Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • February’s patch Tuesday will be in March

    Home Forums AskWoody blog February’s patch Tuesday will be in March

    This topic contains 52 replies, has 16 voices, and was last updated by  anonymous 3 weeks, 4 days ago.

    • Author
      Posts
    • #94586 Score: 0 | Reply

      woody
      Da Boss
      83 pts

      At least, that’s what the MSRC team notification on the TechNet blog says: UPDATE: 2/15/17: We will deliver updates as part of the planned March Updat
      [See the full post at: February’s patch Tuesday will be in March]

      7 users thanked author for this post.
    • #94590 Score: 0 | Reply

      dononline
      AskWoody Lounger
      7 pts

      Hummm … very strange … it will be interesting watching MS spin their way around this one over the next few days. Well, at least we’re off the hook this month — no patches, no worries, life is good. 🙂

      1 user thanked author for this post.
    • #94598 Score: 0 | Reply

      JNP
      AskWoody Lounger
      1 pt

      So, we’re in Jimi Hendrixland: “If 6 was 9”: https://www.youtube.com/watch?v=vZuFq4CfRR8 🙂. Seriously, as others have written, after all the bad updates, it’s refreshing to see MS pull pack and a try to be more careful.

      1 user thanked author for this post.
    • #94610 Score: 0 | Reply

      abbodi86
      AskWoody MVP
      12 pts

      Well, at least i had time to tinker with Office updates
      it’s time to download and play with latest W10 insider preview build 😀

    • #94634 Score: 0 | Reply

      anonymous

      Vista, 7, 8.1, 1507, 1511, 1607 – we were supposed to have one Windows, but we actually have 6 :).

      1 user thanked author for this post.
    • #94640 Score: 0 | Reply

      212louis
      AskWoody Lounger

      Funny how MS seems to not be concerned with “threats” this month that they would allow users to go “unpatched” for 60 days?
      Really?
      What does that tell users about how seriously we should take the warnings each month about patching “vulnerabilities”?
      I’ve often thought MS’s patch policy was a system based on keeping people tethered through fear and uncertainty and less about actual “threats”. The ease with which MS has dispatched this Feb’s patch Tuesday seems, imo, to support that.
      All these years…all that disinformation.

      • #94641 Score: 0 | Reply

        PKCano
        AskWoody MVP
        34 pts

        Funny how MS seems to not be concerned with “threats” this month that they would allow users to go “unpatched” for 60 days?

        The problem doesn’t seem to be MS lack of concern with threats. The problem seems to be that something – we don’t know what- is broken in the patching system and MS is UNABLE to deliver the patches. For Windows or anything else.
        For years MS has delivered updates with regularity. They are aware of the vulnerabilities (there have been vulnerabilities every month or we wouldn’t have patches) and their implications. In spite of the fact that many do not agree with their “one patch fits all” strategy, I’m am sure they are working overtime to straighten things out.

        2 users thanked author for this post.
        • #94648 Score: 0 | Reply

          212louis
          AskWoody Lounger

          @PK,

          “The problem doesn’t seem to be MS lack of concern with threats. The problem seems to be that something – we don’t know what- is broken in the patching system and MS is UNABLE to deliver the patches.”

          Really? MS can’t figure out what is wrong with their delivery system in 60 days??
          Really, if the “threats” and “vulnerabilities” were/are so perilous, treacherous and high-risk (as they seem to be every month for years on end) how could they leave systems unpatched for 60 days? They couldn’t devote a team to fixing the issue ASAP as soon as it was discovered and stay on schedule? Suddenly fear and threat of infection, viruses and malware took two months off?? That’s pretty curious to me.

          My point is simple…it’s possible that the fear and doubt sown by MS over the years about “threats and vulnerabilities” seem to be overblown and MS’s willingness to allow all OS’s to go unpatched for 60 days is ample evidence of that. Otherwise, MS would have solved their “delivery issue” in time for their regular “the sky is falling, patch your system!!” patch Tuesday.

          The problem doesn’t seem to be MS lack of concern with threats.

          The problem appears to me to be…are these “threats and vulnerabilities” valid and not self serving MS hyperbole?

          Once one loses credibility, it’s very difficult to regain it.

          We all need to start better understanding the power of language, information and disinformation.

          • This reply was modified 1 month ago by  212louis.
          • This reply was modified 1 month ago by  212louis.
          6 users thanked author for this post.
          • #94729 Score: 0 | Reply

            Noel Carboni
            AskWoody MVP
            111 pts

            Suddenly fear and threat of infection, viruses and malware took two months off??

            This is not directed at you, specifically, Louis…

            My advice:

            Don’t live your life in fear. If unknown things worry you, make them known things by educating yourself.

            Fear is used by those who want to manipulate the masses into doing what they want.

            Yes, it’s good to have patched systems, up-to-date antimalware software, etc. – but your computer isn’t likely to roll over and die if a month of patches is missed. Remember, what you’re also avoiding are the problems, reissues of broken patches, and the worry over why your system is now doing something it shouldn’t be.

            As an example I have a Win 7 system whose role is primarily a server and is not interactively used. Lo and behold it hasn’t had a patch since last year, because it simply doesn’t need one to continue to function for its intended purpose. It’s reliable and functional for what it does.

            ScreenGrab_SVN_2017_02_16_121716

            -Noel

            Attachments:
            You must be logged in to view attached files.
            2 users thanked author for this post.
            • #94822 Score: 0 | Reply

              212louis
              AskWoody Lounger

              @Noel,

              I’m good….but I think you may have missed my point.
              I’m not living my life in fear…I’m in Group C on my W7 x64 system. Just .NET Security patches only, that is when MS provides a .NET security patch.

              I’m just positing, and beginning to believe, that MS wants their users to live their computer
              life in fear. That works to MS’s advantage, imo.

              • This reply was modified 1 month ago by  212louis.
              1 user thanked author for this post.
            • #94859 Score: 0 | Reply

              Noel Carboni
              AskWoody MVP
              111 pts

              I’m just positing, and beginning to believe, that MS wants their users to live their computer life in fear.

              I’m in full agreement with you and trying to advise people not to fall for it.

              -Noel

              1 user thanked author for this post.
            • #95096 Score: 0 | Reply

              212louis
              AskWoody Lounger

              @Noel,

              And believe me, you and one or two others here helped me make the decision to become a Group C believer when MS broke the news about the new patching system. Seeing smart people make the case for reasoned approaches to security and patching was instrumental in my decision making process.

              1 user thanked author for this post.
      • #94644 Score: 0 | Reply

        anonymous

        @ 212louis

        Yes, agree.

        1 user thanked author for this post.
    • #94707 Score: 0 | Reply

      ltorres
      AskWoody Lounger

      Will this apply to the Adobe Flash updates via Windows updates as well?

      • #94712 Score: 0 | Reply

        woody
        Da Boss
        83 pts

        Yes. As a result, IE and Edge running on Windows won’t have the Flash patches until next month.

        1 user thanked author for this post.
        • #94765 Score: 0 | Reply

          rc primak
          AskWoody Lounger
          14 pts

          If that’s true, and even MSRT isn’t being delivered, I can only conclude one thing:

          MS Updates got hacked.

          -- rc primak

        • #94789 Score: 0 | Reply

          anonymous

          Although I’m not computer-savvy enough to solve the mystery myself, I hope the following bit of information can be of some use to the more expert posters who are trying to discover the reason why there are no February 2017 patches for several versions of the Windows OS as well as various other Microsoft applications e.g. Office, Microsoft Security Essentials, etc. I’ve been offered (and I’ve downloaded and installed) Windows Defender anti-malware definition updates THROUGH THE WINDOWS UPDATE interface on my PC on a daily basis without interruption or problems during the entire month of February up to and including today February 16th. I’m running Windows 8.1 Pro. My Windows Update settings are: “Check for updates but let me choose whether to download and install them” and “Give me recommended updates the same way I receive important updates”. I have not checked the box next to “Give me updates for other Microsoft products when I update Windows”.
          Regards, Harris.

      • #94713 Score: 0 | Reply

        PKCano
        AskWoody MVP
        34 pts

        The Flash Player updates for Win8.1 and later are covered in the IE/Edge updates. So for that part, the answer is “yes” they are delayed because all patching is delayed.

        Adobe has released the Flash updates for IE in Win7, Active x, the NPAPI update, and the update for other platforms/OSs. Version 24.0.0.221 is available on their website at Adobe dot com.

        • This reply was modified 1 month ago by  PKCano. Reason: Edit ti include Edge
        2 users thanked author for this post.
        • #95073 Score: 0 | Reply

          rc primak
          AskWoody Lounger
          14 pts

          Flash Player for Edge and IE 11 embedded has always been a separate patch, whether obtained through the MS Updates Catalog (where this month’s patch is not in evidence) or through MS Updates (automatic updates). Same for MSRT.

          That’s why the absence of these patches looks so ominous to some of us.

          -- rc primak

    • #94723 Score: 0 | Reply

      Noel Carboni
      AskWoody MVP
      111 pts

      From lemons to lemonade…

      Someone in another thread commented that a lack of patches from Microsoft is actually kind of nice; not having to work through all the trouble of what to do to prevent your computer system from melting down or doing things you don’t want after patching IS indeed a relaxing thought!

      For Windows 8.1, January already saw no patches from Microsoft. Now we’re skipping February too. So my workstation can be run for another few months before an update requires a reboot. It’ll be interesting to see how long that will be, since Windows Updates are really the only reason I reboot it any more… Right now, having installed the December patches in January, my uptime is 34 days.

      ScreenGrab_NoelC4_2017_02_16_120139

      Thoughts turn toward security vulnerabilities, but always keep in mind that the vulnerabilities being patched have often been in the operating system forever. If you have a reasonable security environment and practice common sense computing, hackers and malware shouldn’t be knocking at your door constantly, so the risk isn’t high for leaving those vulnerabilities in for a while longer.

      If you have a stable system, enjoy the additional time off from waiting on Windows Update to do what YOU want to do, not what Microsoft wants you to do. 🙂

      -Noel

      Attachments:
      You must be logged in to view attached files.
      4 users thanked author for this post.
    • #94738 Score: 0 | Reply

      Bill C.
      AskWoody Lounger
      3 pts

      I wonder if this is related. Original Windows 10 life support extended.

      http://www.infoworld.com/article/3170874/microsoft-windows/microsoft-quietly-prolongs-life-of-original-windows-10.html

      Maybe it is to spread out increased server demand in March.

    • #94741 Score: 0 | Reply

      abbodi86
      AskWoody MVP
      12 pts

      At least, Vista users will have a free month of wotking Windows Update

      ending article is up
      Windows Vista support is ending

      • This reply was modified 1 month ago by  abbodi86.
    • #94744 Score: 0 | Reply

      Microfix
      AskWoody Lounger
      20 pts

      Is this happening to anyone else on the WU catalog?

      | x64 Group B: W7 Pro & W8.1 Pro | | x64 Group W: 3 x Linux Hybrids |
        No problem can be solved from the same level of consciousness that created IT - AE
      Attachments:
      You must be logged in to view attached files.
      1 user thanked author for this post.
      • #94747 Score: 0 | Reply

        PKCano
        AskWoody MVP
        34 pts

        Mine is working OK in Firefox.

        • #94750 Score: 0 | Reply

          Microfix
          AskWoody Lounger
          20 pts

          Yup, working fine now after clearing browser cache, thanks.

          | x64 Group B: W7 Pro & W8.1 Pro | | x64 Group W: 3 x Linux Hybrids |
            No problem can be solved from the same level of consciousness that created IT - AE
        • #95077 Score: 0 | Reply

          rc primak
          AskWoody Lounger
          14 pts

          The Catalog works fine. Even in Linux and Chrome Browser, I can see all the downloads. But the new patches aren’t there. Not even Flash Player. So this is pretty much a useless exercise at this point.

          -- rc primak

    • #94752 Score: 0 | Reply

      WildBill
      AskWoody Lounger
      2 pts

      Interesting as to a possible cause for this. Whether it’s fear of SMBv3 zero-day, Windows Update is broken, or (my guess) a serious bug in a patch. Due to Cumulative Updates & Monthly Rollups, the only way to avoid the bug is to avoid Everything; even if it takes a month. (It Shouldn’t take that long to fix it, but shipping the package after the bug is fixed will throw off the Windows Update schedule. Maybe?

      Wild Bill Rides Again...

    • #94821 Score: 0 | Reply

      Seff
      AskWoody Lounger
      12 pts

      According to the BBC:-

      “February was also when Microsoft was due to break its security fixes into two – one for Windows and another for its browsers. Getting the separation and testing system to work reliably is believed to have caused the delay.”

      http://www.bbc.co.uk/news/technology-38992298

      1 user thanked author for this post.
      • #94825 Score: 0 | Reply

        woody
        Da Boss
        83 pts

        All due respect to the Beeb, but I doubt the delay is due to separating out IE patches.

        2 users thanked author for this post.
    • #94910 Score: 0 | Reply

      anonymous

      This is why the updates should have just been kept individual. I like the idea of the rollup model but when stuff like this happens then it means we have to go another month without getting updates. If it were up to me, security updates would have been kept as individual patches. But fixes and all that I don’t mind having in a rollup, but for security updates I feel should be separate from the bug fixes.

      Also Woody, say there was an exploit so dire and they were having trouble with a rollup (like they are now) do you think MS would issue an emergency update to fix said exploit or do you think they’d keep you waiting until next month? Because I really feel they should issue a temporary patch for the SMB exploit that’s been affecting some people.

      Also I will say this. I will commend Microsoft for not releasing this month’s updates since they found an issue last minute. I would rather wait a month to make sure I get a working update rather then having them ship out a glitchy update. But still. I feel they should at least issue a temporary patch for that SMB exploit. That’s my 2 cents.

      2 users thanked author for this post.
    • #94926 Score: 0 | Reply

      ch100
      AskWoody MVP
      30 pts

      The March 2017 Preview is due next Tuesday, February, 21.
      Let’s see what surprise we will get.
      Maybe version 5 of KB3125574 with all outstanding issues from version 4 fixed?

      1 user thanked author for this post.
    • #94928 Score: 0 | Reply

      anonymous

      Concerning the Flash updates – my source told me, that MS intends to ship the update as early as possible. But we will know within the next two weeks, if that’s true – or an “alternative fact” ;-).

      It seems, that only a few heads in the inner MS circle knows, what’s going on with the patch machinery.

      Günter Born

      4 users thanked author for this post.
      • #95136 Score: 0 | Reply

        ch100
        AskWoody MVP
        30 pts

        We might even see a newer Windows Update back-end platform implemented which takes time to implement and test.
        There are known issues with delivering Windows 10 updates and upgrades and Delivery Optimization does not work well.
        Microsoft is making preparations to implement the newer mechanism for delivering updates via UUP.
        https://blogs.windows.com/windowsexperience/2016/11/03/introducing-unified-update-platform-uup/

        • #95154 Score: 0 | Reply

          abbodi86
          AskWoody MVP
          12 pts

          UUP is for upgrades only.. so far 😀

          i tested it in its both forms:
          – canonical
          complete segmented ESD files

          – express
          differential delta-downloaded files = the exact mechanism used by regular Windows Update

          2 users thanked author for this post.
          • #95159 Score: 0 | Reply

            ch100
            AskWoody MVP
            30 pts

            @abbodi86
            Do you know if UUP is related or uses DO or is an entirely new mechanism?
            Also do you know what is different between BITS and DO delivery mechanisms?
            I have a particular interest in DO and its configuration.
            There was another thread here dealing with DO and another issue not related, with posts only between me and one anonymous user which I think was lost when the site went down not long ago.
            I am currently of the opinion (unless or until someone convinces me otherwise) that the only reliable mechanism for Windows 10 1607 delivery of the updates is via BITS, i.e. option Bypass (100) in the Group Policy for DO.
            For 1507 and 1511 the only available good option which disables DO is option HTTP (0), which has different behaviour in 1607.

    • #95029 Score: 0 | Reply

      abbodi86
      AskWoody MVP
      12 pts

      The March 2017 Preview is due next Tuesday, February, 21.
      Let’s see what surprise we will get.
      Maybe version 5 of KB3125574 with all outstanding issues from version 4 fixed?

      I’m pretty sure we won’t get new version of KB3125574
      because it contain .NET fixes, but no IE fixes
      while the Monthly Rollup contain IE fixes, but not .NET fixes

      they said that old fixes will be added on bulks, not whole 🙂

      and if the issue is withinh delivery system, we won’t see any updates till March 🙁

    • #95079 Score: 0 | Reply

      rc primak
      AskWoody Lounger
      14 pts

      While all this gets sorted out, I’ll continue to update third-party software and security software. But I would not trust Windows right now. I will continue doing the bulk of my work (and play) in Linux, at least until this mess clears up.

      -- rc primak

    • #96387 Score: 0 | Reply

      anonymous

      So much for being careful on the web being enough:
      https://krebsonsecurity.com/2017/02/how-to-bury-a-major-breach-notification/

    • #96801 Score: 0 | Reply

      anonymous

      From https://support.microsoft.com/en-us/help/894199/description-of-software-update-services-and-windows-server-update-services-changes-in-content-for-2017:

      “This is a summary of the new and changed content to be released on Wednesday, February 22, 2017

      New nonsecurity content:

      Windows Malicious Software Removal Tool – February 2017 (KB890830)”

    • #96903 Score: 0 | Reply

      anonymous

      Today MSRT (KB890820) February version showed up and was installed with no problems. What is going on?
      Leif Lagerstedt

    • #97557 Score: 0 | Reply

      anonymous

      Ahoy Cap’n Woody!

      Sainty Here.

      Just caught up with the Win Update No-Show for Feb.

      Hence MS-DEFCON 2, I presume.

      So nice of The MS-BORG to give us all a break this past month!

      Must have put “Take Me To Your Leader” on hold for the moment.

      Wonder Why…?!

      Heading for the Holo-Deck for the extra R&R – any suggestions what to play?

      Cheers!

      Sainty⚓️🖖🚀🇬🇧

      1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: February’s patch Tuesday will be in March

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.