January’s patching cyclone

Topic

New Reply

PATCH WATCH By Susan Bradley We’re a bit soggy and wet at the AskWoody Tech LLC Global Headquarters here in central California. We’ve had nearly a wee
[See the full post at: January’s patching cyclone]

Susan Bradley Patch Lady

8 users thanked author for this post.

cesmart4122, SueW, lmacri, DLivesInTexas, Average-Jane, geekdom, abbodi86, Alex5723

Reply | Quote

Replies

What’s the advice about the (deferred) november / december updates for Domain Controllers?

Reply | Quote

I approved them at the end of December. At this point in time I’d probably wait until the end of January until the January approval time.

Susan Bradley Patch Lady

Reply | Quote

By the way, I’m finding annoying problems with outlook on Ios for phone and iPad after upgrading to 16. 16.2 “may” fix it but haven’t used it enough yet to be sure. It is reproducesble on any given day.

Moving between to field and message body irratically works or not and only a reboot seems to fix it. However the problem does seem to return.

Reply | Quote

I am curious about the details:

Here’s an extra warning about this problem. Chromium (not Chrome, the browser) is effectively part of the operating system. So be careful, especially when surfing the Web.

If it is in the OS, it is fine; what concerns me is if it is storing data / information in a place where I can not delete.

Reply | Quote

I ended up rolling back the latest patch, 22H22

After installing it I found I could no longer open any videos or movies that were on my computer.

It would grind away and then say something like (Can’t remember the exact words)

“Can’t find server”

then “Timeout

Works fine after the uninstall

Reply | Quote

What app were you opening them up with?

Susan Bradley Patch Lady

Reply | Quote

In the full text of January’s Patching Cyclone, Susan said:

For those still wanting to run Windows 7 after its end of life, heed my warning: treat the Web as suspect and potentially malicious. Use anything other than an unpatched operating system to surf the Web.

I had a question about that. First off, I do have two Windows 10 laptops – fully patched and running with no issues. I also have an older Windows 7 Thinkpad that I’ve not used much since getting the new Win 10, but I do like to turn it on and let it run occasionally.

My question – my Win 7 laptop has the Pro version of 0Patch on it, but that subscription expires in February.  Does having and updated version of 0Patch count as “fully patched”?

I am wondering if paying for another year of 0Patch, plus using updated versions of Firefox and Thunderbird, along with prudent web use, might be enough to protect that laptop for limited use. I also have ESET Internet Security on it, along with Malwarebytes AE.

I know that MS support for any type of patching for Win 7 has ended, and I don’t use it often now, but was in somewhat of a quandary as to whether another year of 0Patch might give me some security for occasional use.

I do understand the risks, and would not do any type of financial, commercial or sensitive web activity, but hoped I could keep it running occasionally just a bit longer.

Thanks for any advice or suggestions.

 

 

Reply | Quote

LHiggins wrote:

Does having and updated version of 0Patch count as “fully patched”?

No.

0Patch doesn’t re-patch Microsoft’s patches.
0Patch Pro require fully patched Windows 7 to function.

Reply | Quote

Alex5723 wrote:

0Patch Pro require fully patched Windows 7 to function.

So are you saying that 0Patch isn’t really protective? I’ve used 0Patch for several years since the first Win 7 EOL, and had always thought that it did take on the patching needs that MS was no longer offering. WHen I first started with 0Patch, I did get whatever was the last Win 7 update, and that met their requirements for what patches I needed from MS before 0Patch “took over.”

Thehn, maybe my question should have been, does having 0Patch Pro and getting their patches as often as they send them give me some protection for the Win 7 laptop?

Thanks!

 

Reply | Quote

LHiggins wrote:

and had always thought that it did take on the patching needs that MS was no longer offering.

It does only if your Windows 7 is patched up to date Jan 14 2020 .

Reply | Quote

Alex5723 wrote:

It does only if your Windows 7 is patched up to date Jan 14 2020 .

Yes, mine is – and I’ve had 0Patch since then. So it should all work as before. I was just wondering if I should renew my license for another year given that Win 7 is now completely EOL.

Reply | Quote

Firefox, Chrome, and some other browsers are supposedly not going to be supported on Win7 and Win8.1 in the near future. You will need to find a browser that is still supported to be secure.
You will also need to have AntiVirus that supports Win7.
Is oPatch going to keep patching Win7 after MS stops?

1 user thanked author for this post.

LHiggins

Reply | Quote

Thanks PKCano! I think that I have most of that sorted. 0Patch will continue to support Win 7 for 2 years according to their blog:

We have decided to keep providing security patches for Windows 7 and Windows Server 2008 R2 for critical vulnerabilities that are likely to get exploited…

Q: How long do you plan to provide critical security patches for Windows Server 2008 R2 and Windows 7 after January 2023?

<i>A: For at least two more years – until January 2025. Depending on the demand, we’ll consider a further extension.</i>

ESET has full support till October 2023 and limited support till Oct. 2024.

I believe 0Patch is going to support Edge for Win 7 as well. I also think that Firefox hasn’t given a definitive  date, so it may continue to work, or I may use Opera, which may also be an option.

I’m not really planning in using the Win 7 laptop very much, and it seems that it may be mostly secure, so I guess I will go ahead with renewing my 0Patch Pro on that laptop for another year. Maybe they’ll adopt Firefox or Chrome for Win 7 as well.

Thanks for the reply. Helped me to focus on what might be needed and check into the possibilities.

 

Reply | Quote

And just to confirm – Mitja from 0Patch emailed to say this:

Yes, our support for Windows 7 continues for two more years.

Thanks,
Mitja

So 0Patch is definitely going to continue Win 7 support through 2025.

Reply | Quote

Windows 11 Cumulative Update Previews 2023 are here:
https://www.catalog.update.microsoft.com/Search.aspx?q=windows%2011%20preview%202023

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1413 x64 i5-9400 RAM16GB HDD Firefox112.0b3 MicrosoftDefender

Reply | Quote

LHiggins wrote:

And just to confirm – Mitja from 0Patch emailed to say this:

Yes, our support for Windows 7 continues for two more years.

Thanks,
Mitja

So 0Patch is definitely going to continue Win 7 support through 2025.

Yes, they will. The big question is who will alert 0Patch to new Windows 7 bugs.
Maybe 0Patch will rely of Windows 7 enterprise security announced bugs and fixes.

1 user thanked author for this post.

LHiggins

Reply | Quote

Alex5723 wrote:

Yes, they will. The big question is who will alert 0Patch to new Windows 7 bugs. Maybe 0Patch will rely of Windows 7 enterprise security announced bugs and fixes.

Good question! Hope they have that figured out!

Reply | Quote

LHiggins wrote:

I am wondering if paying for another year of 0Patch, plus using updated versions of Firefox and Thunderbird, along with prudent web use, might be enough to protect that laptop for limited use.

@lhiggins, those measures should together provide good protection for your Windows 7 laptop.

There are further steps you can take to toughen up its defenses, as detailed in this thread.

As OS patching and application updating slowly come to an end for Windows 7, those particular layers of defense will inevitably weaken, but there is still plenty that can be done in the way of effective protection. Malware protection relies increasingly on detecting and then blocking unusual or unauthorized actions by processes that are running on our computers.

Some security software will pop up a notice for the user to approve a process or to confirm its interruption (think “User Access Control on steroids”). Of course, this approach requires a greater degree of involvement and awareness by the user, but in my book this is a good thing anyway.

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

1 user thanked author for this post.

LHiggins

Reply | Quote

Cybertooth wrote:

those measures should together provide good protection for your Windows 7 laptop.

Thanks so much! I will read through the thread you sent as well. I really don’t plan on using it much, but there’s a lot still on it that I may want to access, and just wanted to have a little peace of mind that it still might be safe given the things I’ve done to “protect” it.

PKCano wrote:

Firefox, Chrome, and some other browsers are supposedly not going to be supported on Win7 and Win8.1 in the near future. You will need to find a browser that is still supported to be secure.

Seems that the browser is going to be the main sticking point, but again, I do have other options with the 2 Win 10 laptops that I have, so that should be manageable as well.

Thanks again for the reply – much appreciated!

1 user thanked author for this post.

Cybertooth

Reply | Quote

@LHiggins

Another thing you will need to consider is that MS has already/will quit signing the older hardware drivers on Win7 (and Win8.1) machines. This may mean that you will not be able to reinstall a driver if you have a problem or update your current driver.
That happend to me on one of my Win8.1 machines, and @Microfix has experienced it as well (don’t know if it was Win7 or Win8.1).

1 user thanked author for this post.

LHiggins

Reply | Quote

Hmmm…well, that is something I never even gave another thought to. Guess I have some thinking to do. Thanks for bringing that possibility to my attention!

Reply | Quote

Here’s where the ugly truth raised it’s head on AskWoody.

But I had already encountered it and had given @abbodi86 a heads up. So here’s my DM to abbodi86 with the links to the documentation.

1 user thanked author for this post.

LHiggins

Reply | Quote

PKCano wrote:

That happend to me on one of my Win8.1 machines, and @Microfix has experienced it as well (don’t know if it was Win7 or Win8.1).

yup, that was on Win7 Pro x86 with ESUb on my test device which has now been nuked although still have that external image at EoS pre-ESUb (yes, it’s been restore tested and works fine)

Keep IT Lean, Clean and Mean!

Reply | Quote