2013 at 11:37 1 comment
This just in from EP:
In addition to the June 2013 security updates Microsoft has released, Adobe has released new Flash Player security updates mentioned in Adobe security bulletin APSB13-16
For Windows 8 and Windows Server 2012 users, get the recent Adobe Flash
player security updates from Microsoft support KB article 2847928
Posted on June 11th, 2013 at 23:27 9 comments
Microsoft has a relatively light bunch of patches coming out of the Automatic Update chute today.
Now’s the time to double-check and make sure that you have Windows Automatic Update set to “Notify but don’t download.” Details on the “Automatic Update” tab above.
Microsoft plans to issue five security bulletins, only one of which – another IE patch – is rated critical. Turn off Auto Update now, and let’s see what kind of offal hits the fan.
I’m moving us back up to MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
Posted on June 5th, 2013 at 09:19 19 comments
There’s never been a better time — at least, not recently — to get all of Microsoft’s patches applied. Go, go, go.
The lingering problem with KB 2823324 has been fixed with KB 2840149, and the fix (unlike so many other fixes in the past) seems to be working well.
The May 2013 Black Tuesday patches have passed the “cannon fodder” test. Install them.
Several of you are still reticent about installing Internet Explorer 10 on your Windows 7 systems. There were some problems with the first iterations of IE 10 running on Win7, but now all looks good. Install it.
Go, go, go.
I’m lowering us to a (very unusual) MS-DEFCON 5: All’s clear. Patch while it’s safe.
Posted on May 17th, 2013 at 06:49 15 comments
This just in from EP -
Another round of monthly security updates for Adobe Reader and Adobe Flash Player have been posted this May.
Adobe security bulletin APSB13-15 mentions new security patches for Adobe Reader:
while Adobe security bulletin APSB13-14 mentions new security patches for Flash Player:
As for Avira Antivirus software and Windows 8, only Avira Free Antivirus (aka. Avira
Antivir Personal) has been certified as Windows 8 compatible since early April 2013
as mentioned here:
the rest of their products (Avira Antivirus Premium, Avira Internet Security, etc.) have yet to receive the Windows 8 certification from Microsoft.
Posted on May 15th, 2013 at 06:52 17 comments
The Black Tuesday patches are out and, as usual, there’s no reason to install any of them immediately…
… with one exception: if you’re still using Internet Explorer 8, you should stop using it, as I explained in January. Get Firefox or Chrome (my current favorite) and stop using IE 8. If you absolutely must continue using IE 8, install MS13-038 / KB 2847204 (one of today’s patches) immediately. The hole covered by this patch was well documented weeks ago, and is now widely available.
Let’s see how this month’s patches fare. We’ve had two bad patches so far this year, and a couple that were a bit dicey.
I’m moving us up to MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
Posted on May 8th, 2013 at 22:44 4 comments
Thanks to Arianna…
Our old favorite botched Windows update patch, KB 2670838, has even more tricks up its sleeve.
InfoWorld Tech Watch.
Posted on May 3rd, 2013 at 12:12 24 comments
I’ve been waiting, hoping that we’d get some sort of definitive word on whether the patch for the botched patch last month is working. So far, I’ve heard mixed results, with some people posting on this forum saying the new patch, KB 2840149, is causing problems. I DON’T recommend that you install the patch-of-a-patch KB 2840149.
You shouldn’t be offered the earlier patch, KB 2823324, which proved so problematic. If you didn’t take my advice and installed that patch (in particular, if you had Automatic Update turned on around April 11), Microsoft sill recommends that you remove it. Use Control Panel’s Add or Remove Programs.
There are also known problems with MS13-036/KB 2808735, but they’re obscure, and it’s highly unlikely you’ll hit them.
So I’m straddling the middle, moving to MS-DEFCON 3. Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems. In particular, avoid installing KB 2840149.
Let’s hope Microsoft has better luck with the May crop of Black Tuesday patches.
P.S. If you have Windows 7, don’t install Internet Explorer 10 yet. Give it a while to sink in.
P.P.S. From the comments:
@Jack, @Ken -
I should’ve been more explicit. Yes, please do install KB2670838. That KB article is now up to version 7.0. In theory, if the patch encounters a system that it’ll nuke, the installer will tell you that it didn’t install the patch. If that happens to you, take a look at the KB article and see if there’s a new video driver which doesn’t have compatibility problems. I haven’t heard of any problems with the patch for about a month.
Posted on April 24th, 2013 at 23:25 11 comments
But there’s more to the story…
InfoWorld Tech Watch.