MS-DEFCON 2: Microsoft’s already yanked four patches. Best to verify Auto Update is turned off

Topic

New Reply

The holidays are over, but the Grinch is still on the loose. Make sure your machine is locked down. Details coming in Computerworld.
[See the full post at: MS-DEFCON 2: Microsoft’s already yanked four patches. Best to verify Auto Update is turned off]

4 users thanked author for this post.

Lori, abbodi86, Elly, geekdom

Reply | Quote

Replies

I cannot postpone updates. I have to install the Patch Tuesday update immediately because Microsoft will quickly replace it with a high-risk out-of-band update!!

I am no longer an active member of the forums.

1 user thanked author for this post.

abbodi86

Reply | Quote

Each to their own 🙂 good luck.

No problem can be solved from the same level of consciousness that created IT- AE

2 users thanked author for this post.

Elly, banzaigtv

Reply | Quote

Thanks for the summary in your linked Computer World article on how to block updates on all versions of Windows. It’s quite documentary beautiful.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

1 user thanked author for this post.

admin

Reply | Quote

Woody,

Just went in and uninstalled the 4 patches from the one machine I have running Office 2010 Pro. Interestingly they were all listed as being installed 1/7/2018!

May the Forces of good computing be with you!

RG

PowerShell & VBA Rule!
Computer Specs

Reply | Quote

Office patches are msi (old style, similar to XP patches) based, unlike the regular Windows patches based on what is called Component Based System.
There are also msp patches, a sort of deltas for the msi, which come on top of the main ones.
When Office updates are installed, there is a “reconciliation” process similar to the repair happening behind the scenes and this explains why the date of the various patches is updated, indicating the date at which the latest processing took place and not the date of the original installation.

4 users thanked author for this post.

RetiredGeek, woody, Elly, Microfix

Reply | Quote

Moved to DEFCON2…because of bad Office 2010 patches?

I think it’s pretty clear now that Woody is looking for any reason to paint Microsoft in a bad light…making me lose faith in his suggestions when he is liable to scream at the smallest thing and lock down everything in sight…going to go look for more realistic analysis without the “get off my lawn” mentality

Reply | Quote

Nope. Moved to MS-DEFCON 2 because tomorrow is Patch Tuesday.

If you read the article accompanying the shift to MS-DEFCON 4, a couple of weeks ago, you wouldn’t have installed the bad patches.

10 users thanked author for this post.

Cybertooth, snalmond, Karlston, Elly, SueW, Chris B, Microfix, RetiredGeek, PKCano, satrow

Reply | Quote

P.S. “the smallest thing” … you’re right, it’s a small thing, unless you use Excel 2010. If you use Excel 2010, you’re blown out of the water by installing a non-security patch. And it’s the third such blow-up in as many months.

12 users thanked author for this post.

geekdom, snalmond, jburk07, Karlston, The Surfing Pensioner, Bill C., dononline, phaolo, Elly, warrenrumak, SueW, Microfix

Reply | Quote

How I know you are new here, MS-DEFCON drops ahead of Tuesday B every month. Many months that cautious action is proven prudent by events over the next couple of weeks. Woody is fair. When a given month’s cumulative rollup proves to be free of glitches, he posts an article that celebrates Microsoft’s competence. He will even continue to refer to that rare event when comparing later update packages.

An accurate and trustworthy spreadsheet is the original must have application that proved personal computing was a viable and valuable platform. Breaking that primary function is not a “smallest thing”. Writing that Microsoft came into the deepest vault of critical records and broke the interface to access those records is not “get off my lawn” rhetoric. AskWoody provides a public service by adding information in how to prevent these events. Perhaps I’m not fair describing you as new. Maybe you have paid attention, but find humor in irony.

7 users thanked author for this post.

RetiredGeek, Cybertooth, jburk07, Karlston, dononline, SueW, Microfix

Reply | Quote

Having problems on Windows 10 1709 Home.

My new process is applied with the metered connection indicated to be on.

Wait until you are comfortable with the information from Woody and Susan Bradley before and downloading and applying.

go to the Update Catalog catalog.update.microsoft.com and look for all the relevant updates for the month eg. 2018-12 . Manually download and install .

Sorry @pkcano your process is only working for Windows 10 1709 Pro.

Reply | Quote

What part of it is not working for you? The download of an update? The installation of an update? What “process” are you referring to?

Reply | Quote

Hey PK, when I first found Woody back last March your Windows 10 Pro settings were:

Group Policy option 2 – Windows Updates request download

Branch Readiness  Semi-Annual Channel

Feature Delay 365 days

Quality Update deferral 0 days (so know what is in the Update queue)

Wushowhide – to hide and hold what comes down until ready to unhide and install

Are these where you are still set?  Or have you made modifications as versions changed?

Reply | Quote

Those are still my settings. Not Microsoft’s. Not anybody else’s. That’s what I choose.

Reply | Quote

Thanks, well they have also been mine and so far so good (unless Woody or some MVP here signals the new updates have problems even before release, then I’ll back QU back a few days or so).

Lets hope for an uneventful Jan for Windows 10 and my trusty Windows 7 Pro.

Reply | Quote

First problem spotted on my Windows 7 x64 machine. Installed KB4480960 (January, 2019 Security Only Quality Update for Windows 7 for x64-based Systems) and the network shares associated with this computer are now broken. Ditto for the ability to remote into this PC using Remote Desktop Connection. Uninstall the patch and everything works again. *Just like that.*

Last time I had nasty surprise with the monthly security patches they issue was back in 2017 with KB4048960 (November, 2017 Security Only Quality Update for Windows 7 for x64-based Systems), a number eerily similar to this one (what the fu… ). That “Security Only” patch ultimately hoses Windows Media Player and its associated Media Library, resetting everything back to a virgin (blank) state upon installation. After much hair-pulling, I eventually found a registry hack to restore my player and media data back to their previous functional state. If I hadn’t, my entire WMP Library and all the custom settings and tweaks I’ve put in place over the years would have been wiped out. *Just like that.*

Thank you for this latest surprise MS! Kindly let me know when I can add a security patch to cover this latest one that won’t in turn wipe out my network shares and remote desktop ability! Much obliged if you can be bothered to look into this.

Reply | Quote

Yes, both the Security-only and the Monthly Rollup were affected by this glitch. Welcome to 2019.

Reply | Quote

Fortunately I see a workaround already posted on Ghacks.net. Hallelujah!

As for the inauspicious start to the new year with MS, fasten your seat belts tight. It appears we’re in for a bumpy ride in 2019 indeed.

Reply | Quote