• January security patches are coming shortly

    Home » Forums » Newsletter and Homepage topics » January security patches are coming shortly


    The Release Notes are up. Expect details in the next couple of hours.
    [See the full post at: January security patches are coming shortly]

    4 users thanked author for this post.
    Viewing 25 reply threads
    • #157809

      Software Update Services changes in content for Jan 9, 2018.

      4 users thanked author for this post.
    • #157827
      2 users thanked author for this post.
    • #157818

      So well, I have something to confess: i upgraded on january 3rd  despite the MSdefcon 2 (cuz I forgot to turn off automatic updates) fortunately nothing bad happened, and well, I dont know if this is useful or not, but apparently there are no updates that change the build of 1703   so it means that may mean that if you installed the january 3rd updates, you already have the build of this month

    • #157841

      I let the update go through (KB 4056892) when it was first offered on January 3rd. All I got today was the MSRT and a Flash update. I have an Intel processor (i5 7400), and haven’t experienced any slowdown or bluescreens. My initial thought is to leave well enough alone… Should I be safe?

    • #157845

      For those who missed previous mentions, January 3, 2018—KB4056898 (Security-only update) (applies to Windows 8.1 and Windows Server 2012 R2 Standard) is at version 2 in the Microsoft Update Catalog.

      2 users thanked author for this post.
    • #157837
      1 user thanked author for this post.
    • #157851
      1 user thanked author for this post.
    • #157862

      The synchronization on WSUS, multiple independent WSUS servers, is showing yet another foul-up by Microsoft.

      A number of the hotfixes released today have come in duplicated. e.g. 38 entries each for KB4011656, KB4016110 32 bit, KB4016110 64 bit, etc.


      1 user thanked author for this post.
    • #157874

      And Office 2007 got updates again, for the 3rd month in a row since it was officially declared unsupported in October 2017. It is ironic: I did not manage to migrate from Vista to Windows 7 in time last April, but was adamant to be on time with upgrading from Office 2007 to 2010 and succeeded in doing that. In hindsight, my rush apparently was not needed. I wish I knew back then, it would have been less stressful. It makes me wonder when they really stop patching Office 2007 and what the reason is behind still providing patches.

      ASRock Beebox J3160 - Win7 Ultimate x64
      Asus VivoPC VC62B - Win7 Ultimate x64
      Dell Latitude E6430 - Win7 Ultimate x64, Win10 Pro 22H2 x64 (multiboot)
      Dell Latitude XT3 - Win7 Ultimate x86
      Asus H170 Pro Gaming - Win10 Pro 22H2 x64

      2 users thanked author for this post.
    • #157877

      Does anyone know why there haven’t been any critical security updates for Windows these last 3 months? (Except for the kernel patch) Is this normal? I mean, 3 months is a long time!

    • #157889

      Any thoughts on this by the way?
      Maybe make a post about this, Woody?

      • #157898

        I’ve been thinking about writing about Terry’s post (and the new version of “Protect your device“) and I’m very ambivalent about it.

        Microsoft ran its performance tests, and that’s great. (Obviously they didn’t include any AMD processors.) The results are waffling in the extreme. And the conclusion serves Microsoft’s purposes. It’s the same argument I have against writing about the results of “studies” that Microsoft has funded.

        What I’d like to see is an independent, third party confirmation of the results.

        Performance stats are hard. You really have to clock something specific – or rely on benchmarks that may or may not make a difference. In my experience, a variance of 20% or more in speed isn’t really noticeable.

        But that’s just me….

        OH. And I should add…. I think the big question will be browser performance hits. “Normal” Windows users aren’t going to see any Meltdown/Spectre exploits in the near future. But they may get bit by their browser.

        5 users thanked author for this post.
        • #157941

          I just got Waterfox updated to 56.0.2 in the Mac; still have to start the Windows PC and find out if the update is there too:


          The updated Waterfox now has the same tweak as Firefox does to prevent some rogue software at a Web site from siphoning one’s personal information through the straw of Spectre: to degrade the clock timing internally, so the attacking software cannot get sufficiently in sync with the computer clock to have a good chance at succeeding in its evil errand. This is at the price of slower response, which I have not noticed, probably for the reason that Woody pointed out: it is too small to notice during normal usage of the browser.

          I have a comment on when to update Windows, now that a ton of updates is on offer (looking at “ghacks”, they do not seem to have any “critical” updates listed there, only “important” ones, which is a bit odd), and it is this:

          I cannot do anything much until my anti virus, Webroot Secure Anywhere does the Register tweaking, which they are promising it will be next week.

          But, considering I never update Windows for at least two weeks after patch Tuesday, as a rule, that makes no difference to me.

          As to the danger of going unpatched in the face of Meltdown and Spectre: there are no reports of it being out in the wild and  being exploited by nasty people. However, how would one know that for sure? Black hats usually do not post their exploits on social media, and they are unlikely to go and hack into the computers of white hats that can figure out pretty quickly what is going on and let their black cats out of the bag. No, black hats will much rather nobody notices what they are up to for as long as possible, so they can carry on for as long as possible exploiting their nasty, but profitable, tricks.

          So, either this is not being used for ill already, or the usual reasonable precautions against phishing and social engineering, or (as far as “Meltdown” goes, anyway) the precaution of never opening mysterious emails but deleting them right away, and as far as “Spectre” goes, the precaution of never go looking for free porno and the like in dark places, may be paying off quite nicely, so far: all the crying, wailing and gnashing of teeth seems to be about BSODs, from people with non-Intel CPUs in their machines, or people that did not check if their Register had been tweaked already by their AV providers… and then found, the hardest way, that it wasn’t.

          So I intend to wait another two weeks or so before doing anything about this: rest easy, friends; I intend to. And best of luck to us all.




          Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

          MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
          Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
          macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

          • #158290

            OscarCP said:
            This is at the price of slower response, which I have not noticed, probably for the reason that Woody pointed out: it is too small to notice during normal usage of the browser.

            What is your Win OS & CPU model ?

            It is reported that Win 7/8 (esp. Win 7) & older CPUs (pre-2015) are experiencing noticeable performance hits (at least 20% slowdown, CPU spikes) after installing the microcode update &/or Meltdown kernel patch.

            For instance, Epic Games observed its servers’ CPU usage going from 20% to almost 60% after applying the Meltdown kernel patch. (Well, this is certainly a risk factor for literal hardware meltdowns …)

            Epic Services & Stability Update (05 Jan 2018)

            Meltdown: Epic Games blames bug fix for online game slowdown (The Guardian – 08 Jan 2018)

            Perhaps you can try watching Youtube/Vimeo videos, & play some moderate to heavy-duty online HTML5 games (eg. at itch.io) to see if these activities result in any noticeable negative impacts (eg. browser lag, higher CPU usage, heat issues).

            In addition, in 2 weeks from now (your timeline), you may wish to carry out the test again after you:

            • patch your CPU with the updated microcode
            • install MS’s Meltdown kernel security update (03 Jan 2018)
            • install 08 Jan 2018’s MS .NET Framework security updates (prerequisite: same compliant registry required as Meltdown patch, suggesting that these updates contain some Meltdown/Spectre fix as well)

            Possible Test Setups:

            • Run the aforementioned browser test with & without any MS .NET application &/or runtime optimization running at the same time.
            • Use MS .NET-dependent multimedia player to play local & streaming audio/video files.
            • Use a MS .NET-dependent video editor to edit & transcoding video file.
            • Use a MS .NET-dependent text editor to view a large text file of more than 50 MB (eg. logs, HOSTS file).

            Reasoning:  Each patch supposedly has its performance impact (theoretically up to 30% each), right ? Are the impacts additive ?

      • #157914

        Regarding the Verge article: MS is being transparent? Tell that to the owners of devices with AMD chips.

    • #157909

      In light of today’s patches, what is the defcon level?

      On permanent hiatus {with backup and coffee}
      offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
      offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
      online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender
    • #157923

      Well that’s quite the haul to start 2018 off with:
      Win7Prox86 Off2010 grand total 124.3mb 8UD (all fully patched excluding some of the usual omissions)
      Win7Prox64 Off2010 ” ” 449.4mb 9UD
      Win8.1 x64 Off2010 ” ” 609.7mb 7UD
      Win10Prox64 Off2016 (There’s still a slew in there from Office patch Tuesday last week mercifully any UD’s patches on hold for 30 days)
      Going to be some fun installing that lot looks like as usual I shall be waiting for the “howls of protest or the nods of approval. 🙁

    • #157939

      Just FYI I installed the January monthly security roll up when Woody mentioned he was installing it on his machine and so far everything is ok. I have an older Compaq HP laptop running Win7 SP1 with an Intel Celeron 900 processor @2.2 ghz. And the graphics card is by Intel as well I think. I’m now part of Group A after spending some time in Group B.

      I have a question about a different topic – I never use IE and have Chrome set as my default browser. I haven’t kept IE updated at all – do I still need to do this even if I don’t ever use it? Hope this isn’t a dumb question – I’m not a techie, alas!

      • #157944

        If you are installing the Rollups as part of Group A, you are already keeping IE up to date. The IE11 update is part of the Rollup.

        1 user thanked author for this post.
    • #157951

      PKCano – thank you for the answer on keeping IE updated. Glad to know the monthly security roll ups include updates for IE!


    • #157953

      For the 2018-01 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055269) https://www.catalog.update.microsoft.com/Search.aspx?q=4055269, which KB numbers correspond to which versions?

      kb4054176 / kb4019990 for 3.5 and kb4054183 / kb4054172 for the 4.x versions?


      • #157959

        How to get the right version of .NET Security-only patch(s) for your version(s) of .NET on Win7

        Search for 4055269 in the Catalog
        Instead of clicking on “Download,” click on the title of the patch (on the left).
        In the box that pops up, click on “More information” (on the right).
        Scroll down and note the KB number(s) for the version(s) of .NET you have installed.

        Go back to the Catalog and download the ones you need (the KB number is in the file name).

        3 users thanked author for this post.
      • #158301

        anonymous #157953 said:
        which KB numbers correspond to which versions?

        When such a question is asked here (& elsewhere) so frequently, it is probably a sign that MS needs to make its Update Catalog more user-friendly & upfront, so that users don’t have to second-guess, ask around every month, open extra popups for cross-referencing (popups may be blocked by the browser) , or google the each & every mysterious KB number.


        • KB 4054176: MS .NET 3.5.1 Security Only Update
        • KB 4054172: MS .NET 4.5.2 Security Only Update
        • KB 4054183: MS .NET 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 Security Only Update
        • KB 4019990: d3dcompiler_47.dll
          = prerequisite for MS .NET 4.6.x, 4.7.x Security Only or Rollup Update (& also MS .NET 4.7.x runtime installer) on Win 7


        Regarding the runtime installer itself, note that .NET 4.7.x replaces (supercedes) all previous .NET v4.x versions. So if an application requires .NET v4.0 or v4.5.2 or v4.6, they will all run successfully with just .NET v4.7.x installed on the system.

        However, if an application requires .NET 3.5 or .NET 3.5.1, you need to have .NET 3.5.1 installed (or enabled) to cover these 2 runtime versions, because .NET 4.x is not backward-compatible with earlier versions.

        1 user thanked author for this post.
    • #157960
    • #157962

      I have a windows home server 2011 and i am not getting the kb4056894 monthly rollup and meltdown patch.  I have defender on the machine which i believe came with whs 2011 but i don’t see the updated registry key.  Would anyone have any ideas as to what I should do to get my server patched.

      • #157969

        Windows Defender does not qualify as an anti-virus program on Win7. It is an older product than Defender on Win10, and does not run in the background.

        What AV program are you using. It will need to set an Allow Regkey in the Registry to certify compatibility in order for you to be able to receive kb405689.

        Also, be aware that if you have an AMD processor or graphics card, you may get a BSOD that renders your computer non-bootable after installing the update

        2 users thanked author for this post.
        • #157973

          I have Windows Defender which came with Windows Home Server 2011.  It’s an older HP Windows Home Server with an intel processor, upgraded to WHS 2011.  I seem to still get the other January updates but not the rollup one.  I’m not sure how or if i should try to appy the registry fix.

      • #157982

        You can manually create the Registry key (at your own risk) using Regedit.exe
        If your server is 32-bit, protection is not provided.
        Microsoft gives these instructions.

        Contact your Anti-Virus AV to confirm that their software is compatible and have set the following REGKEY on the machine


        Value Name=”cadca5fe-87d3-4b96-b7fb-a231484277cc”




    • #158019

      Woody wrote:

      There’s some confusion about the Equation Editor vulnerability. You may recall that the original hole, CVE-2017-11882, was patched in November. This new patch, for CVE-2018-0802, takes the nuclear option — it removes Equation Editor from Word. @yuhong2 advises on Twitter that the Eqn Editor EXE turns into 0 bytes, so it’s even dead with WordPad.

      So I went to read up on this CVE-2018-0802 by clicking on the link provided, and MS is asking me to accept a EULA to read the description. Say whaaaat??!?

      My thanks to Woody for warning that this patch obliterates the Equation Editor. My work would become impossible without something like the Equation Editor, so I will either have to pass on this update or find something to replace it. Anybody have suggestions?


      2 users thanked author for this post.
      • #158036

        Though I have not personally used it, a former physics professor has spoken highly of the formula editor in LibreOffice, Math: https://alternativeto.net/software/libreoffice-math/.

        4 users thanked author for this post.
      • #158044

        try miktex.org. It’s a free equation editor that supposedly will do everything LaTex will do. It runs on Windows, Macs, and Linux. At one time LaTex was THE standard for this sort of thing.

        There are also a bunch of free online LaTex equation editors, and a bunch of other equation editors can be found just by googling ‘equation editor’

        5 users thanked author for this post.
      • #158215

        I appreciate the suggestions given above, and I haven’t ever used anything beyond a few uses with the LibreOffice capability. I haven’t had to rely on anything to produce published work.

        But I have a general level question. Microsoft products get press because of the entity that published it. Very little concern is given to smaller solutions, even when they produce better results. But similar functions are often the result of similar code, whether by innocent imitation, standard practices, or blatant ‘borrowing’ of code. The last one is usually taken from the little guy by the big guy.

        Have the tests that found flaw in Equation Editor been applied to these substitute solutions?

        I did not do the leg work, but thought the answer may interest other readers as well.

      • #158292

        @Cybertooth and @Paul:

        I don’t know the answer to your question. LaTex was – and maybe still is – the gold standard for mathematical word processing, much easier to use than anything MS has ever put out. mikTex is free and also extremely good.

        : Another option for you might be one of the standard mathematical packages like Maple, Mathcad, Mathematica, etc. They all have equation editors and technical word processing capabilities that can produce publication quality material. The full packages tend to be pricey, but all 3 of the above at one time sold student packages that had the same equation editor capabilities although they were more limited in what they could do mathematically. Mathcad had a free version and I think still does, that was excellent.

        Upshot is that with not much work I think you’ll be able to find an excellent equation editor in whatever price range you need, and in all likelihood will be FAR superior to anything MS ever dreamed of putting out. (And no, I’m not ragging on MS, it’s just fact. The MS equation editor was fine for the intended audience – folks who needed an occasional equation.)

        2 users thanked author for this post.
    • #158020

      Also, be aware that if you have an AMD processor or graphics card, you may get a BSOD that renders your computer non-bootable after installing the update

      In the avalanche of discussion, I must have missed the part about BSODs on machines that have an AMD graphics card. What’s the recommendation for the owner of a PC with an Intel CPU but an AMD GPU?

      • #158071

        There were reports of BSOD on some PCs with Intel processors and AMD Radeon Graphics cards. Which ones are affected I do not know. Check AMD,  your OEM, Google search, etc. There is at least one report here on AskWoody in recent blog comments.


        Edit to add link

        2 users thanked author for this post.
        • #158092

          Based on the Detectoid i sniffed on Windows 8.1, these are excluded:
          AuthenticAMD Family 4 Model
          AuthenticAMD Family 5 Model
          AuthenticAMD Family 6 Model
          AuthenticAMD Family 15 Model
          AuthenticAMD Family 17 Model

          2 users thanked author for this post.
      • #158217

        Core i7-930 with amd 5970+5870 in tri-fire config… no problems found here.

        1 user thanked author for this post.
        • #158316

          Jan K. said:
          Core i7-930 with amd 5970+5870 in tri-fire config… no problems found here.

          Thanks for your feedback. Reassuring to know that at least 1 system with an older Intel CPU & an older AMD GPU has been not killed by MS’s Meltdown kernel patch (… I assume this is what you installed).

          For statistical reference:

          • Intel Core i7-930 CPU: released in Feb 2010
          • AMD Ati Radeon HD 5870: released in Sep 2009
          • AMD Ati Radeon HD 5970: released in Nov 2009

          Has the OEM or source of your Intel CPU provided a microcode update for the Meltdown-Spectre kernel bug ?

          Based on your CPU & GPU specs, it seems your system is set up for serious gaming &/or intensive graphics-related tasks. Apart from no BSODs upon bootup so far, have you experienced any slowdown, CPU spikes, increased heat, &/or instability after applying the recent update (presumably only the Meltdown KB patch) ?

          If not, perhaps it helps to have higher-end CPUs & GPUs, even if they are older models.

          • #158479

            Nice to see, how old my setup is! 😀

            I haven’t measured it, but nothing feels slower than usual = everything’s running very well. Temps are still kept at ~34 C… will check for “spikes” next time, I have some work to do.

            Using MSE btw. and all updates except latest bunch have been applied.

            I have backups up to date and since I only do full system backups (not incremental), I can always insert my Acronis restore boot disc and roll back to any stable date by choice in less than 10 minutes…


            Re. micro code for cpu… doubt that’ll ever happen. Noticed someone mentioned we’ll have to upgrade old hardware, so when Intel in a couple or three years from now releases a “safe cpu”, I’ll consider it. But as a Group L user, there certainly isn’t anything, that can make me panic.

    • #158056

      I still haven’t received KB4056892 on my Intel Celeron notebook. The Registry key is present and I did receive the Flash Player update and MRT. What could be wrong?

    • #158100
    • #158102

      Speaking of Graphics Cards, I have a Zotac GeForce GTX 560 Ti based on the Nvidia chip. Internet reseach says Nvidia makes its chips, elsewhere it says they are made for them.

      Anyone know if AMD is involved.

      I have an Intel Core i7 CPU and have received the checked January monthly update. Not sure if MS is checking system for all chips or just CPU?

      • #158224

        Given that the discrete PC graphics card world (not workstation) is an nVidia/AMD choice, I am sure AMD has nothing to do with any nVidia hardware.

        That is not to say that a sub-component manufacturer X does not supply both AMD-based and nVidia-based card manufacturers with appropriately specced sub-components.

        I have not seen any reports attributed solely to an nVidia graphics card.

    • #158258

      I like to make a point about about the regkey: it’s not a failsafe as Microsoft wants it to be. I have a laptop using old versions of Avast for Antivirus and Comodo for Firewall. That means I have 2 AV vendors, 2 solutions. Avast added the regkey with a microupdate without making me upgrade to a new version. On the other hand, Comodo washed their hands and say I should update to the lastest version or take the risk. So, even if you get the regkey, you may end up with BSODs because of other software or kernel mode drivers installed in your system.

      • #158264

        The other side of that coin is, that the LACK of the Regkey does NOT prevent the manual installation of the update. I downloaded and manually installed updates on Win7, Win8.1 and Win10 1709 with no Regkey set.

        And, there is nothing to keep you from setting the Regkey yourself.

    • #158277

      Trying again. I appreciate the help with the previous answers but I know which versions of .Net I have but need assistance with the specific question.

      For the 2018-01 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055269) https://www.catalog.update.microsoft.com/Search.aspx?q=4055269, which KB numbers correspond to which versions?

      kb4054176 / kb4019990 for 3.5 and kb4054183 / kb4054172 for the 4.x versions?


      Reply https://www.askwoody.com/forums/topic/january-security-patches-are-coming-shortly/#post-157959 does not work on my end because http://support.microsoft.com/kb/4055269 does not load (something support.Microsoft wants apparently is blocking it from loading). If anyone might not mind taking the same amount of time answering kb4054176 / kb4019990 for 3.5 and kb4054183 / kb4054172 for the 4.x versions it would be appreciated.

    • #158503

      Is there any explanation why “Monthly Rollups” and “Security-only updates” (KB4056894, KB4056897, KB4056895, KB4056898) are not mentioned among other patches in the

      Description of Software Update Services and Windows Server Update Services changes in content for 2018 ?

    Viewing 25 reply threads
    Reply To: January security patches are coming shortly

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: