Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.
MS-DEFCON 2: Make sure auto updates is turned off, as MS re-re-…-releases KB 2952664 and KB 2976978Posted on woody Comment on the AskWoody Lounge
March 7, 2017 at 1:22 pm #99563
We’re seeing a replay of February’s Patch Tuesday run – Microsoft re-releases snooping patches KB 2952664, KB 2976978 Except this time it isn’t Patch[See the full post at: MS-DEFCON 2: Make sure auto updates is turned off, as MS re-re-…-releases KB 2952664 and KB 2976978]
March 7, 2017 at 2:04 pm #99572
As ch100 mentioned in another thread, these are new versions of these updates. The standalone updates were digitally signed on February 23, 2017.
Windows Update for Windows 7 shows two versions of KB2952664, both of which are classified as Optional updates, and both are unchecked by default.
March 7, 2017 at 2:16 pm #99575
March 7, 2017 at 2:33 pm #99577
v22 of KB2952664
v21 of KB2976978
March 8, 2017 at 12:19 pm #99757
Thanks to radosuaf for mentioning the 2 KB2976978 updates for Windows 8.1. Not doing Anything until woody gives the all clear… whenever that may be.
Wild Bill Rides Again...
March 7, 2017 at 2:33 pm #99578
These patches are only for Windows 7 and Windows 8, so isn’t Windows 10 still at Defcon 5?
March 7, 2017 at 2:34 pm #99583
The DEFCON number applies to all versions of Windows
March 7, 2017 at 2:52 pm #99585
Windows and Office.
March 7, 2017 at 5:09 pm #99612
I know it applies to all versions, that’s why I’m confused.
Why is Windows 10 now Defcon 2 when these new patches don’t apply to it?
Wouldn’t it make sense to have a slightly less generalized system?
March 7, 2017 at 5:11 pm #99614
It applies to ANY patches that are released until the number changes to 3 or above – any version of Windows, Office, etc
March 8, 2017 at 4:39 am #99672
You hit on one of several fundamental flaws in the MS-DEFCON system. In order to be a bit more granular, I’d have to have separate MS-DEFCON levels for Win 7, 8.1, 10 Anniversary Update, possibly other versions of Windows, plus separate levels for Office 2013 and 2016 and Click-to-Run. Add to that the distinction between Group A and Group B, and I’d spend half my life just maintaining the MS-DEFCON list.
I decided long ago to keep it simple – basically go or no-go, with a bit of nuance.
Right now, it’s safe to patch Win10 – but there weren’t any patches for Win10 in Feb (aside from the Flash update), and those who keep up on the MS-DEFCON level have had a week to get Win10 patched.
A week from now, we’ll be in lockdown anyway for all versions of Windows and Office.
March 8, 2017 at 2:42 pm #99790
You may install as you wish, but for consistency, once new patches are released, until they are proved to be working as intended, all patches are considered rated at MS-DEFCON2.
This is even more important for Windows 10 which installs all updates in one batch once the Check for updates button is clicked or the update procedure has started in any other way. It is too late to make a selection by then, unless you use special management solutions.
Currently there are new patches for Office 2013 and Office 2016 which have just been released and the recommendation for the wider public is not to install yet.
If you want my personal opinion, I think the current Office patches are not faulty, I installed them all, but I am not concerned if I have to recover or uninstall patches which may be retired later by Microsoft or cause even worse problems. I can recover from ANY problem, including BSOD. There is a recent history of faulty Excel patches which have been retired, so for most people few weeks delay is more effective than installing immediately.
As I said earlier, you are under no obligation to follow the MS-DEFCON system and if you don’t and wish to effectively become a tester for everyone else, you are more than welcome to do so and provide feedback.
However, most readers here have found the MS-DEFCON very useful.
March 7, 2017 at 2:35 pm #99584
2 versions on Windows 8.1 as well – one dated Feb 21st, the other dated “Today”.MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Gigabyte GeForce GTX 1050 Ti D5 4G * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 8.1 Pro 64-bit
1 user thanked author for this post.
March 7, 2017 at 3:13 pm #99588
Just because an update has a new version doesn’t mean the recommendation on its installation is any different. Once a dog, always a dog! If MS want to issue a new update with altogether different (and hopefully better) content they will give it a new number, and if it’s important that it should be installed they will categorise it as Important, not Optional.
March 7, 2017 at 3:44 pm #99591
Noel CarboniAskWoody MVP
I had to re-hide KB 2976978 last week when you first went to MS-DEFCON 5 Woody. Is it released AGAIN?
I wonder what good, productive things the team working on that privacy-invading stuff could actually be doing to make the OS better…
March 7, 2017 at 4:01 pm #99594
March 7, 2017 at 4:04 pm #99595
It’s Optional not Recommended, so no worries here. But I do agree there are more interesting things they could do for 8.1. Implementing Start menu and DX12 wouldn’t take much more time :).MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Gigabyte GeForce GTX 1050 Ti D5 4G * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 8.1 Pro 64-bit
March 8, 2017 at 11:42 am #99746
March 8, 2017 at 2:44 pm #99791
Noel CarboniAskWoody MVP
the re-re-re-released KB295664 & KB2976978 updates will remain Optional until March 14 (patch Tuesday of March), by then the updates will become either Important or Recommended.
As long as they’re not folded into the cumulative update…
March 8, 2017 at 3:43 pm #99813
March 9, 2017 at 8:49 pm #100123
March 10, 2017 at 9:27 am #100202
[ img ] http://www.example.com/image.gif [ / img ]
(remove all the blank spaces to make it work)
Hope this helps. 🙂
March 10, 2017 at 9:20 pm #100381
Using the same example location, this is how BBCodes format the location, using the “img” command in the text editor box:
Just click the IMG box, and follow the prompts. If you do that in a reply post, you can then copy and paste that into your signature profile, as far as I can tell. 🙂
Great theory, poor in execution! I see your frustration, and I’m trying things without success too 🙂
March 10, 2017 at 11:12 pm #100409
Many thanks Cesar and Kirsty for your help…….. trying yet again! LT
This is driving me nuts!!!! I’ve tried to link it to my dropbox and also to my website and
it’s just not working. Must be something obviously that I’m doing wrong but WHAT….. anyway
I will come back to this later and see what I can come up with. As you know Kirsty its just a simple jpeg (4k) I have tried so many variables….. I’m going cross eyed. I even put it up on my website on an html page……. but nothing seems to work. I have checked that it comes up when I call up the html page and it does….. so it’s there…. it’s just the challenge that if Cesar can do it…….. it’s possible. I will now go and catch up with stuff around the house. thanks for everything Cesar and Kirsty………. much appreciated. Onwards & Upwards LT
March 10, 2017 at 11:37 pm #100415
I only achieved success when I used a secure location for the online graphic.
There’s the secret (I hope):
[ img ] https://example.com/image.png [ /img ](minus the spaces)
March 10, 2017 at 11:55 pm #100420
Yes………. thanks Kirsty…. That’s an attachment which I can do……. but what I wanted to do as you know was to include in my signature (as Cesar has done) and then you don’t get the ‘duplication’ of details below your message about the said attachment/image. Remember I tried to do this at the early stages of the Lounge and we thought perhaps we weren’t allowed. But if Cesar can do it…….. it appears we can! Ah well! will mull it all over and try some more a bit later………… but many thanks for being there and helping out! You’re the best! LT
March 11, 2017 at 12:28 am #100422
March 11, 2017 at 8:10 am #100450
@lizzytish: try HTTP instead of HTTPS:
(And sorry for going completely off-topic. :$)
Edit: Oops, it looks like it doesn’t work, either. Maybe using a different server (some of them don’t allow hotlinking) or a different type of image (GIF seems to work fine) could do the trick.
March 11, 2017 at 8:23 pm #100608
Thanks Cesar……… I’m currently trying out the ‘gif’ idea via Dropbox…… and also giving it a little time to see if it goes through……… I remember hearing others say it sometimes is a little slow! and yesterday I tried Kirsty’s link an another server with images and that somehow worked after a few minutes! (apologies Woody for being off topic – AGAIN!) LT
PS…. Have waited for over 5 minutes…… so have reverted back to the .jpg checking that now. LT
- This reply was modified 1 month, 2 weeks ago by lizzytish.
March 11, 2017 at 8:40 pm #100612
March 11, 2017 at 8:55 pm #100614
Aw!!! would you believe I can’t see it !!!! I’ve refreshed………. maybe I should close my browser……… and if that doesn’t work ….. delete the cookies….. I’m so glad it’s finally come through….. am just going to try and see on my husband’s computer…. It will be so nice to have sorted this out!!! Many, many thanks to you and also Cesar for your help! LT
PS…… Just seen it on my husband’s computer……… woweeee! way to go! Thanks again LT
- This reply was modified 1 month, 2 weeks ago by lizzytish.
March 12, 2017 at 1:06 am #100622
Just wanted to firstly let you know what the culprit was and secondly to put all this to rest finally. I could see my signature on my husbands computer but not mine. I cleared the cache, rebooted – still couldn’t see it. I also have IE – so opened that and was able to see it! So went back to IRON/chrome – couldn’t see it……….. then checked the add-ons/plugins on IRON……. and lo and behold it was Privacy Badger that was blocking Dropbox!! unchecked that et voila…… I could see my signature. In case anyone is interested in continuing this thread about BBCoding I started a forum https://www.askwoody.com/forums/topic/bbcode-and-html-how-to/ … bascially because I felt perhaps that the subject was irrelevant to others in this particular area. Apologies again Woody if I’ve over stepped the mark and thanks to you and all the others that helped!! LT
March 12, 2017 at 2:08 pm #100698
March 7, 2017 at 5:05 pm #99607
They probably think they are improving the OS with the privacy-invading stuff. After all, they got rid of most of the QA testers to save themselves a few bucks… which means regular paying customers are now doing the beta testing, whether they want to or not. The problem is that most of them could not perform trials to narrow the scope of the bug or fill out a decent bug report to save their lives, so the monitoring and telemetry of everything that goes on in the beta tester’s Windows installation is that much more important.
It’s why MS is so dead-set against allowing people to turn off telemetry or to have control over updates (they must test the new beta releases as they come; we’re on a schedule here, you know). Even at the expense of losing a number of customers, MS forges ahead with its forced updates and its telemetry… because SOMEONE has to do the beta testing, and if we non-enterprise users aren’t willing to do that, then MS has no use for us anyway.
Taking out the spying and forced updates would be akin to a major software company “downsizing” their beta testers. That would be madness! No serious OS provider would ever send its updates out into the wild largely untested. Simply unthinkable!
March 7, 2017 at 5:30 pm #99619
You got it. Although if push come to shove, I can see how in a pinch MS would dump untested stuff on users–less unthinkable than rehiring the professional testers. Nadella would not make his bonus.
March 9, 2017 at 10:01 am #99977
rc primakAskWoody Lounger
There’s more money to be made in telemetry than there is to be lost. M$ will undoubtedly keep tracking their profit margins even more closely than they are tracking Windows 10 users.
-- rc primak
March 7, 2017 at 5:04 pm #99608
March 7, 2017 at 6:43 pm #99630
I too have TWO KB 2952664 unticked sitting in Optionals on Win7 Pro 64bit. They have different dates that they were issued on (as per everyone else.) Now I wonder why are these 2 being offered. In my mind surely one would supersede the other? No ? why would one install both ?? (Not that I would) My Win7 machine is set to Check but don’t download/install.
I’m presuming that would also be the case on my husbands Win8.1 machine, but I’ve locked that down to Never Check for updates so not able to see or want to see what’s on offer there at the moment! LT
“Unless someone like you
cares a whole awful lot,
nothing is going to get better.
It’s not.” – Dr. Seuss
March 7, 2017 at 6:53 pm #99632
When the files are two different versions (the latest is v22) they are actually two different entities with the same number. You will usually find that one is optional (probably the latest) and one is recommended (the older one). When MS promotes the latest one to recommended, it will supersede the older one and the latter will become unavailable (disappear).
MS practice has been to stage upcoming important updates through the optionals. They are optional until just before patch Tuesday release (some time Monday or early Tuesday morning. Then they disappear from the optionals and when updates are released on Tuesday they show up checked in the important list. They have peen promoted to recommended and the earlier one is retired/superseded.
Clear as mud. Right?
March 8, 2017 at 5:43 am #99685
“Then they disappear from the optionals and when updates are released on Tuesday they show up checked in the important list.”
I might add here… this only happens if you have the “Give me recommended updates the same way I receive Important updates” option checked. If you don’t have that option checked they stay put in the Optional group.
March 8, 2017 at 6:46 am #99695
Was trying to reply to PKCano’s answer and found after I had hit submit the notice came up that the comments were closed!!! Nice to see it re-opened!
Clear as mud. Right?
all I wanted to say was : Yep….. your answer was clear as mud! and that possibly sooner than later will be even clearer after the rinsing/spinning cycle in the MS Washing Machine has
finished. Thanks for replying so quickly! LT
March 8, 2017 at 4:33 am #99671
March 8, 2017 at 5:37 am #99682
March 8, 2017 at 4:58 am #99674
March 8, 2017 at 6:48 am #99696
Not really panicking just trying to get a handle on it!!! which I think I have with all your help!
March 8, 2017 at 9:28 am #99716
Sorry, no topic yet for this IMPORTANT “Windows 8.1 driver” update I received today:
Microsoft – WPD – 2/22/2016 12:00:00 AM – 5.2.5326.4762
Very strange it’s dated “2016”. Not sure what this does. Will avoid it for now.
March 8, 2017 at 10:25 am #99730
March 8, 2017 at 11:24 am #99737
This WPD Driver Update shows up as an Optional (by Recommended) update in Windows 7.
March 8, 2017 at 11:59 am #99753
Just got it posted.
Sounds like another one of those weird driver updates, like we saw in December.
March 9, 2017 at 11:11 am #99990
I got a post for this Topic that said, basically, “cant anybody say directly to MS that we dont want their furshlinger malware and spyware so maybe they would stop throwing out this kind of cr*p?” Pardon my bowdlerization.
I wanted to make “anonymous” very aware of the fact that we complain constantly, and nothing’s being done about it.
You, on the other hand, CAN do something about it. Tell your friends and neighbors – and friends’ neighbors’ car mechanics and father confessors – that there’s a problem with Windows updating, we know there’s a problem, and they can help by chiming in on any public forum. They should also be made aware of the alternatives to Windows.
March 9, 2017 at 8:30 pm #100115
Off topic a bit…. but in relation to your comments above about every one giving voice to complaints to MS. I was looking on line for some thoughts on SKYPE. I have it but don’t use it much lately, and all of a sudden MS in their wisdom have locked me out and told me I need to update in order to sign in. I have never had that from them before so was most incensed about it and shut SKYPE down. My feelings for not wanting to update to a newer version is basically I wonder if they might be including more telemetry/snooping in it. I was on a page where in 2012 SKYPE had been installed on business computers and the ADMINS were up in arms about it all….. it was rather good reading and the ADMINS were really lashing into MS and telling them not to keep repeating that this wouldn’t happen, because IT DOES. Susan Bradley too was in the conversation. (think it was a TECHNET page) Reading about it………. yes MS seems to be rather thick skinned and also seems to turn a deaf ear to all the complaints……….. even then……
We need a MISCROSOFT SPRING…… perhaps to enlighten them! LT
I know a guy who’s addicted to brake fluid. He says he can stop any time.
March 9, 2017 at 3:39 pm #100038
Well, I got those 2 PLUS updates for KB2992611 (Security update), KB2973337 (Windows update), KB3042058 (Security update), KB3172605 (Windows update). I know the ones you mentioned should be hidden, but what about these other 4? I’m thinking HIDE ! ! !
March 11, 2017 at 2:37 pm #100511
Well, it’s Saturday and I haven’t seen anything new show up on WU on my Win 7 machine. It’s still showing the January All in one roll up, Group A update. I’m a Group B’er so there’s nothing for me, but I should have gotten something for March by now. Guess I’ll check the MS Update Catalog and see if there’s anything there.
March 11, 2017 at 2:41 pm #100512
Patch Tuesday isn’t until the 14th – this coming Tues. And you don’t want to install then anyway.
WAIT for Woody to change the MS-DEFCON number to 3 or higher.
March 12, 2017 at 12:58 pm #100685
Thanks, guess I’ve got too much on my mind and didn’t look at my calendar. I’ve been using Woody’s advice for a long time and always wait until he gives the update approvals.
March 12, 2017 at 2:46 pm #100709
I have WU set to check for updates but let me choose when to download and install. Today it searched for updates…but I noticed that KB2952664 was no longer showing up in the list of Optional updates. I have never installed this and have had past releases hidden and recent ones just sitting in Optional unchecked. I noticed today that my list of hidden updates is completely gone. Microsoft must be updating so I guess we’ll see if they roll 2952664 into cumulative updates or bring it back as Optional. I checked my installed updates to be sure it didn’t get installed automatically and it didn’t. So MS must have pulled it getting ready for Tuesday’s updates. It’s not in important update list either
March 12, 2017 at 9:36 pm #100757
It is gone??? KB2976978 ????? I went to install it on my main partition as I have done with all of them and it is not there like you saw here.
I wonder what they are up to know???? On Sunday not Monday???
1. Tower Totals: 2xSSD ~512GB, 2xHHD 4TB, Memory 32GB
SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64
CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon 6880, Neither Over Clocked
2xMonitors Asus DVI, Sony 55" UHD TV HDMI
1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.
March 14, 2017 at 12:01 am #100971
…aaaand pulled again.
Back to the factory for more enhancements before releasing them on the unsuspecting masses for Patch Tuesday?
March 16, 2017 at 5:26 am #101605
kb3150513 just appeared this morning on Important tab as Recommended Update published 5/11/2016. More information link page at bottom states Article ID: 3150513 – Last Review: Mar 15, 2017 – Revision: 7.
Edited to remove code
March 16, 2017 at 5:37 am #101612
That is a compatibility definition update (telemetry/compatibility). The prerequisites are KB2952664 (Win7) and KB2976978 (Win8.1). These two updates were reissued this month in their 22nd and 21st revisions respectively. Depending on your version of Windows, you probably installed one of these updates recently, then KB3150513 appears in Windows Update.
It is also being offered on Win10 1511 and 1607 after the install of the March patches and a reboot.
Edit to add Win10 info
- This reply was modified 1 month, 1 week ago by PKCano.
March 16, 2017 at 5:46 am #101616
KB article says “Last Review: 15 Mar 2017”, so it might have been re-released as well… Although looking at file dates, only W10 ones were updated (11 Mar)
- This reply was modified 1 month, 1 week ago by radosuaf.
Comments are closed.
Shop on Amazon by clicking on our affiliate link.
Buy anything, AskWoody gets a small bounty.
No charge to you, of course.
Or send a check payable to AskWoody
P.O. Box 2511 - Brentwood, TN 37024
If you don't want your name to appear on the Thanks! page, please so indicate in PayPal/ Patreon comments. Your donations and ad revenue help fund the development and ongoing operation of AskWoody.com
The AskWoody Lounge
Search the Lounge
- anonymous on Tell me again – how is the “new” Win10 updating method better than the old one?
- David F on Two more casualties in the ‘Unsupported hardware’ Kaby Lake/Ryzen Windows Update lockout
- anonymous on Puzzling Dump File?
- fp on Tell me again – how is the “new” Win10 updating method better than the old one?
- wdburt1 on Tell me again – how is the “new” Win10 updating method better than the old one?
- ch100 on Time to install Creators Update?
- ch100 on Time to install Creators Update?
- Schnarph on Two more casualties in the ‘Unsupported hardware’ Kaby Lake/Ryzen Windows Update lockout
- Karlston on MS-DEFCON 3: Time to get patched but, man, what a mess this month
- Noel Carboni on Tell me again – how is the “new” Win10 updating method better than the old one?
- satrow on Puzzling Dump File?
- anonymous on Puzzling Dump File?
- NetDef on external dvd player
- abbodi86 on Tell me again – how is the “new” Win10 updating method better than the old one?
- radosuaf on Time to install Creators Update?
- AlexEiffel on Time to install Creators Update?
- anonymous on Time to install Creators Update?
- HiFlyer on Two more casualties in the ‘Unsupported hardware’ Kaby Lake/Ryzen Windows Update lockout
- MrJimPhelps on external dvd player
- AlexN on Tell me again – how is the “new” Win10 updating method better than the old one?
get rid of linux and recover disk space
21 minutes ago
Are Your Staff Your Weakest Link in A Phishing Attack?
3 hours, 59 minutes ago
Printing problem in Xubuntu Linux
7 hours ago
external dvd player
2 hours, 48 minutes ago
Tell me again – how is the “new” Win10 updating method better than the old one?
11 minutes ago
Felismus Remote Access Trojan (RAT)
19 hours, 42 minutes ago
Click to Run Question for Group B
11 hours, 9 minutes ago
Cyber extortion demands surge as victims keep paying: Symantec
1 day, 4 hours ago
Script that uninstalls all installed versions of KB2952664, KB2976978, KB2977759
6 hours, 32 minutes ago
Two more casualties in the ‘Unsupported hardware’ Kaby Lake/Ryzen Windows Update lockout
43 minutes ago
Search for Topics
Recent blog posts