News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Daily Archives: April 12, 2019

  • Patch Lady – so I don’t get it

    Posted on April 12th, 2019 at 20:24 Susan Bradley Comment on the AskWoody Lounge

    By now you’ve seen the headlines… we have three antivirus documented as being down for the count when it comes to Windows 7 and 8.1 (and corresponding Server OS as well).  Per https://support.microsoft.com/en-us/help/4493448 , Sophos, Avira and Avast all are causing issues, with machines unresponsive.  Avast in particular has the nasty side effect of “additionally you may be unable to log in or log in after an extended period of time”.

    Yet in the patches there doesn’t see to be any extreme changes to the kernel (that my honestly untrained eyes) can see that would cause three pretty common antivirus engines to be totally making computers unusable.

    https://support.microsoft.com/en-us/help/4493472 (the monthly rollup KB) lists ArcaBit as another impacted one.

    Windows 10 1809 also refers to an issue with ArcaBit antivirus.  I am not seeing that reported on any other Windows 10 platform.

    In the cumulative update model it’s a bit harder to tell what exactly Microsoft is fixing.  Dustin Childs (ex-MSRC webcasts/blogger now at Zero day) lists out the patches in their “code” style not in the patch style.  Normally kernel code changes are the most historically and notoriously at fault for interactions with antivirus.  Because A/V hooks into the kernel, changes to that code often has ripple effects.

    Both kernel bugs this month (here and here) don’t give me clues that they might be the ones triggering all of these failures.

    Bottom line I’m giving you no answers tonight, just big warnings.  Don’t install updates just yet… but you knew that one already.

  • MS-DEFCON 1: There’s no reason to stick your finger in the pencil sharpener – DON’T UPDATE

    Posted on April 12th, 2019 at 06:36 woody Comment on the AskWoody Lounge

    We have confirmed reports of six bad patches this month – Monthly Rollups and Security-only patches for Win7, 8.1, Server 2008 R2, 2012, 2012 R2 – and troubling reports of a slowdown with the Win10 version 1809 cumulative update.

    Who should be testing this stuff? The answer’s not as straightforward as you may think.

    Details in Computerworld Woody on Windows.

    I’m moving us to MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.