Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • February 2018 Security Patches Are Out

    Home Forums AskWoody blog February 2018 Security Patches Are Out

    This topic contains 143 replies, has 28 voices, and was last updated by  anonymous 2 hours, 53 minutes ago.

    • Author
      Posts
    • #167168 Reply

      PKCano
      AskWoody MVP

      The Microsoft Software Update Services pages have finally been updated. With 34 new patches listed – first update since January 9th in spite of the pa
      [See the full post at: February 2018 Security Patches Are Out]

      11 users thanked author for this post.
    • #167169 Reply

      PKCano
      AskWoody MVP

      Group B Security-only patches have been updated on AKB2000003 as of 2/13/2018.

      UPDATE: Microsoft is including the mitigations against these vulnerabilities [Meltdown and Spectre] in the February Security Only updates. These updates also include the updates for AMD-based devices.

       

      Edit to add information on updates

      11 users thanked author for this post.
      • #167371 Reply

        anonymous

        Do these Group B security-only patches for February have a system slow-down risk since they include protection from Spectre/Meltdown?

        • #167374 Reply

          PKCano
          AskWoody MVP

          Do these Group B security-only patches for February have a system slow-down risk since they include protection from Spectre/Meltdown?

          The Meltdown/Spectre mitigation causes some loss of performance – I understand it is more noticeable in later processors, but it affects all. It is present in the Jan and Feb Rollups and the Security-only patches.

          IMHO, we will see this in the patches from now on – just guessing.

          2 users thanked author for this post.
          • #167461 Reply

            ryegrass
            AskWoody Lounger

            PKCano,

            Since the security only patches are not cumulative, is it possible to just skip the Meltdown/Specter patch and continue with later updates (the way Windows update used to work)? If so can the Meltdown/Specter patch still be installed at a later date?

            Thanks

            • This reply was modified 3 days ago by  ryegrass.
            • #167467 Reply

              PKCano
              AskWoody MVP

              What you are calling the Meltdown/Spectre patch is not just that. There are other fixes in the Jan patch. And the Meltdown/Spectre mitigation is in the Feb SO patch as well (see my UPDATE to the comment above)

              2 users thanked author for this post.
            • #167499 Reply

              ryegrass
              AskWoody Lounger

              OK, thanks for the information. I knew that KB4073578 contained other updates in addition to the Meltdown/Specter fix but was willing to forgo them so as not to take the performance hit incurred  from this update. I will now have to consider whether I want to join group W, or not.

    • #167172 Reply

      anonymous

      Microsoft Edge: 14 vulnerabilities, 11 critical, 2 important, 1 moderate

      OOOOOuuuuuuuchhh!!!

    • #167184 Reply

      Seff
      AskWoody Lounger

      So not only does Windows 10 have more vulnerabilities than its predecessors, as usual, but each successive version of it has more than the one before. As for browsers, I thought IE was insecure enough yet Edge has 7 times as many vulnerabilities!

      Methinks I’ll stick to my Windows 7 and Chrome combination a tad longer…

      9 users thanked author for this post.
      • #167243 Reply

        b
        AskWoody Lounger

        As for browsers, I thought IE was insecure enough yet Edge has 7 times as many vulnerabilities!

        Methinks I’ll stick to my Windows 7 and Chrome combination a tad longer…

        A few weeks ago Chrome 64 fixed 53 security flaws and Firefox 58 fixed 32 security flaws (twice as many as Edge and IE11 put together).

        3 users thanked author for this post.
        • #167271 Reply

          Cascadian
          AskWoody Lounger

          The ways to enumerate flaws as two separate or one combined can be very involved. Comparing a total number across product names also does not discriminate between internal bugs or patching vulnerabilities to external exploits in common. Now that I’ve made an overly general comment, I wonder:

          Does ‘a few weeks ago’ translate to ‘a few weeks ahead of Microsoft’? As in that much more responsive action by a paid in-house development and testing team. In that case, I see the high number as descriptive of a robust response.

          I do not use Chrome or Firefox. But that is because of very old privacy concerns coupled with design and style decisions that I do not like. I certainly do not consider them inferior products of faulty practices.

          1 user thanked author for this post.
          • #167317 Reply

            anonymous

            What’s more, most of those “53” Chrome vulnerabilities are rated Low to Moderate severity. Only a few are High/Critical.

          • #167351 Reply

            Seff
            AskWoody Lounger

            I think it’s difficult to compare different companies’ “flaw and fix count” because the basis on which they count separate or combined flaws/fixes can vary so much. That’s why I prefer to look at one company’s figures across their range of products as that is hopefully based on a common approach.

            There is, however, no such thing as a fully secure product and they will all need fixes all the time. My main point, of course, is that Windows 10 has been marketed as being more secure than its predecessors when at best there is absolutely no evidence of that being the case, and at worst there are grounds for arguing to the contrary – not least when you add privacy and telemetry into the calculations.

            4 users thanked author for this post.
      • #167403 Reply

        Geo
        AskWoody Lounger

        Did you notice Ghacks mentions several security update’s for Windows XP.   That means there’s  still hope for us Window’s 7 users.

        • This reply was modified 3 days, 2 hours ago by  MrBrian.
        • #167404 Reply

          PKCano
          AskWoody MVP

          XP Embeded & POS Ready get monthly updates until 2019

          1 user thanked author for this post.
          Geo
    • #167190 Reply

      samak
      AskWoody Lounger

      Also, Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

      https://helpx.adobe.com/security/products/acrobat/apsb18-02.html

       

      W7 SP1 Home Premium 64-bit, Office 2010, Group B, non-techie

      4 users thanked author for this post.
    • #167192 Reply

      Morty
      AskWoody Lounger

      Woody,

      When you re-enabled nested comments, you somehow left out your own post and thank-you link. So I thank you here.

      Can I still get the January updates? Do they come with the same back up first warning?

      Thanks again.

      • #167195 Reply

        PKCano
        AskWoody MVP

        I believe you are in Group A. You can still get Jan patches, but there are things you should check first.
        Your anti-virus program has to set an ALLOW RegKey in the Registry before you can receive updates from WU. Here’s how to check if the key is set.

        If you have an Intel processor in your computer, You can HIDE the Feb Rollup, search for updates, and the Jan Rollup will appear. If you have an AMD processor, wait until Woody gives the go-ahead for Feb updates and install the Feb Rollup (it’s a short month, so it shouldn’t be too long)

        The rest to the updates with a Jan release date (MSRT, Office, .NET Rollup) should be OK to install.

        4 users thanked author for this post.
        • #167217 Reply

          Morty
          AskWoody Lounger

          Right. I was dragged over to Group A, kicking and screaming. But there I am.

          I took a look at the link to checking in whether my key is set. The first words are:

          If you are comfortable looking searching your Registry, you can check it yourself:

          I’m about as comfortable doing that as I am doing my own root canal.

          Having said that, I’m using Microsoft Security Essentials anti-virus. Don’t you think it would allow it its own family members?

          My system information says, “Processor    Intel(R) Core(TM)2 CPU.” So that should work for hiding the February Rollup, right?

          Frankly, as I’ve been advised, I’m getting a new box soon, but I still need to keep this one running in the meantime.

          Thanks again,

          Morty

           

          • This reply was modified 3 days, 19 hours ago by  Morty.
          • #167221 Reply

            The Surfing Pensioner
            AskWoody Lounger

            MSE updated the magic registry key very promptly – I believe the same day we learned we needed it. Certainly, mine is set, and I have done absolutely nothing but update MSE. If you’re offered the January rollup via WU, I believe that means the RegKey has been set.

            1 user thanked author for this post.
            • #167222 Reply

              Morty
              AskWoody Lounger

              So I figured. Thanks.

          • #167366 Reply

            woody
            Da Boss

            Eh, Methuselah….

            When you’re looking for a new machine, make sure you consider getting a Chromebook.

            They’re considerably easier to keep fed and watered. If you have Windows apps that you absolutely must use, then you’re stuck with Windows. But if you can do all of your work in the Chrome browser, Windows is overkill.

            1 user thanked author for this post.
            • #167375 Reply

              Morty
              AskWoody Lounger

              Woody,

              Coming from you, that’s almost enough for me to make like Ned Ludd and start smashing PCs. (OK, it’s folklore, but I’m an old folkie.)

              But reality dictates that I have to work with a team that locked into Word and other evil Office orcs from the Wizard of Redmond.

              Sigh….

            • #167379 Reply

              Morty
              AskWoody Lounger

              I’m considering writing The #2 Pencil for Dummies.

              2 users thanked author for this post.
          • #167369 Reply

            PKCano
            AskWoody MVP

            Macs are nice too. No crashing on updates. And you can use most of the same programs you use in Windows. Check out the MacOS for Windows Wonks Forum. I put a bunch of “compares” in there.

            5 users thanked author for this post.
            • #167377 Reply

              Morty
              AskWoody Lounger

              Thanks, but I have an old iMac I never made friends with. From the chiclet keyboard to the hockey-puck mouse, I’ve never hated a computer like I hated that one.

              For better or for worse, I’m locked into Windows.

              Morty, Unrecovered Windows Dummy

        • #167405 Reply

          walker
          AskWoody Lounger

          @pkcano:  I haven’t seen anything about the Windows Defender (which was noted a while back), having the (pending?) capability to remove programs that MS does not want on our computers.    Just wondering, as I still have a WD update which hasn’t been installed for a while, however I’m leery of hiding it, if this is something which MS can install with a WD update.   Thank you for any enlightenment you may be able to provide on this issue.

          Also thank you for all of the other information you so freely impart to all of us!    🙂

          • #167420 Reply

            PKCano
            AskWoody MVP

            It doesn’t apply to Win7, only applies to Win10.

            1 user thanked author for this post.
    • #167203 Reply

      abbodi86
      AskWoody MVP

      Office 2016/2013/2010 only have 3 security patch for each, the article lists all February patches

      2 users thanked author for this post.
    • #167220 Reply

      HonzaZKrumlova
      AskWoody Lounger

      Well, well, .NET Secu/Qua KB4076492, tried to download in MS Catalogue.

      Didnt saw it before, what is (purpose of) this:

      msipatchregfix-x86_94a84b80b8b45a1ac53a0e5d085513da0f099655.exe

      • #167226 Reply

        abbodi86
        AskWoody MVP

        Clears traces and mess for
        https://support.microsoft.com/help/4055002

        3 users thanked author for this post.
      • #167232 Reply

        PKCano
        AskWoody MVP

        KB4076492 is the Rollup for .NET on Win7. It contains separate patches for each of the versions of .NET. If you are going to use the Rollup, it is better you install it from Windows Update on the computer because Windows Update will install whatever you need from the Rollup.

        The documentation for KB4076492 is here. Please notice that the file you mention is the 32-bit version (see x86 in the file name). You must match the bits of your computer. 64-bit will have “x64” in the name.

        The documentation for the update does not mention that file.

         

        3 users thanked author for this post.
    • #167227 Reply

      Rick59
      AskWoody Lounger

      Quick update on personal experience tonight, took the plunge and

      1) Win 10 64 bit  1709,   windows update got all the updates and installed them properly (slow as usual of course) and nothing seems broken

      2) Win 7 32 bit. Windows update only offered me MRT and nothing else even though the AV is ok, the registry key is set, etc etc. Went to ghacks and got the KB numbers and downloaded 2 updates, installed fine. Only issue I noticed so far is that IE will not launch in Sandboxie, but launches fine if you start it outside of Sandboxie. Not a bit deal since I don’t use it much. Also the latest updates still do not protect against Meltdown vulnerability (tested with Mr. Gibson”s tool). This is going to be a big issue going forward if this remains unfixed when real world exploits show up. I would not feel comfortable doing anything then with sensitive personal information on  my computer.

      3) My daughter’s Pixelbook showed up today and we’ve been playing with it tonight. Amazing how fast it boots up. It needed an OS update………..downloading and installation took about 10 minutes………WOW! Printing over wireless was fussy but we installed an HP app from the Play store and printing is fine now. Nice crisp display. Nice keyboard and touchpad.  Very nice machine so far.

      1 user thanked author for this post.
      • #167237 Reply

        PKCano
        AskWoody MVP

        Try uninstalling and reinstalling the latest (maybe beta) version of Sandboxie. Reports say it’s worked for others

        1 user thanked author for this post.
    • #167223 Reply

      anonymous

      I got the ominous “KB2952664” update yet again. Win 7 x64 Sp1.

      • #167259 Reply

        T
        AskWoody Lounger

        Wow, me too. It’s listed as important and ticked. Will these clowns never learn? I have the ‘give me recommended…’ option unticked so this is quite a brazen move from them. Anyone else getting it? I would’ve thought this merits its own blog post.

        1 user thanked author for this post.
      • #167248 Reply

        anonymous

        Agreed. 2664 appeared here too. 
        Win 7 64 bit SP1

      • #167260 Reply

        anonymous

        Same here with KB2952664. Win7 x64 SP1, group B.

        Interestingly enough, I chose not to install it and yet, after installing the “Security only rollup”, on reboot I was greeted with an UAC prompt asking to allow installation of some Microsoft-signed telemetry reporting application.

        Declined to allow this and it did not come back on the next reboot. KB2952664 does not show in the list of installed updates.

        So I’m sort of puzzled at the moment what, if anything, they may have sneaked into the rollup?

        1 user thanked author for this post.
        • #167348 Reply

          MrBrian
          AskWoody MVP

          As a test, I installed KB4074587 on a Windows 7 x64 virtual machine. Upon reboot, I did not see a UAC prompt or anything else unusual.

          • This reply was modified 3 days, 8 hours ago by  MrBrian.
          2 users thanked author for this post.
          • #167353 Reply

            PKCano
            AskWoody MVP

            Declined to allow this and it did not come back on the next reboot. KB2952664 does not show in the list of installed updates.

            Try installing KB2952664 on the test machine. Maybe it was that that caused the UAC request. Maybe MS is being held accountable (Har! Ha Ha!?

            1 user thanked author for this post.
            • #167355 Reply

              MrBrian
              AskWoody MVP

              “Try installing KB2952664 on the test machine. Maybe it was that that caused the UAC request.”

              I did test that also separately. I didn’t see anything unusual.

              It’s worth noting for Group B users that a previous version of KB2952664 that I tested last year can send data to Microsoft regardless of whether your computer has the Diagnostics Tracking Service. The behavior of previous versions of KB2952664 differed depending on the Windows Customer Experience Improvement Program setting. Reference: Care to join a Win7 snooping test?

              1 user thanked author for this post.
            • #167497 Reply

              anonymous

              I don’t have a test machine available; this is my work computer so I’m not in a position to experiment (by “experimenting” I mean also “upgrading” to Windows 10!).

              I simply hid that particular patch, so we’ll see if it comes back.

              I did have to allow Sandboxie service (sbie.svc & sc.exe) on the next boot though. Not sure why it took a reboot or what exactly did the rollup change to cause this.

              Oh the fun, obscure world of Microsoft “rollups”…it makes me miss Windows XP!

    • #167250 Reply

      MrBrian
      AskWoody MVP

      If you use Outlook, you may want to read the descriptions of two Outlook vulnerabilities given at The February 2018 Security Update Review.

      4 users thanked author for this post.
    • #167256 Reply

      anonymous

      It seems there is no Feb 2018 security-only update for any of the .NET versions ?

      And all of the supposed Feb 2018’s (2018-02) Quality-Security .NET rollups for Win 7 – if you follow the respective links to their ultimate end – point to files that were released back in Jan 2018. What red herrings … So there are no Feb 2018 .NET Quality-Security rollups either for Win 7?

      Details as follows …
      Choose-Your-Own-Red Herring 1:

      Microsoft’s Software Update Services page indicates:  2018-02 Quality Rollup for .NET Framework 3.5.1 on Win 7/ Server 2008 R2 (KB 4076492)

      … which leads to this KB 4076492 all .NET versions summary page (last updated: 07 Feb 2018) — which indicates: Security & Quality Rollup for .NET 3.5.1 for Win 7 SP1/ Server 2008 R2 SP1 (KB 4054998)

      … which in turn leads to this KB 4054998 page — which does not provide any manual download option for KB 4054998. Neither is there a KB 4054998 page in MS Update Catalog.

      However, there is a KB 4054998 file (24.74 MB msu, 03 Jan 2018) for Win 7 x64, when you go to  MS Update Catalog’s page for KB 4076492 & click any Download button there. But this file is Jan 2018’s Quality-Security rollup for .NET 3.5.1 on Win 7 x64.

      Choose-Your-Own-Red Herring 2:

      Back to the aforementioned KB 4076492 all .NET versions summary page — which indicates: Security & Quality Rollup for .NET 4.6.x & 4.7.x on Win 7 SP1/ Server 2008 R2 SP1 (KB 4054981)

      … which leads to this KB 4054981 page — which states that for Win 7 SP1/ Server 2008 R2 SP1, look for update KB 4076492 at the MS Update Catalog. But none of the files in the Download links are for KB 4076492.

      … although one of the files available on the said Catalog page is KB 4054981 (40.62 MB exe, 18 Jan 2018) — which is actually the “fixed” Jan 2018 rollup for .NET 4.6.x & 4.7.x  to replace the buggy rollup originally released in early Jan 2018. (Ref: KB 4054981 article, last updated: 14 Feb 2018.)

      Lesson learnt from the above roundabout adventures:
      Some of Feb 2018’s Patch Tuesday offerings are in fact Jan 2018’s Patch Tues/Wed/Thur/Fri leftovers.

    • #167266 Reply

      anonymous

      For some reason KB 4074736 failed to be installed twice. My antivirus should be compatible with the updates.

      EDIT html to text

      • #167276 Reply

        anonymous

        It was a cumulative security-only update for IE 11

        • #167284 Reply

          anonymous

          It’s me again. I had installed successfully security-only update for Windows before attempting to install the security update for IE; however after 5 tries KB 4074736 still gets error 80070057. Windows Update Troubleshooter was no help either. 

          EDIT html to text (please save text copied into Word as .txt, before pasting it here – it saves us having to edit your reply)

          • #167287 Reply

            anonymous

            I wonder if the KB update itself has a problem, because WU troubleshooter found nothing wrong on my laptop.

            • #167378 Reply

              AJNorth
              AskWoody Lounger

              No problems installing KB4074736 on two WIN 7 Pro x64 Intel boxes (neither with KB4074587 installed, as of yet).

              Sometimes a running Service prevents an installation / uninstallation from completing successfully. A trick that just may work is to try installing KB4074736 in Safe Mode. However, the Windows Installer does not start in Safe Mode without a Registry edit, which many are understandably reticent to attempt.

              Fortunately, there is a tiny utility that performs the edit (either in normal boot or Safe Mode), SafeMSI; see https://www.raymond.cc/blog/uninstall-programs-packaged-with-windows-installer-in-safe-mode/ for a discussion and download link (though the article’s title refers to uninstalling programs, it also applies to their installation).

              Please post back to let me know whether this helped. Good luck.

            • #167381 Reply

              anonymous

              Will it work on manual download from MS Catalog website too?

            • #167392 Reply

              AJNorth
              AskWoody Lounger

              Yes.

              This procedure should work with any installer / uninstaller that utilizes the Windows MSI.  (MSI is an installer package file format used by Windows; its name comes from the program’s original title, Microsoft Installer, which has since changed to Windows Installer. MSI files are used for installation, storage, and removal of programs. The files are contained in a package, which is used with the program’s client-side installer service, an .EXE file, to open and install the program.)

            • #167390 Reply

              anonymous

              Downloaded the utility but still cannot install in safe mode. -_-

    • #167295 Reply

      anonymous

      Hi, There is now reported BSODs issue with Sandboxie and KB4074592 Cumulative Update for Windows 10 Version 1703 to build 15063.909 : https://forums.sandboxie.com/phpBB3/viewtopic.php?f=2&t=25448.

      2 users thanked author for this post.
    • #167315 Reply

      anonymous

      I give up. -_- I tried nearly everything I can manage to install KB4074736 but to no avail. I’m starting to wonder if the KB itself is having problems.

      • #167389 Reply

        AJNorth
        AskWoody Lounger

        Please see my earlier post above on performing installations in Safe Mode

        However, modify the procedure slightly by instead of performing a restart into Safe Mode, completely shut-down the computer, remove the power sources(s), depress the power button and hold it for ten seconds and release it; then restore the power source(s), boot into Safe Mode and attempt installing KB4074736 utilizing Safe MSI.

        If still not successful, then one other possibility to try would be to uninstall KB4074587 and restart Windows and wait a few minutes; then follow the procedure directly above.

        If KB4074736 does install, then reinstall KB4074587 and you should be good-to-go.  Hope this proves useful; good luck.

        • #167391 Reply

          anonymous

          Hello. I had attempted the uninstall KB but no difference was shown.

        • #167396 Reply

          anonymous

          I will attempt the boot when I return home for the evening. If safe mode still doesn’t work then I don’t know.

          I wonder if I really do need tge security update for IE since I barely use that browser. -_-

          • #167488 Reply

            AJNorth
            AskWoody Lounger

            Hmm; sorry to hear that neither installing KB4074736 in Safe Mode nor uninstalling KB4074587 made a difference.

            So, next I would use System Restore to return the machine to the state it was in just before KB4074587 was installed.

            If that does not permit installing KB4074736 (either in normal boot of Safe Mode), then I would back-up all my files & folders (which one ought to be doing on a regular basis…) and engage the System File Checker to check the integrity of system files, and repair any that may be corrupted (if any corrupted files should remain that were not able to be repaired, then proceed to employing the WIN 7 “System Update Readiness Tool”); here are complete instructions (including a download link for the tool): https://www.howtogeek.com/222532/how-to-repair-corrupted-windows-system-files-with-the-sfc-and-dism-commands/ .

            Finally, short of a full (clean) reinstallation of Windows, I would perform a non-destructive reinstall (NOTE: either of these two drastic actions will require reinstalling all updates since Service Pack 1): https://www.winhelp.us/non-destructive-reinstall-of-windows-7.html .

            Again, good luck.

            • #167507 Reply

              anonymous

              Me again. Thanks for the suggestion. I will attempt the system restore and report back. If nothing works then my only hope is next month’s patch will yield better results while keeping my system safe.

            • #167605 Reply

              Seff
              AskWoody Lounger

              I suppose you could try installing the monthly security rollup which includes the IE 11 update within it (subject to confirmation from those more experienced than me with installing a monthly rollup on top of a security-only rollup, they might suggest uninstalling the latter first), or you could simply wait either as you say until next month or else just a few days and try again as MS may have fixed it by then if your problem is more generally encountered.

              This is on the basis that timing is not critical, after all the recommendation here is that no updates are installed yet. Personally, I wouldn’t touch this (or any other) update for a while, give this month’s updating process a chance to settle down. Microsoft generally sort out any necessary hotfixes for problematic updates, so keep an eye on Woody and the team’s recommendations and try again when the MS-DefCon rating is raised to 3 or higher.

              • This reply was modified 2 days, 10 hours ago by  Seff.
    • #167326 Reply

      HonzaZKrumlova
      AskWoody Lounger

      Clears traces and mess for https://support.microsoft.com/help/4055002

      According KB 4055002, it has been replaced by …

      On January 18, 2018, update 4074880 was released to replace update 4055002 for .NET Framework 4.6, … Update 4074880 no longer contains the issue

      well, then, its useless except for those, updating from pre 18-Jan-2018 4.6/4.7 NET.

      It contains separate patches for each of the versions of .NET. If you are going to … you mention is the 32-bit version …

      I know, I know, I am not newbie, but tried to figure, which version of NET is related. And the result (thx abbodi86): 4.6-4.7. But, AFAIK there is no official mention about that file now.

    • #167327 Reply

      Bill C.
      AskWoody Lounger

      Same here with KB2952664. Win7 x64 SP1, group B.

      Interestingly enough, I chose not to install it and yet, after installing the “Security only rollup”, on reboot I was greeted with an UAC prompt asking to allow installation of some Microsoft-signed telemetry reporting application.

      Declined to allow this and it did not come back on the next reboot. KB2952664 does not show in the list of installed updates.

      So I’m sort of puzzled at the moment what, if anything, they may have sneaked into the rollup?

      This is very, very interesting. I will definitely be on the lookout at patch time.

      Just to clarify, was it the February Security ONLY (Group B, NOT a rollup), or the February Security Monthly Quality Rollup (Group A, rollup, not security ONLY)?

      I have expected MS would put it in the rollup, but hoped not the security ONLY.

    • #167328 Reply

      anonymous

      I don’t know what to do… I haven’t received any security updates since January. (I installed them manually, just to be safe). The MRT and Adobe are being offered, but nothing else.

      The registry key is set and I now unistalled my AV, so Defender is working. But still nothing. And this is happening on both my computers with Windows 1709 and Intel CPU’s. My system with Win7 has no problem receiving updates though. Please help!!

    • #167339 Reply

      MrBrian
      AskWoody MVP

      From .NET Framework February 2018 Security and Quality Rollup: “The February 2018 Rollup does not contain new security fixes. As a result, it is an optional update.”

      3 users thanked author for this post.
    • #167340 Reply

      MrBrian
      AskWoody MVP

      From https://www.askwoody.com/forums/topic/skipping-the-meltdown-patches/#post-167137: “[…]Microsoft is including the mitigations against these vulnerabilities [Meltdown and Spectre] in the February Security Only updates. These updates also include the updates for AMD-based devices.”

      From https://www.askwoody.com/forums/topic/meltdown-and-spectre-from-a-windows-users-point-of-view/#post-167134: “Microsoft has released security updates to provide additional protections [for Meltdown and Spectre] for the 32-bit (x86) versions of Windows 10 as follows:”

    • #167354 Reply

      jescott418
      AskWoody Lounger

      Just a whole lot of patching going on.

    • #167356 Reply

      sheldon
      AskWoody Lounger

      Hi,

      I have a new PC with 10 PRO – 1709.  The delays in the advanced update are set.  When I run wushowhide I do not see the February updates.  I checked the registry and see the “AV” entry from last month.

      Am I doing some thing wrong?

       

      • #167359 Reply

        anonymous

        It’s all good. While some such-know-it-all experts will tell you the sky is falling if security updates are not installed immediately, just wait until Microsoft ships them to your machine via Windows Updates. At this time, Microsoft ships security updates to selected devices only until Microsoft is confident those updates won’t break devices due to issues with some antivirus software. So, keep your settings as is and let the wiseacres test all patches until Microsoft feels it’s time to ship them to all devices..

        • #167361 Reply

          sheldon
          AskWoody Lounger

          Actually it appears to get wushowhide to see updates, the settings in “Advanced Update” must be set to “zero” days.

    • #167357 Reply

      abbodi86
      AskWoody MVP

      Apparently the reason for switching KB2952664/KB2976978 to Important state is to help in anaylyzing spectre/meltdown protection compatibilty
      https://blogs.windows.com/business/2018/02/13/windows-analytics-now-helps-assess-meltdown-and-spectre-protections/

      7 users thanked author for this post.
      • #167365 Reply

        T
        AskWoody Lounger

        Interesting. Thanks for find that but, fool me once Microsoft… I’m never installing that demon-haunted update again and they’re clearly too stupid to rename it to something else and purge the scandalous association that update has. Microsoft: arrogant, untrustworthy, lying stains on this industry. Can you tell I’m not a fan of Microsoft today?

        1 user thanked author for this post.
    • #167367 Reply

      radosuaf
      AskWoody Lounger

      Windows 8.1 – once again the safest version of Windows :).

      MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Gigabyte GeForce GTX 1050 Ti D5 4G * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 8.1 Pro 64-bit PL + Ubuntu 17.10
      4 users thanked author for this post.
      • #167370 Reply

        anonymous

        That took me by surprise. I’ve seen some other folks use the number of vulnerabilities patch as an argument against a version of Windows. I’ll see most people saying Windows 7 is better because it has less vulnerabilities, but not this month. Windows 8.1 comes out on top with only 12 (not counting the server versions).

        • #167424 Reply

          radosuaf
          AskWoody Lounger

          If you look month by month, 8.1 is almost always the one that has least holes to patch.

          MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Gigabyte GeForce GTX 1050 Ti D5 4G * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 8.1 Pro 64-bit PL + Ubuntu 17.10
      • #167435 Reply

        Noel Carboni
        AskWoody MVP

        Windows 8.1 – once tweaked to be very Windows 7-like, is arguably one of the best versions of Windows ever released. Stable, controllable, and with years of extended support left.

        -Noel

        1 user thanked author for this post.
    • #167383 Reply

      rhp52
      AskWoody Lounger

      .net question: I’ve had KB4033342 .net framework 4.71 update for win7 unchecked on my update list for at least 3 weeks. I’ve installed all the Jan. updates with no issues.

      Now, I have KB4076492 .net update checked on the list as well as all the other Feb. updates.

      I’m not sure what to do here. Should i leave things the way they are and just install the checked .net update (4076492) when it’s safe to do so?

      Win7 SP1 x64  Thanks for any advice.

      • #167387 Reply

        PKCano
        AskWoody MVP

        KB4076492 Is the .NET Rollup for Feb. When the time comes you can install it.

        KB4033342 is the .NET 4.7.1 installer (not update). If it is unchecked, Woody’s advice is DO NOT CHECK ANYTHING THAT IS UNCHECKED BY DEFAULT.

        2 users thanked author for this post.
        • #167399 Reply

          rhp52
          AskWoody Lounger

          Thanks for responding. That’s what I thought but wanted to confirm. -Rob

        • #167857 Reply

          walker
          AskWoody Lounger

          @pkcano:  This is probably “off topic”, however there are a myriad of questions that cover numerous subjects, so thought I would ask this one.

          Why do prompts continually pop up asking if Woody can send “notices” to us?  Or am I the only one that is seeing these?  Apologies if it’s “off topic”, however I’m puzzled that no one else has asked about it.    Thank you for all of the help you provide to all of us.    🙂

          • #167862 Reply

            PKCano
            AskWoody MVP

            Good question. I haven’t experienced this, so I don’t know the answer.

          • #167922 Reply

            walker
            AskWoody Lounger

            @pkcano:  I found the answer relating to the puzzling pop-up message.    This seemed to begin after I updated Firefox (probably last version).   I found a reference to this feature, which allows any “user” to allow a website to send them “notifications”.

            Hmmm.    Well, at least we know what it is, and apparently some users will be interested in its features.   However, not I.     Thank you for your reply, PC.      I am very grateful for all of the dedicated, hard work you do, and I know that everyone else appreciates it as well.   🙂

            • #167931 Reply

              anonymous

              Hello Walker, These notifications are from a “new feature” in firefox called Push Notifications. In my opinion a non wanted or asked for “feature”. You can turn it off by examining the following Mozilla sites:

              https://support.mozilla.org/en-US/questions/1166835    which leads to,

              https://support.mozilla.org/en-US/questions/1165867#answer-981820

              One user said step #5 worked for them.

               

               

              2 users thanked author for this post.
            • #168036 Reply

              walker
              AskWoody Lounger

              @Anonymous:  Thank you so much for all of this additional information!  I was unpleasantly surprised by this constant pop-up appearing without any warning.  The great reference links will most certainly be utilized as soon as I have the time.

              Most important I have it in the email, and also wish to say “thank you” again for send it to me, and others so everyone is aware of how to get rid of it.   GREAT SLEUTHING!  Thank you once again!     🙂

    • #167382 Reply

      anonymous

      Win 7: Should I install KB 2952664? Now is marked as “important” so there must be some security which it fix. If will be only telemetry there is no reason mark it as important. Thank you.

      • #167386 Reply

        PKCano
        AskWoody MVP

        Win 7: Should I install KB 2952664? Now is marked as “important” so there must be some security which it fix. If will be only telemetry there is no reason mark it as important. Thank you.

        KB2952664 is NOT a security patch. It’s purpose is for telemetry.
        See @abbodi86 ‘s comments here.

        1 user thanked author for this post.
    • #167393 Reply

      AlexEiffel
      AskWoody Lounger

      Got a report from someone who installed the updates, group A Windows 7 64, installed nothing optional, then Firefox 64 latest version UI suddenly runs extremely slow. Not responsive at all, right after the reboot. Rebooted again, same issue.

      UI is terribly unresponsive, clicking on a menu or typing in a location bar is delayed. Once you send the request, the page content is loaded quickly in one shot, but the UI is still awfully slow whenever you try to do anything with the menus or typing. Tried safe mode, a bit better but still not normal. No extension or anything running. This is weird.

      2 users thanked author for this post.
      • #167432 Reply

        PKCano
        AskWoody MVP

        I installed the Feb Rollup, .NET Rollup, MSRT, and some Office patches on Win7 Ult 64-bit. Running FF 58.0.2 with AdBloc Plus, Disconnect and NoScript.
        No problems or weird stuff.

        2 users thanked author for this post.
      • #167553 Reply

        anonymous

        Hello AlexE, I have seen where after doing MS updates (that I do one-by-one), it may take 3 reboots to get the PC to boot at a normal speed. Ask the person to run MS “Disk Cleanup” and press the “Clean up System Files” button, and see about removing the “old MS updates and Previous Windows version OS” (some people are afraid of Disk Cleanup but it IS from MS and every Windows version has it). If you do, reboot afterwards.

        I have found that Windows will run “idle tasks” after about 20 minutes of non use. Google “Process Idle Tasks”. Let the PC sit for an hour and not sleep. Reboot again and when up and running, the first thing you do is try Firefox. It may take Firefox 60 seconds to actually settle down. Firefox 58.0.2 is the newest release with 52.6 ESR newest Extended Release.  Others here may have suggestions too.

        1 user thanked author for this post.
    • #167407 Reply

      Noel Carboni
      AskWoody MVP

      From the catalog I downloaded and installed the Windows 8.1 x64 Internet Explorer security update, KB4074736, on my Win 8.1 test virtual machine and tested it, finding no problems.

      I then installed in on my Windows 8.1 workstation. It went in without trouble and seems to work just fine.

      I still am unwilling to accept the performance-robbing Spectre/Meltdown patches for my main workstation. I guard the borders jealously, but I don’t require my system to protect itself internally from things I actually choose to do with it. That’s just silly.

      -Noel

      2 users thanked author for this post.
      • #167415 Reply

        AJNorth
        AskWoody Lounger

        Thanks for your report, Noel.  I’ve made the same choice for the WIN 7 & 8.1 boxes under my wing that are operated per your careful approach, with one possible variation: the January Security Only Quality Updates have been installed (along with the IE Cumulative Security Updates), but the Meltdown mitigation was disabled utilizing GRC’s nifty InSpectre utility.

        Cheers,

        AJ

         

        “Those are my principles, and if you don’t like them… well I have others.”
        ― Groucho Marx
        • This reply was modified 3 days, 2 hours ago by  AJNorth.
        1 user thanked author for this post.
      • #167414 Reply

        anonymous

        Noel did you install KB4074736 before installing WU’s given updates? Because I attempted to install it after WU’s updates but the installation repeatedly failed.

        • #167437 Reply

          Noel Carboni
          AskWoody MVP

          Noel did you install KB4074736 before installing WU’s given updates? Because I attempted to install it after WU’s updates but the installation repeatedly failed.

          Sort of. I did run Windows Update but I have never had the “QualityCompat” registry key set up by any AV software so Windows Update hasn’t even offered any substantial updates since December (“that’s not a bug, that’s a feature!”).

          So this particular system is “up to date” as far as Windows Update is willing to go without that registry key, and now the latest IE update has gone in OK. Given that I’ve personally measured 30%+ I/O throughput degradations on well tuned, powerful systems on which Microsoft’s Spectre/Meltdown mitigation patches have been installed, this may be the wave I will continue to ride with this system. Daily scans with MalwareBytes haven’t turned up anything that’s gotten inside the moat, and browser updates improve the castle wall.

          -Noel

          1 user thanked author for this post.
      • #167426 Reply

        radosuaf
        AskWoody Lounger

        Same here. Basically Group A, but I haven’t installed neither 2018-01, nor 2018-02 Rollups.

        MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Gigabyte GeForce GTX 1050 Ti D5 4G * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 8.1 Pro 64-bit PL + Ubuntu 17.10
        2 users thanked author for this post.
    • #167408 Reply

      anonymous

      “Failed to install KB” anonymous again. I thought through this and since I downloaded the 3 updates from WU: 2 important one of them being Windows Malicious Removal Tool and 1 optional being the update for. Net Framework before downloading the security updates from MS Catalog.

      I wonder if anyone can replicate my dilemma by downloading the 3 updates first and then attempt to install KB4074736 because only security-only quality update installed successfully.

      If no results were yield then I’m starting to wonder if I truly need a security update for Internet Explorer since I barely use it.

      • #167422 Reply

        PKCano
        AskWoody MVP

        If no results were yield then I’m starting to wonder if I truly need a security update for Internet Explorer since I barely use it.

        Internet Explored is an integral part of the Windows Operating System. Even if you don’t use it as your browser, the system uses it.
        If you do not patch it, you leave your system vulnerable.

        1 user thanked author for this post.
      • #167431 Reply

        anonymous

        Hello Anonymous, 1) what OS are you running? Windows 7, 8 or .. 10? 32 bit or 64 bit?  2) I agree with PKcano. You do need to install the IE11 patch because the OS uses files in IE even if you do not open IE. It is just “too integrated” to ignore.

        I know people have their own ideas, and may even disagree, but…. I install IE updates first, Windows updates second, .Net updates third and the MSRT last. I have done it this way for years. Thanks to all.

        • #167438 Reply

          anonymous

          Windows 7 to answer your question. But maybe after returning home I can try to perform system restore and redo the process in different manner to see if it shows different results.

          • #167444 Reply

            anonymous

            Hello again Anonymous,  KB4074736 (IE11) should install. I almost never have an IE update fail. Go with your idea and do a system restore. Reboot at least 2 times afterwards. If you want to run a disk cleanup (a MS product) then fine. If not, that is fine too (some people are afraid). If you do, reboot after.

            I have found that Windows will run “idle tasks” after about 20 minutes of non use. Let the PC sit for an hour and not sleep. Reboot again and when up and running, the first thing you do is try to install the KB4074736 and see if you succeed.  Others here may have suggestions too.

            • #167475 Reply

              anonymous

              Hopefully it does work. >_>

            • #167500 Reply

              AJNorth
              AskWoody Lounger

              Hello there,

              In case you did not see it, I’ve another set of suggestions posted to your original thread, above.

              Needless to say, between the various suggestions being offered by contributors, I hope that  your problem favorably resolves… .

    • #167451 Reply

      Geo
      AskWoody Lounger

      Group A, Installed the Feb MSRT  update on Win 7 X64.  Every thing OK.  No problems. Left the rest go until Defcon 3.

    • #167442 Reply

      anonymous

      Hi all,

      In Microsoft support page:

      https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

      there are registry settings to enable/disable the two security fixes related with CVE-2017-5715 and CVE-2017-5754 vulnerabilities.

      Is this working? If so, maybe one can install the patches (fixes) and, in case of problems, disable the fixes via registry. In this case one can benefit from the security updates, present in the February 13, 2018-KB4074594 (win8.1), that are not related with the Meltdown/Spectre problem. Am I right?

      Regards,

      Rui

      • #167446 Reply

        Noel Carboni
        AskWoody MVP

        I did some testing on a Windows 7 hardware system that runs from an SSD array, and on which I measured a max cached I/O throughput drop from 1500 to 900 megabytes per second. That system was purpose-built to maximize I/O throughput; it’s not really acceptable to just take that away.

        The after the fact registry entries made only a little difference – they did NOT return anywhere close to the original performance. I even made sure to reboot between changes/tests.

        The rework of how Microsoft handles the memory management setup on entry/return from system calls is probably at fault for the slowdowns. There are also altered instruction sequences they’re compiling into Windows now, from what I understand, that may be less efficient to do the same things.

        -Noel

        2 users thanked author for this post.
        • #167472 Reply

          anonymous

          Thank you NoelC.  We are waiting to see if MS is going to make a newer version of this January patch. We hoped something better would had emerged. If after another week there is no change I guess we will have to eat the loss and install the January Security only patch (win 7 64bit) and move on to February.  Woody, PK, Noel, any guidance at that time (in a week) is appreciated.

          • #167474 Reply

            PKCano
            AskWoody MVP

            We are waiting to see if MS is going to make a newer version of this January patch. We hoped something better would had emerged. If after another week there is no change I guess we will have to eat the loss and install the January Security only patch (win 7 64bit) and move on to February

            MS is past January – there will be no newer version of the Jan. Patch at this point. And the Feb SO also contains the Meltdown/Spectre mitigation. See my comment at the top of this thread.

            Looks like bite the bullet or stop patching.

            1 user thanked author for this post.
            • #167525 Reply

              anonymous

              Thank you PKCano for answering. I too felt “nope, this is it” and we were stuck with the January patch “as-is”. Noel did a good test and it worries me (I also assume he had the February patches too). BUT, Noel’s PC is deigned for max I/O and most typical home users are internet and email.

              PK, you mentioned Spectre/Meltdown in the February SO patch. Do you know if the February SO patch tried to help this performance loss or just added more protections for Specter/Meltdown. Thank you again.               Windows 7 64bit, group b.

            • #167537 Reply

              PKCano
              AskWoody MVP

              I suspect that the fix in Jan is the same as in Feb. There is no “helping” that I am aware of.

            • #167544 Reply

              Noel Carboni
              AskWoody MVP

              Looks like bite the bullet or stop patching.

              The depth of that really takes a while to sink in…

              The industry has put us into a position where we have to agree to let them make our current products deliver tangibly less value or risk security problems.

              And we’re nearly past questioning why we even NEED patches in the first place.

              -Noel

              1 user thanked author for this post.
            • #167548 Reply

              PKCano
              AskWoody MVP

              All it takes is ONCE. Most people won’t know how to recover.

            • #167563 Reply

              anonymous

              The cost of repairing/replacing my P.C. is going to be the same whether a buggy patch or a virus takes it out. So we’re left designing our individual risk assessment matrices.

              1 user thanked author for this post.
    • #167478 Reply

      sheldon
      AskWoody Lounger

      Hi,

      Using wushowhide, I see various office 2010 updates and others on my WIN01 1709. machine.  I do not see KB4074588 (cumulative update).  Any ideas why not?

      • This reply was modified 2 days, 23 hours ago by  sheldon.
      • This reply was modified 2 days, 23 hours ago by  PKCano.
      • #167481 Reply

        PKCano
        AskWoody MVP

        In Windows Update you have to set the “delay quality updates” to “0” (zero) or the updates won’t show up. The “delay feature updates” can stay wherever you want it. (Assuming the ALLOW RegKey is set by your AV).

        • #167484 Reply

          sheldon
          AskWoody Lounger

          When I ran wushowhide, I set delay quality updates” to “0” (zero).  At that point I saw all the updates except KB4074588 (cumulative update) in wushowhide.  ALLOW RegKey is set by my AV (defender)

          • This reply was modified 2 days, 22 hours ago by  sheldon.
          • #167565 Reply

            sheldon
            AskWoody Lounger

            It was there after all – just missed it

    • #167480 Reply

      davinci953
      AskWoody Lounger

      Looks like bite the bullet or stop patching.

      I installed the January IE SO update, but not the January OS SO update (yet). Still group B; however, I’m not chomping at the bit to install it. I have an older HP system that I very much doubt will ever see processor microcode updates from HP. I might be headed to the stop patching camp.

      1 user thanked author for this post.
    • #167494 Reply

      anonymous

      I’m trying to understand: Are February patches still plagued by January’s patch issues related to AV installed?

      February’s security only patches do not include January’s as well. The Monthly Quality Roll-up would though, correct?

      • #167508 Reply

        PKCano
        AskWoody MVP

        Jan and Feb patches require that the AV has set the ALLOW Regkey in order to install from WU – and that is from now on.
        Jan and Feb patches (Rollup and SO) contain the Meltdown/Spectre mitigation.

        See my post ant the top of this thread.

        • #167650 Reply

          anonymous

          Even on a clean install of Windows 10 Pro 1709 with the registry key set, Windows updates won’t show up here. Sure, the next Windows 10 release is around the corner so Microsoft retards can go ahead and break more stuff. Actually, Windows 8.1 is more stable and quite a bit faster than Windows 10 anyway; and 1709 is by far the slowest and crapped up Windows version. Sure, the experts at Microsoft don’t care and the upcoming version has the same issues.

    • #167551 Reply

      anonymous

      I updated KB4076492 which was changed to KB4054981 in the installed window, and KB0944598. So far I don’t see any problems with our Windows 7 64bit SP1 AMD processor.

    • #167552 Reply

      anonymous

      For the first time in ages, I got a notification for an update with Office 2010 starter. Since I rarely use it anyways, and don’t know if it would even pop up the warning again anytime soon, I went ahead and installed it. But I have no idea what it did. Word and Excel still take their usual sweet time loading up and then work fine, with the single “ad” for upgrading to full Office.

      Anyone have any details on this? If it happened all the time, I’d think it was just the Office 2010 updates filtering down to Starter, but, since such updates are so rare, I don’t know.

      • #167583 Reply

        Sueska
        AskWoody Lounger

        Yes, I have the Office Starter 2010 too, the click to run version on a Win 7 PC.  My Win 7’s windows update setting is set to “Check for updates, but let me choose whether to download and install them”. My Office Starter 2010 (click to run version) is typically (if  ever) not updated by windows updates, but instead silently updates in the background.  The only way I know Office updated is by checking the Office version number and comparing against the information in the website below. On the version I run, I check the office version by opening an office application (such as Word), select File,  Help and look for the Office click to product (click to run) update version. This is the website to see the Office Starter 2010 version update release dates. https://support.office.com/en-us/article/update-history-for-office-2010-click-to-run-products-ac74f68c-58f9-49b4-b7a7-75d899e4824d    Per this website, the newest version of Office Starter was released on 2-13-18 and is version 14.0.7194.5000.

        Like you, today was the first time I was actually asked if I wanted to update Office. I was thrilled to be given a choice!!

    • #167569 Reply

      anonymous

      Something else just occurred to me. If the registry setting is required going forward for updates, could it be used as a way to stop updates? Lock that setting where your AV app can’t set it and leave it off until you are ready for the latest updates, and see if it works.

    • #167586 Reply

      anonymous

      Update from the “Failed to Install KB” Anonymous: Just performed System Restore and my Windows Update is now checking updates. Hopefully once it’s finished I will reattempt the installation of KB4074736.

      If worst comes to worst, my laptop will have to survive for another month until a new IE security patch is released.

      Wish me luck.

      • #167589 Reply

        anonymous

        Me again. I’ve read the article about Group A and Group B. Is installing this month’s security monthly roll-up really not a good move?

    • #167590 Reply

      anonymous

      Welp. System Restore plan was also a failure. I’m going Group A now and hopefully the Monthly Roll-up won’t jinx my laptop.

    • #167594 Reply

      anonymous

      Thank you all for your suggestions. Now that the Monthly Roll-up is being downloaded, I salute you all for your time to assist me.

      Wish me and my laptop luck.

      -“Failed to install KB” anonymous

      PS
      I think the Internet Explorer security patch hates me because even the Monthly Roll-up won’t get installed.

      Guess my laptop will have to survive for a month with just a security-only update. -_-

      • #167604 Reply

        anonymous

        To Anonymous “Failed to Install KB :”   Very sorry to hear about your lack of success. This is not good.  If system restore failed then something large/system related got installed and it refuses to go back. Did you run the Microsoft “Disk Cleanup” and clean the system files of updates and previous version OS’s?

        You have win 7 right?  Go here and get the update repair tool (#3) in the list for win 7.

        https://support.microsoft.com/en-us/help/10164/fix-windows-update-errors

        Try the update tool and see. Good luck to you.  Keep us posted!

         

         

         

        • #167632 Reply

          walker
          AskWoody Lounger

          @anonymous:  What do the following mean in the email message (not on the copy I’m seeing here):

          &nbsp

          I see these often and don’t have a clue as to what they mean.   Thank you for any information you may have on these.   Thank you.

          • #167674 Reply

            geekdom
            AskWoody Lounger

            What do the following mean in the email message (not on the copy I’m seeing here): &nbsp I see these often and don’t have a clue as to what they mean. Thank you for any information you may have on these. Thank you.

            &nbsp is HTML coding for a single space within a line of text.

            1 user thanked author for this post.
          • #167679 Reply

            anonymous

            Walker,  Geekdom is right.  &nbsp  is a Non-Breaking SPace (NBSP) used in HTML (web page language). Some email programs don’t deal properly with HTML emails. You can ignore these HTML codes, or consider setting your email program to use and display  “Plain Text”. You will need to internet search (google) for how to do that if needed.

            Edit to remove HTML from cut/paste

            1 user thanked author for this post.
        • #167652 Reply

          anonymous

          @Anonymous I will check to see if that works. Curiously speaking, will my laptop be fine without the security update as long as I’m careful online as I’m aware vulnerabilities will remain on my system?

          • #167683 Reply

            anonymous

            To Anonymous “Failed to Install KB :”  While at the moment there aren’t any attacks out for the Spectre/Meltdown it is a matter of time before they are. You can do various things to protect yourself like a good AV and have Malwarebytes, but the vulnerability and possibility is still there. Hope fully ideas here will help you, but if your MS updates fail to install, this is potentially a grave problem for a computer on the internet. I believe I read where Noel C has friends that constantly OR never update. Both seem to do well. If it were mine I would try to get Windows Update or whatever is causing the install failure, repaired.

    • #167695 Reply

      anonymous

      Uninstaled Jan and Feb patches i have perfomanse lost up to 20 % on AMD Phenom 2 940 W7 SP1 x64

    • #167763 Reply

      anonymous

      Update from “Failed to Install KB” Anonymous: Unfortunately, Disk Cleanup and the WU Troubleshooter was a bust as well. Error 80070057 is a stubborn foe.

      Thank you all for your suggestions. My only hope now is that I’m not the only one in this boat and next month’s patch would work better for my laptop. In the meantime, I’m surfing online with care.

    • #167794 Reply

      anonymous

      Forced update to 1709

      Was at 1607, with Auto Update disabled, Defer Feature updates option set, and using WU ShowHide utility.  Ran WUShowHide, successfully hid the Feature Update for 1607 package, then ran Check for Updates.  PC was updated to 1709 anyway.  MS apparently is overriding other settings and the hidden status of the 1709 update this monthly cycle.  (Support for 1607 is scheduled to end in April.)   PC is stable at 1709 for first several hours of operation.  After 1709 update, privacy settings need to be reset, and various newly added pinned MS apps need to be removed to keep to previous desktop layout.  Windows Update is repeatedly giving a false error that the current Defender definition update can’t be installed, although the Defender window shows that the definition update has already been installed and definitions are current (this false error has been seen previously).

      • #167801 Reply

        woody
        Da Boss

        Was at 1607, with Auto Update disabled, Defer Feature updates option set, and using WU ShowHide utility.

        You’re saying that you were running 1607 Pro. Do you recall what number you had in the “Defer feature updates” box? There’s no blanket setting to defer feature updates.

        • #167826 Reply

          anonymous

          Please correct me if wrong — I believe that in W10 Pro 1607 the Defer Feature Updates setting was a simple checkbox (enable/disable).   In newer Win 10 versions, MS modified it to a settable 0-365 day setting, and that modification or other more recent MS update system/policy changes may have obsoleted the old 1607 setting.   In any event, successfully hiding the Feature Update for 1607 (w/ WUShowHide) didn’t hold off the (inevitable) 1709 update any longer during this February 2018 cycle.

    • #168011 Reply

      anonymous

      Some users had reported about Internet Explorer being prevented from accessing some SharePoint sites & at least 1 banking site (TD Bank), with the error message “Lockdown’ exploit prevented in Internet Explorer”.

      https://community.sophos.com/products/sophos-central/f/sophos-central/100509/lockdown-exploit-prevented-in-internet-explorer-accessing-sharepoint-site/365097

      Culprit patch could be Feb 2018’s Internet Explorer Cumulative Security Update (KB 4074736).

      1 user thanked author for this post.
    • #168038 Reply

      anonymous

      A different “To Anonymous Poster with IE Update Failure”.

      I haven’t read through all comments posted, but in the past I have had problems on a couple of occasions updating IE using updates from the catalogue (both standalone and as part of the roll-up). My symptoms were that the update started, requested a PC reboot, but after doing this it got to about 90% completion (I forget the actual percentage) and then it would revert the changes.

      I eventually found that the problem was due to incorrect logging data in the Registry in the Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT.

      It was suggested in some other online forums that deleting this allowed other people to update IE, but being cautious I looked at this key using “regedit” and saw that it contained a large amount of stuff, not all related to IE, so simply deleting the whole key looked reckless.

      So I did something like the following:

      1) Exported this key to a file called something like WINEVT_Before.reg.

      2) Deleted the key as I had read online.

      3) Successfully installed the IE update.

      4) Exported the new, much shorter version of the key to a file called something like WINEVT_After.reg. This contained 7 or 8 sub-keys related to the IE update which I assumed should probably be present for a successful later IE update (in a later month).

      5) These .reg files can be opened in a text editor like Notepad, so I manually copied the sub-keys from the “After” file either replacing same-named sub-keys in the “Before” file or if not already present just adding the sub-key to the “Before” file. (From memory they were about half of each type.) This gave me an updated .reg file for the key containing the previous non-updated IE stuff plus the updated IE stuff. I then merged this back into the Registry (double clicking the edited .reg file).

      I have since been able to update IE again in later months without problem. I have not tried this month’s IE update yet.

      HTH

      1 user thanked author for this post.
      • #168074 Reply

        anonymous

        Interesting. Will that help resolve error 80070057?

        – “Failed to Install KB” Anonymous

    • #167712 Reply

      anonymous

      To Anonymous poster with failure of IE11 update. Reposting with more information.

      Here is a video of repairing the WU. This will also work for windows 7 & 8.

      The man goes into using Disk Cleanup and clearing system update files, then uses a MS Windows Update Repair tool and mentions  power management settings to allow large updates to succeed. He has success with these tools on his PC which was Windows 10 failing to go to build 1709.

      Windows Update Troubleshooter BuildOrBuy Published on Jan 28, 2018
      https://www.youtube.com/watch?v=XmH5mDpXj-U

       

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: February 2018 Security Patches Are Out

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.