MS-DEFCON 2: Check to ensure your system is locked down

Topic

New Reply

Black Tuesday is upon us, once again. Heaven only knows what it’ll bring. Make sure you have your Vista, Win7 and 8.1 Windows Update set to “Notify bu
[See the full post at: MS-DEFCON 2: Check to ensure your system is locked down]

Reply | Quote

Replies

Tip of the Day !
Take and save a ‘Hidden Updates’ screen-shot ‘CTRL – PRTSC’. Check it in any image-viewer you have in your pc.
Now you’ll know how many times an ‘update’ has been around the block. Seen it before, seen it again ?
I keep x2 shots in ‘WORD’, easiest way to keep track of MS’WHEELER-DEALING’.
Be safe out there.
Nil illegitimi carborundum. AK

Reply | Quote

Windows 7 x64 hp – updates set to ‘never check for updates’ (I do it manually)

Hidden updates – 2952664, 3021917, 3035583, 3068708, 3075249, 3080079, 3080149 and 3112343.

Call me a prophet of doom this month if you like.

Last Tuesday, 3 optional updates came down the chute (including another version of 2952664 – hid that straight away and had 2 x 2952664 on the restore list). By Friday, it was 1 x 2952664 on the restore list and only 1 optional update. Today, 2952664 disappeared completely from the restore list and no optional patches at all.

“Toto I’ve a feeling we’re not in Kansas anymore… We must be over the rainbow.”

Reply | Quote

Lo! In checking Windows Update earlier this morning, after having been present for several days, KB3135445 is no longer being offered (it had been optional, and was neither installed nor hidden).

What say Woody?

Reply | Quote

No idea. Might’ve been pulled for re-release today.

Reply | Quote

There’s no place like home; there’s no place like home; there’s no place like home…

Reply | Quote

Just a guess based on previous months experience. It will be promoted from Optional to Important or in WSUS wording Critical Update. It looks harmful and potentially useful though.

Reply | Quote

Nineteen fresh updates today. Mostly security updates, one Windows general update.

Windows 8.1

Reply | Quote

Bingo! A scan after today’s updates went live results in KB3135445 again being offered as an option.

Reply | Quote

What about an upgrade to Windows 10, have you been offered that today?

Reply | Quote

Sixteen security related updates came down the pipe today on my 8.1 system (including a cumulative for IE and malicious software tool for Windows. I don’t think I’ve ever received that many at once before. Microsoft wouldn’t try and hide any Windows 10 upgrades in the security KBs, would they?

Reply | Quote

Naw. As far as I can tell, the security KBs are sacrosanct. They just had a lot of security problems to clear out this month.

Reply | Quote

Included in the Feb updates is an unannounced update KB3141092.

It appeared with the listed ones, and installed itself without any info attached.

I’ve uninstalled it, pending more info.

Anyone know what it might be ?

Reply | Quote

@Seff

No, I did not (yet). The general Windows update is to fix a logon freeze when the password is changed.
Maybe next month.

Reply | Quote

MS has now published the KB3141092 info.

Known issues in this security update 3134814
After you install this security update for Internet Explorer 11 on Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows 8.1, or Windows Server 2012 R2, sites that are specified in the Enterprise Mode Site List may not load in Enterprise Mode. To resolve this issue, install update 3141092.

Reply | Quote

So, I installed all 16 of the security updates, but now I’m seeing a “hotfix” (KB3141092) in the installed updates. If it was one of the security updates, it wasn’t listed as a hotfix in the title. Is this anything to be concerned about? Thanks, Woody!

Reply | Quote

Not sure as yet – I’m still at MS-DEFCON 2, and don’t recommend that anybody install ANY updates. It’s much too early to tell.

Reply | Quote

I installed the “safe” patches on my Win7 Pro box and Action Center said there was an unresolved issue.

In my user temp folder were files that wanted to make changes with explorer.exe.xml

Deleted the entire folder and error went away, with no ill effects.

On my Win7 Home laptop, many updates did not install and on every reboot they tried to reinstall. Update list showed them as pending.

Downloaded the patches manually as standalone installers and each one showed as N/A for my computer.

Have hidden them, but can’t understand why they showed as critical updates if they are not for my laptop.

Go figure!

Reply | Quote

KB3135445 for Win7 is no longer an “Optional” update but an “Important” update when obtained & installed from Windows Update on Feb. 9 and later.

Reply | Quote

On Windows 7 with Office 2010, today’s batch of patches restores the bad Outlook meeting issue where meetings that span midnight display as events. I haven’t been able to track down which patch returns the bad behavior.

Reply | Quote

As reported by Jon999_999_99999-999_99 on the MS Thread about the Outlook problem introduced by Microsoft Outlook 2010 Update KB3114570, the bad Outlook meeting behavior is reintroduced today by Outlook 2010 Update KB3114756; which now must also be removed and hidden.

Reply | Quote

Thanks for the update!

Reply | Quote

I had a busy month and didn’t get most of the January updates installed. Now some that wete there are not listed with the new February updates. Should I assume all is well and not worry about the ones that vanished overnight?

I did not get the January IE 11 update Kb3124275 installed. Now it is gone and the February IE 11 cumulative patch kb3134814 is the only one listed. Should I go to MS and download Kb3124275 separately and before the February IE 11 cumulative patch kb3134814, or will the new one take January into consideration? I’d like to wait a bit on the February IE update.

Thanks!

Reply | Quote

If a patch doesn’t show up on Windows Update, dont’ worry about it.

Patches get superseded all the time.

Reply | Quote

Hello again…… I was checking up on the
updates for Win8.1 just now and researching
online and went into https://www.microsoft.com/en-us/download/details.aspx?id=49283 (a link from search engine StartPage..
and it is a blatant invitation to download WinX and just below the image was written
“Update for Windows 8.1 (KB3084905)”
what the heck does all that mean….. that was
the kb I was trying find out about.
most bewildered!! Is is or isn’t it something I need to avoid. And is this a new strategy from MS I wonder. Either way I don’t like it one little bit!! I think I will give this patch a miss. Thought to share this with others.. LT

Reply | Quote

Not sure I understand. 3084905 is an October patch for the TPM chip. No problems with it that I know about.

Reply | Quote

All.
The following link appeared online.
MS Windows 10 update history.

http://windows.microsoft.com/en-us/windows-10/update-history-windows-10?tduid=%284448e6b807510c1a60db3d3c9c303a32%29%28256380%29%282459594%29%28TnL5HPStwNw-2SIAW1ixXkGZwdW8aotUZg%29%28%29

They really ought to have a link to their ‘Other Operating Systems Updates’, so people can see what they’re installing ?
Regards AK. Nil illegitimi carborundum.

Reply | Quote

Yep, that’s the site I discussed in http://www.infoworld.com/article/3031366/microsoft-windows/microsoft-releases-windows-10-build-10586104-cumulative-update-9-kb-3135173-with-changelog.html and http://www.infoworld.com/article/3032186/microsoft-windows/why-windows-10-users-should-care-about-the-azerbaijani-manat.html

Reply | Quote

Well I’ve sort of calmed down after that initial shock at seeing that WinX bit…. but I’ve got to say that KB3084905 is sitting on our Win8.1 windows important updates. And if you say its ok then I’ll go with that.
Also that page is not the sort of page that you usually see info from MS……..at least I haven’t.
And I have kb3123862 and kb3135449 & both are described as Windows update clients….and that is concerning me. And more importantly KB2976978 is also sitting as an important update. and that one is definitely a GWX one But as you say………. don’t do any patching for a few days…….. and that is exactly what I will do….. Thank you Woody for being that Beacon…… it is much appreciated. LT

Reply | Quote

As of this posting, I have seen no way to do a standalone install of the Windows 10 Flash Player Update dated February 8th or 9th, 2016. If all the pending updates (including CU 9) aren’t applied, I see no way to update Flash Player in Windows 10 for Edge or IE 11 to the current version. I see only an all or nothing option.

Not sure this Flash Player update is security related anyway. It looked a week or two ago when it was offered to all other browsers as if it were only a stability release. But Microsoft at Microsoft Support as if Bulletin MS16-022/KB 3135782 is in their opinion a “security update”. It is not available for Windows 10 outside of Microsoft Update.

https://support.microsoft.com/en-us/kb/3135782

It would sure be nice if there were a direct link to a stand alone installer for the Flash Player update for Windows 10. (Two links, one for 32-bit and another for 64-bit versions.) Previously, .msu installers were available for these Flash Player patches, and they worked in Windows 10.

Reply | Quote

Looks like MS has changed the way it’s issuing KBs for Flash Player updates, as well.

It’s further evidence of the monolithic patching approach in Win10. http://www.infoworld.com/article/3032186/microsoft-windows/why-windows-10-users-should-care-about-the-azerbaijani-manat.html?nsdr=true

Reply | Quote

Hang tight. Many shoes have yet to drop.

Reply | Quote

So with IE 11 and Edge under Windows 10, we’re damned if we hold off on a Flash Player patch, and damned if we don’t. Nice.

Reply | Quote

Hello Woody,

If you feel this appropriate to post, then in her Patch Watch column for Windows Secrets yesterday, Susan Bradley is recommending the installation of February’s SECURITY-RELATED patches, including the .NET patches in MS16-019 and the updates for Office in MS16-015, when offered; there are a few exceptions:

* Hold-off installing KB 3134214 (MS16-018), a Windows kernel update, for a couple of weeks, when she’ll revisit it.

* Desktop Windows users can skip KB 3134222 (MS16-020) and KB 3134222 (MS16-020); server administrators can deploy them after testing.

* As for the optional non-security updates, including those MS have moved from optional to recommended, hold-off on their installations until she revisits them in her next Patch Watch column.

Reply | Quote

Well, here’s a fun one. I had unchecked the box for checking for Windows related products before this past Patch Tuesday and then realized I probably should install any security updates that might pop up. After I checked the box and ran the check, a huge number of Microsoft Office 10 updates came up as important updates, but when I proceeded to install only the security related ones that I had specifically checked, it downloaded and installed all of them! I tried to uninstall the updates individually, but every time I uninstalled one, the number of updates shown on my system increased by a factor of 4 or 5! Also, older updates no longer showed up on the list…all the installed updates for Microsoft Office now only showed yesterday’s date! I finally gave up and installed everything and then unchecked the check box for Microsoft related products updates. So far, no repercussions, though I’m unsure how this affects privacy, if at all. If anyone else has experienced this, please share. If any or you were considering updating your MS Office KBs, consider yourself warned.

Reply | Quote

I have no problem posting a synopsis, but people who want to rely on Susan’s observations should subscribe to Windows Secrets Newsletter. Much has changed at Windows Secrets – you can only see Susan’s columns by paying for an annual subscription, and the price is now fixed at $25/year.

As noted earlier, I’m no longer associated with Windows Secrets Newsletter

Reply | Quote

Thanks, Woody.

Knowing that Susan’s column is paid content for us subscribers, I was hoping that the bottom-line recommendations could still be shared to benefit others, without violating propriety. (And please know that you are missed by more than one reader… .)

Reply | Quote

I successfully installed all of Tuesday’s updates, and there is no sign of Windows 10 or the GWX icon. The only problem was with KB 3134214 which takes a long time to restart, so much so that I aborted the installation after ten minutes (I was installing this one update).

It messed up my computer a bit, but I was able to recover. When I checked the update history, I noticed that KB 3134214 was awaiting restart and that I had acquired a hotfix. I restarted, but nothing happened with the update.

I reset Windows update, and checked for updates again. I found that I had to reinstall the updates I had previously installed, which I did, omitting KB 3134214.

Today I reinstalled KB 3134214, and at the restart phase, I again got the wait circle.
But after about five minutes, KB 3134214 did install.

I guess I was too impatient the first time.
But all’s well that ends well.

Reply | Quote

Got 19 patches, mostly security, removal tool and a lot of security patches for Office. (Still) hidden are 2952664, 3035583, 3112343, 3123862 and 3135445. Funny: when I started up the pc, it said there were no hidden updates at all. No flags from GWX CP, everything seems te be working normal. Which is a relief, because what one of the other commenters said- stone heart pit in stomach, something like that- that is how I feel every time is is Patch Tuesday again too.

Reply | Quote

Started up the pc… This was before downloading and installing the patches.

Reply | Quote

Annemarie: “… when I started up the pc, it said there were no hidden updates at all.”

I got that same “UH-OH!” feeling when that happened to me. But after doing a “Scan for Updates”, I took another look and the list of hidden updates got refreshed and all of them were still there.

Reply | Quote

Can anyone confirm that the February IE 11 cumulative update installs windows 10 stuff like GWX nagware, etc.on Windows 7? There sre reports of this on the web. I do not have give me recommended updates checked.

I am also wondering if anyone can explain to me why my Windows 7 Home Premium is receiving updates meant (from whst I read on the web) for IT professionals. I have been sent Kb3102810 and 3223479. I don’t have a group policy editor as far as I can tell and I am not set up as a Domain. I just don’t understand what is causing these update offers if they are for IT professionals. Can this be related in some way to my cable service provider?

Thank you for the help.

Reply | Quote

I haven’t seen any reliable reports that the Feb IE 11 update installs GWX. Can you point me to a site?

Kb3102810 is a Windows Update services patch. It’s for everybody.

You don’t need Group Policy to implement any of this stuff. Nope, it isn’t your cable service provider.

Reply | Quote

I think we all know there is a lot of mis-information swirling about. That is why many of us come here for verification.

For some sites that report the IE cumulative update for February:
Windows 7 forums:
http://www.sevenforums.com/windows-updates-activation/391443-kb3134814-update-ie11-installs-w10-icon.html

Another:
http://wikipost.org/topic/y3j4luhqkcmcgBlyf2DyVhK75DU7LJAM/KB3134814-update-to-IE11-installs-W10-Icon.html

and there were a few other sites.

From the forum notebook review site the one of the two KBs I asked about, kb3102810, are associated with win 10 Upgrade per the long list at http://forum.notebookreview.com/threads/windows7-8-updates-to-hide-to-prevent-windows-10-upgrade-disable-telemetry.780476/

Kb3102810 does improve wait while searching for updates, but reportedly has Win 10 upgrade preparation for Win 7.

Should it be avoided? I feel as if there are many extremists and tin-foil hat types out there, yet I don’t want Win 10 on my old slow Win 7 with only 2G RAM.

Kb3123479, for which I mis-typed earlier typing with my fat thumb on my cell, is reported for IT professionals per A J North January 14:

https://www.askwoody.com/2016/ms-defcon-2-partys-over-make-sure-youre-locked-down/

So, again, I am curious how to deal with it–yet, as you have said you have not changed your rating–we are still at Defcon-2.

Reply | Quote

Best to wait until I have a chance to go over all of them, and re-set the MS-DEFCON rating.

But I’m reasonably sure that the Windows Update improvements do, in fact, improve the operation of Windows Update. They also make it easier to install Windows 10. But as long as you’re using GWX Control Panel, that should never be an issue…

Reply | Quote