February’s patch Tuesday will be in March

Topic

New Reply

At least, that’s what the MSRC team notification on the TechNet blog says: UPDATE: 2/15/17: We will deliver updates as part of the planned March Updat
[See the full post at: February’s patch Tuesday will be in March]

7 users thanked author for this post.

JDeC, walker, Pepsiboy, abbodi86, ch100, lmacri, dononline

Reply | Quote

Replies

Hummm … very strange … it will be interesting watching MS spin their way around this one over the next few days. Well, at least we’re off the hook this month — no patches, no worries, life is good. 🙂

1 user thanked author for this post.

Noel Carboni

Reply | Quote

So, we’re in Jimi Hendrixland: “If 6 was 9”: https://www.youtube.com/watch?v=vZuFq4CfRR8 ?. Seriously, as others have written, after all the bad updates, it’s refreshing to see MS pull pack and a try to be more careful.

1 user thanked author for this post.

dononline

Reply | Quote

Well, at least i had time to tinker with Office updates
it’s time to download and play with latest W10 insider preview build 😀

Reply | Quote

Vista, 7, 8.1, 1507, 1511, 1607 – we were supposed to have one Windows, but we actually have 6 :).

1 user thanked author for this post.

WildBill

Reply | Quote

One Windows to rule them all…

https://www.youtube.com/watch?v=fJlz6nEOT7w

1 user thanked author for this post.

WildBill

Reply | Quote

Funny how MS seems to not be concerned with “threats” this month that they would allow users to go “unpatched” for 60 days?
Really?
What does that tell users about how seriously we should take the warnings each month about patching “vulnerabilities”?
I’ve often thought MS’s patch policy was a system based on keeping people tethered through fear and uncertainty and less about actual “threats”. The ease with which MS has dispatched this Feb’s patch Tuesday seems, imo, to support that.
All these years…all that disinformation.

Reply | Quote

212louis wrote:

Funny how MS seems to not be concerned with “threats” this month that they would allow users to go “unpatched” for 60 days?

The problem doesn’t seem to be MS lack of concern with threats. The problem seems to be that something – we don’t know what- is broken in the patching system and MS is UNABLE to deliver the patches. For Windows or anything else.
For years MS has delivered updates with regularity. They are aware of the vulnerabilities (there have been vulnerabilities every month or we wouldn’t have patches) and their implications. In spite of the fact that many do not agree with their “one patch fits all” strategy, I’m am sure they are working overtime to straighten things out.

2 users thanked author for this post.

walker, ch100

Reply | Quote

@PK,

“The problem doesn’t seem to be MS lack of concern with threats. The problem seems to be that something – we don’t know what- is broken in the patching system and MS is UNABLE to deliver the patches.”

Really? MS can’t figure out what is wrong with their delivery system in 60 days??
Really, if the “threats” and “vulnerabilities” were/are so perilous, treacherous and high-risk (as they seem to be every month for years on end) how could they leave systems unpatched for 60 days? They couldn’t devote a team to fixing the issue ASAP as soon as it was discovered and stay on schedule? Suddenly fear and threat of infection, viruses and malware took two months off?? That’s pretty curious to me.

My point is simple…it’s possible that the fear and doubt sown by MS over the years about “threats and vulnerabilities” seem to be overblown and MS’s willingness to allow all OS’s to go unpatched for 60 days is ample evidence of that. Otherwise, MS would have solved their “delivery issue” in time for their regular “the sky is falling, patch your system!!” patch Tuesday.

The problem doesn’t seem to be MS lack of concern with threats.

The problem appears to me to be…are these “threats and vulnerabilities” valid and not self serving MS hyperbole?

Once one loses credibility, it’s very difficult to regain it.

We all need to start better understanding the power of language, information and disinformation.

6 users thanked author for this post.

walker, Noel Carboni, SueW, dononline, abbodi86, woody

Reply | Quote

212louis wrote:

Suddenly fear and threat of infection, viruses and malware took two months off??

This is not directed at you, specifically, Louis…

My advice:

Don’t live your life in fear. If unknown things worry you, make them known things by educating yourself.

Fear is used by those who want to manipulate the masses into doing what they want.

Yes, it’s good to have patched systems, up-to-date antimalware software, etc. – but your computer isn’t likely to roll over and die if a month of patches is missed. Remember, what you’re also avoiding are the problems, reissues of broken patches, and the worry over why your system is now doing something it shouldn’t be.

As an example I have a Win 7 system whose role is primarily a server and is not interactively used. Lo and behold it hasn’t had a patch since last year, because it simply doesn’t need one to continue to function for its intended purpose. It’s reliable and functional for what it does.

-Noel

2 users thanked author for this post.

Elly, dononline

Reply | Quote

@Noel,

I’m good….but I think you may have missed my point.
I’m not living my life in fear…I’m in Group C on my W7 x64 system. Just .NET Security patches only, that is when MS provides a .NET security patch.

I’m just positing, and beginning to believe, that MS wants their users to live their computer
life in fear. That works to MS’s advantage, imo.

1 user thanked author for this post.

Noel Carboni

Reply | Quote

I’m just positing, and beginning to believe, that MS wants their users to live their computer life in fear.

I’m in full agreement with you and trying to advise people not to fall for it.

-Noel

1 user thanked author for this post.

212louis

Reply | Quote

@Noel,

And believe me, you and one or two others here helped me make the decision to become a Group C believer when MS broke the news about the new patching system. Seeing smart people make the case for reasoned approaches to security and patching was instrumental in my decision making process.

1 user thanked author for this post.

Noel Carboni

Reply | Quote

@ 212louis

Yes, agree.

1 user thanked author for this post.

212louis

Reply | Quote

Will this apply to the Adobe Flash updates via Windows updates as well?

Reply | Quote

Yes. As a result, IE and Edge running on Windows won’t have the Flash patches until next month.

1 user thanked author for this post.

ltorres

Reply | Quote

If that’s true, and even MSRT isn’t being delivered, I can only conclude one thing:

MS Updates got hacked.

-- rc primak

Reply | Quote

Although I’m not computer-savvy enough to solve the mystery myself, I hope the following bit of information can be of some use to the more expert posters who are trying to discover the reason why there are no February 2017 patches for several versions of the Windows OS as well as various other Microsoft applications e.g. Office, Microsoft Security Essentials, etc. I’ve been offered (and I’ve downloaded and installed) Windows Defender anti-malware definition updates THROUGH THE WINDOWS UPDATE interface on my PC on a daily basis without interruption or problems during the entire month of February up to and including today February 16th. I’m running Windows 8.1 Pro. My Windows Update settings are: “Check for updates but let me choose whether to download and install them” and “Give me recommended updates the same way I receive important updates”. I have not checked the box next to “Give me updates for other Microsoft products when I update Windows”.
Regards, Harris.

Reply | Quote

The Flash Player updates for Win8.1 and later are covered in the IE/Edge updates. So for that part, the answer is “yes” they are delayed because all patching is delayed.

Adobe has released the Flash updates for IE in Win7, Active x, the NPAPI update, and the update for other platforms/OSs. Version 24.0.0.221 is available on their website at Adobe dot com.

2 users thanked author for this post.

SueW, JDeC

Reply | Quote

Flash Player for Edge and IE 11 embedded has always been a separate patch, whether obtained through the MS Updates Catalog (where this month’s patch is not in evidence) or through MS Updates (automatic updates). Same for MSRT.

That’s why the absence of these patches looks so ominous to some of us.

-- rc primak

Reply | Quote

From lemons to lemonade…

Someone in another thread commented that a lack of patches from Microsoft is actually kind of nice; not having to work through all the trouble of what to do to prevent your computer system from melting down or doing things you don’t want after patching IS indeed a relaxing thought!

For Windows 8.1, January already saw no patches from Microsoft. Now we’re skipping February too. So my workstation can be run for another few months before an update requires a reboot. It’ll be interesting to see how long that will be, since Windows Updates are really the only reason I reboot it any more… Right now, having installed the December patches in January, my uptime is 34 days.

Thoughts turn toward security vulnerabilities, but always keep in mind that the vulnerabilities being patched have often been in the operating system forever. If you have a reasonable security environment and practice common sense computing, hackers and malware shouldn’t be knocking at your door constantly, so the risk isn’t high for leaving those vulnerabilities in for a while longer.

If you have a stable system, enjoy the additional time off from waiting on Windows Update to do what YOU want to do, not what Microsoft wants you to do. 🙂

-Noel

4 users thanked author for this post.

Elly, SueW, 212louis, dononline

Reply | Quote

I wonder if this is related. Original Windows 10 life support extended.

http://www.infoworld.com/article/3170874/microsoft-windows/microsoft-quietly-prolongs-life-of-original-windows-10.html

Maybe it is to spread out increased server demand in March.

Reply | Quote

See https://www.askwoody.com/2017/cut-through-the-bafflegab-of-windows-10-versions-branches-updates-and-builds/

Reply | Quote

At least, Vista users will have a free month of wotking Windows Update

ending article is up
Windows Vista support is ending

Reply | Quote

Not sure about the link.

Vista eol is April 11. Maybe they’ll get an extra month? Nawwwwww…. 🙂

Reply | Quote

Try this one
https://support.microsoft.com/en-au/help/13853/windows-lifecycle-fact-sheet

1 user thanked author for this post.

walker

Reply | Quote

Sorry, corrected link
https://support.microsoft.com/en-us/help/22882

i ment Vista users didn’t have to deal with WU hassle this month 😀

Reply | Quote

Ah, there it is….

Reply | Quote

Is this happening to anyone else on the WU catalog?

Windows - commercial by definition and now function...

1 user thanked author for this post.

rc primak

Reply | Quote

Mine is working OK in Firefox.

Reply | Quote

Yup, working fine now after clearing browser cache, thanks.

Windows - commercial by definition and now function...

Reply | Quote

The Catalog works fine. Even in Linux and Chrome Browser, I can see all the downloads. But the new patches aren’t there. Not even Flash Player. So this is pretty much a useless exercise at this point.

-- rc primak

Reply | Quote

Interesting as to a possible cause for this. Whether it’s fear of SMBv3 zero-day, Windows Update is broken, or (my guess) a serious bug in a patch. Due to Cumulative Updates & Monthly Rollups, the only way to avoid the bug is to avoid Everything; even if it takes a month. (It Shouldn’t take that long to fix it, but shipping the package after the bug is fixed will throw off the Windows Update schedule. Maybe?

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

According to the BBC:-

“February was also when Microsoft was due to break its security fixes into two – one for Windows and another for its browsers. Getting the separation and testing system to work reliably is believed to have caused the delay.”

http://www.bbc.co.uk/news/technology-38992298

1 user thanked author for this post.

212louis

Reply | Quote

All due respect to the Beeb, but I doubt the delay is due to separating out IE patches.

2 users thanked author for this post.

rc primak, abbodi86

Reply | Quote

This is why the updates should have just been kept individual. I like the idea of the rollup model but when stuff like this happens then it means we have to go another month without getting updates. If it were up to me, security updates would have been kept as individual patches. But fixes and all that I don’t mind having in a rollup, but for security updates I feel should be separate from the bug fixes.

Also Woody, say there was an exploit so dire and they were having trouble with a rollup (like they are now) do you think MS would issue an emergency update to fix said exploit or do you think they’d keep you waiting until next month? Because I really feel they should issue a temporary patch for the SMB exploit that’s been affecting some people.

Also I will say this. I will commend Microsoft for not releasing this month’s updates since they found an issue last minute. I would rather wait a month to make sure I get a working update rather then having them ship out a glitchy update. But still. I feel they should at least issue a temporary patch for that SMB exploit. That’s my 2 cents.

2 users thanked author for this post.

Elly, woody

Reply | Quote

The March 2017 Preview is due next Tuesday, February, 21.
Let’s see what surprise we will get.
Maybe version 5 of KB3125574 with all outstanding issues from version 4 fixed?

1 user thanked author for this post.

walker

Reply | Quote

! 🙂

Reply | Quote

Concerning the Flash updates – my source told me, that MS intends to ship the update as early as possible. But we will know within the next two weeks, if that’s true – or an “alternative fact” ;-).

It seems, that only a few heads in the inner MS circle knows, what’s going on with the patch machinery.

Günter Born

4 users thanked author for this post.

Elly, ch100, rc primak, woody

Reply | Quote

We might even see a newer Windows Update back-end platform implemented which takes time to implement and test.
There are known issues with delivering Windows 10 updates and upgrades and Delivery Optimization does not work well.
Microsoft is making preparations to implement the newer mechanism for delivering updates via UUP.
https://blogs.windows.com/windowsexperience/2016/11/03/introducing-unified-update-platform-uup/

Reply | Quote

UUP is for upgrades only.. so far 😀

i tested it in its both forms:
– canonical
complete segmented ESD files

– express
differential delta-downloaded files = the exact mechanism used by regular Windows Update

2 users thanked author for this post.

walker, ch100

Reply | Quote

@abbodi86
Do you know if UUP is related or uses DO or is an entirely new mechanism?
Also do you know what is different between BITS and DO delivery mechanisms?
I have a particular interest in DO and its configuration.
There was another thread here dealing with DO and another issue not related, with posts only between me and one anonymous user which I think was lost when the site went down not long ago.
I am currently of the opinion (unless or until someone convinces me otherwise) that the only reliable mechanism for Windows 10 1607 delivery of the updates is via BITS, i.e. option Bypass (100) in the Group Policy for DO.
For 1507 and 1511 the only available good option which disables DO is option HTTP (0), which has different behaviour in 1607.

Reply | Quote

I had mine set on 99 for a while, but changed it to 100 around the time the 15000 series came out. I described my method on one of Crysta’s topics about a build being available. When everyone was stuck on Download at 0% for 15019, 15025 and 15031, I got them with relative ease. Will see if I can find the link (if it wasn’t loas last weekend).
EDIT:
Here: https://www.askwoody.com/forums/topic/announcing-windows-10-insider-preview-build-15031-for-pc/#post-92917

And here: https://www.askwoody.com/forums/topic/announcing-windows-10-insider-preview-build-15031-for-pc/#post-92947

1 user thanked author for this post.

ch100

Reply | Quote

UUP uses whatever WU use, whether default DO or BITS

not really, i have zero knowledge in networking
but i noticed that DO uses HTTPS, while BITS default to HTTP 😀

yep, that’s what i set too
and as PKCano said, some insider builds wouldn’t get downloaded with DO, the workaround suggested was to disabe DO service and reboot

Reply | Quote

I tried disabling DO and it didn’t work. Note the PowerShell command “restart-service WinRM” – I picked up that piece from Gunter Born

Reply | Quote

ch100 wrote:

The March 2017 Preview is due next Tuesday, February, 21.
Let’s see what surprise we will get.
Maybe version 5 of KB3125574 with all outstanding issues from version 4 fixed?

I’m pretty sure we won’t get new version of KB3125574
because it contain .NET fixes, but no IE fixes
while the Monthly Rollup contain IE fixes, but not .NET fixes

they said that old fixes will be added on bulks, not whole 🙂

and if the issue is withinh delivery system, we won’t see any updates till March 🙁

Reply | Quote

@abbodi86
You don’t have to take everything seriously. 😀

Reply | Quote

Yeah, but i must find something to contribute 😀

Reply | Quote

While all this gets sorted out, I’ll continue to update third-party software and security software. But I would not trust Windows right now. I will continue doing the bulk of my work (and play) in Linux, at least until this mess clears up.

-- rc primak

Reply | Quote

So much for being careful on the web being enough:
https://krebsonsecurity.com/2017/02/how-to-bury-a-major-breach-notification/

Reply | Quote

From https://support.microsoft.com/en-us/help/894199/description-of-software-update-services-and-windows-server-update-services-changes-in-content-for-2017:

“This is a summary of the new and changed content to be released on Wednesday, February 22, 2017

New nonsecurity content:

Windows Malicious Software Removal Tool – February 2017 (KB890830)”

Reply | Quote

Today MSRT (KB890820) February version showed up and was installed with no problems. What is going on?
Leif Lagerstedt

Reply | Quote

Ahoy Cap’n Woody!

Sainty Here.

Just caught up with the Win Update No-Show for Feb.

Hence MS-DEFCON 2, I presume.

So nice of The MS-BORG to give us all a break this past month!

Must have put “Take Me To Your Leader” on hold for the moment.

Wonder Why…?!

Heading for the Holo-Deck for the extra R&R – any suggestions what to play?

Cheers!

Sainty⚓️????

1 user thanked author for this post.

woody

Reply | Quote