• MS-DEFCON 4: Get patched, but don’t install IE 10 or KB 2670838

    With a rather ho-hum collection of patches coming this Tuesday, it’s time to get caught up.

    March’s Black Tuesday patches didn’t ring many bells. But there are two ancillary downloads – and a patch from February that’s still causing problems – that should give you pause.

    First, if you are running Windows 7 and you haven’t updated to Service Pack 1, now’s the time to do it. Microsoft released Win7 SP1 in February of 2011 — yes, more than two years ago — but it just started including SP1 in “automatic update” runs. If you look at your pending updates and SP1 is on the list, block out some time to run it (say, ten minutes, maybe more), and let ‘er rip.

    Second, the late-February patch known as KB 2670838 is still causing problems. The patch should NOT be offered – should not be pre-checked – when you look at the Windows update list. Don’t shoot yourself in the foot, and don’t check the box to install it.

    Third, details are all over the map, but a lot of people are complaining about the new version of Internet Explorer, IE 10, screwing up their Windows 7 systems. Simple solution: don’t install IE 10. If you’re running Windows 8, you already have IE 10, and it doesn’t seem to be causing any problems. If you have an earlier version of Windows, IE 10 isn’t even offered. IE 10 on Win7 seems to be a stinker. Once again, IE 10 is not pre-checked in the update list. Don’t check it.

    As always, avoid installing driver updates from Microsoft (go directly to the manufacturer’s site, or your PC manufacturer’s site), and if you’re offered Silverlight, laugh heartily; uninstall it if you have to.

    With those thoughts in mind, I’m moving us down to MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.