• MS-DEFCON 2: Time to make sure your Windows machine is locked down

    Home » Forums » Newsletter and Homepage topics » MS-DEFCON 2: Time to make sure your Windows machine is locked down

    • This topic has 68 replies, 16 voices, and was last updated 7 years ago.
    Author
    Topic
    #91720

    I’m anticipating non-security Office patches tomorrow. That’s the usual drop date, anyway – first Tuesday of the month. I’m not aware of any non-secur
    [See the full post at: MS-DEFCON 2: Time to make sure your Windows machine is locked down]

    3 users thanked author for this post.
    Viewing 19 reply threads
    Author
    Replies
    • #91769

      Anything in the wind Woody, about Previews W 10 or W 8.1?

      I saw somebody saying to only expect “Security Only” Patches this Month. I am not sure I believe that even with CU’s now. Where do you come down on that?

      --------------------------------------

      1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

      SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

      CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
      Graphics Radeon RX 580, RX 580 ONLY Over Clocked
      More perishable

      2xMonitors Asus DVI, Sony 55" UHD TV HDMI

      1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
      1xOS W8.1 Pro, NAS Dependent, Same Sony above.

      -----------------

      1 user thanked author for this post.
    • #91772

      I wonder what M$ is up to there’s a couple of large 115.4mb security updates sat in my WUD inbox chilling they’re heels.
      Definition Update for Microsoft Security Essentials – KB2310138 (Definition 1.235.1069.0) 27/01/17.
      Definition Update for Microsoft Security Essentials – KB2310138 (Definition 1.235.2163.0) dated today (06/02/17)
      Kinda strange as I am normally up to date with security updates as usual searching in the catalogue and the supplied links go no where nor does a Google. This is a Win7x86Pro machine, Just the usual 1mb on Win7x64Ent and on Win8.1x64Pro is another, relative “Biggie” at 9.2mb (kb2267602 Def. 1.235.224.0 dated today 06/02/17) Sort of wondering with all these different sizes and with all the machines here set to notify before d/load & install are they pushing stuff through the “backdoor?”
      Another reason I am posting anon. is for some reason the web site wont allow me to log in here with my login details kicks me out or somewhere when I try even while logged in (still feeling my way around the “Nooks & Crannys”) of AskWoody so it could be entirely my fault LOL 😉

      BobyB

      • #91773

        Aggggh! now it lets me log in after an error and re-submit & surviving Windows since 3.1 seems like i’ll never get the hang of these infernal machines ;(

      • #91799

        Hhhhmmm — what do you mean WUD inbox? My Win7 has WU disabled and everything else preventing updates, except MSSEC to which I allow auto updates which do not come via WU.
        I see that the 2nd one you mention was applied to my yesterday.

        I now wonder if I should disable MSSEC updates. I have used 3rd party AVs and firewalls in the past and I am not too keen to go back–they are said to be illusions: more liabilities than assets.

        • #91812

          Noooooooo Please do not disable the Definition Updates….

          Disabling WU/MU will not affect them and they will not cause Patches to download or install, YET anyway. Disable WU/MU/AU in the GUI in W 7, for extra insurance, in the Registry.

          --------------------------------------

          1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

          SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

          CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
          Graphics Radeon RX 580, RX 580 ONLY Over Clocked
          More perishable

          2xMonitors Asus DVI, Sony 55" UHD TV HDMI

          1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
          1xOS W8.1 Pro, NAS Dependent, Same Sony above.

          -----------------

          • #91850

            If I ever were to do that I sure would do it as a last resort. But given MS’s behavior, how do you know when they’ll use ANY means necessary to dump w10 on you? Are there any doubts in your mind that if they can’t chip away at the 40+% users of win7 they can and will without any warning use MSSEC as a conduit? How many of the receiving end will have a backup, or can withstand several such incidents, or reinstall win7 when MS can do it again and so on? MS can readily wear them down into submission and they know it.

            The registry tweak is the only one I am not familiar with. Can you refer me to instructions?
            Although if they can mess with GUI settings, they sure can with the registry.

        • #92014

          What does – – – MSSEC – – – mean? Also what does – – – GUI – – – mean?

          Thank you for the clarification (think MSSEC may mean MS Security Updates ??).

          1 user thanked author for this post.
          • #92030

            What does – – – MSSEC – – – mean?

            Microsoft Security Essentials – Microsofts anti-virus program, built into Win10, an add on in Win7/8.1. It usually updates definitions automatically independent of Windows Updates (even if you have WU set to “Never”

            Also what does – – – GUI – – – mean?

            Graphical User Interface – the windows, desktop, etc in Windows that you see on the screen. References to Settings/Control Panel where you can make settings changes to change the way Winndows looks and acts. (Check boxes – do you want a red or blue background, pulldown menus – do you want Automatic updates or Never check for updates, and so on)

            3 users thanked author for this post.
          • #92119

            @ walker

            What does – – – MSSEC – – – mean?

            Using Google Search–that abbreviation appears to be someone’s private shorthand. There are no probable meanings listed in the search that would make any sense here!

            https://www.google.com/#q=what+does+msec+stand+for

            http://www.abbreviations.com/MSEC

            NightOwl

          • #92502

            @ walker

            From Wiki,

            The graphical user interface (GUI /ɡuːiː/), is a type of user interface that allows users to interact with electronic devices through graphical icons and visual indicators such as secondary notation, instead of text-based user interfaces, typed command labels or text navigation.

            (basically GUI is the use of the mouse’s point-n-click feature, first invented during the 1970s – instead of DOS text-commands)

            2 users thanked author for this post.
      • #92233

        and today they promptly vanished in to thin air (after none installation) to be replaced by todays little 668kb security offering. “Curioser & Curioser”

    • #91768

      Well another month has gone by. Time to cringe again with another round of updates. Fingers crossed.

    • #91796

      Anything in the wind Woody, about Previews W 10 or W 8.1?

      I saw somebody saying to only expect “Security Only” Patches this Month. I am not sure I believe that even with CU’s now. Where do you come down on that?

      Security only fixes covered December and January

      Preview Monthly Rollup for W 7/8.1 will be delivered after Patch Tuesday (February 14), most likely the later tuesday = February 21

      2 users thanked author for this post.
      • #91809

        If you’re talking about Win7 and 8.1… yes, there will definitely be both a Security-only patch and a Monthly Rollup, released on Feb 14

        If you’re talking about Win10, yes, there will be a cumulative update on Feb 14.

        If you’re talking about Preview patches – which I DON’T recommend that you install, they’ll likely appear on Feb. 21, as Abbodi says.

        As for Office patches – I expect we’ll see another big bunch of them, non-security on Feb 7, security on Feb. 14. But that’s only a guess. The items above are “for sure.”

        Unless the snow keeps falling in Redmond, in which case… who knows?

        1 user thanked author for this post.
        • #91815

          So in other words we are back on schedule.

          Yes, I install both W 8.1 and W 10 Preview Patches BUT I have TEST partitions for all of that….

          --------------------------------------

          1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

          SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

          CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
          Graphics Radeon RX 580, RX 580 ONLY Over Clocked
          More perishable

          2xMonitors Asus DVI, Sony 55" UHD TV HDMI

          1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
          1xOS W8.1 Pro, NAS Dependent, Same Sony above.

          -----------------

        • #91830

          Well it is still falling here and we are getting there Pineapple express. Take a look at my Twitter Page @PantomofMobile YUUUUUCK 😥

          --------------------------------------

          1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

          SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

          CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
          Graphics Radeon RX 580, RX 580 ONLY Over Clocked
          More perishable

          2xMonitors Asus DVI, Sony 55" UHD TV HDMI

          1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
          1xOS W8.1 Pro, NAS Dependent, Same Sony above.

          -----------------

    • #91840

      Preview Monthly Rollup for W 7/8.1 will be delivered after Patch Tuesday (February 14), most likely the later tuesday = February 21

      … and this is likely to be the first big rollup containing many of the previous updates ?

    • #91871

      ………..
      The registry tweak is the only one I am not familiar with. Can you refer me to instructions?
      Although if they can mess with GUI settings, they sure can with the registry.

      Yup, I have watched them messing with my registry setting in W 10 Fast Ring right before my eyes in RegEdit…. 😆 😥

      Solution: Take possession of the Registry Key(lowest Mother) Restrict “System” to Read only and then I had to ‘Deny’ Access to everything else!!! They haven’t changed since EVEN THROUGH Upgrades. However, if they ever do that from “Trusted Installer”, Lord Help US ALL!

      Now!!! Backup, Backup, Backup your Registry, your Image. I don’t TRUST Restore Points to protect me BUT that is up to you. You can screw your Image up really Bad it you make mistakes here!!!!

      I have been doing this since W 7, years back:

      Configure Automatic Updates using Registry Editor

      https://technet.microsoft.com/en-us/library/dd939844(v=ws.10).aspx

      Don’t let all the the Server or WSUS references throw you. The last section is for Client PC’s and is just as relevant today for W 7 to W 10 in 2017 as it was in 2011. MS can’t afford to change everything. Mostly they add, not so much subtract.

      Here is my Registry Script ext= .reg without the Permission adjustments(those are done manually and so far only needed on W 10 Fast as well as when it RTMs):

      REG WU AU Windows Update Turned Off in Windows.reg (W 7)

      Windows Registry Editor Version 5.00

      [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
      “NoAutoUpdate”=dword:00000001
      “NoAutoRebootWithLoggedOnUsers”=dword:00000001

      REG WU AU OSUgrade Turned Off in Windows.reg (W 8.1) (W 10 at a minimum)

      Windows Registry Editor Version 5.00

      [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
      “NoAutoUpdate”=dword:00000001
      “NoAutoRebootWithLoggedOnUsers”=dword:00000001

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade]
      “KickoffSource”=dword:00000000
      “KickoffDownload”=dword:00000000
      “AllowOSUpgrade”=dword:00000000
      “ReservationsAllowed”=dword:00000000
      “Refresh”=dword:00000000

      [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade\State]

      REG WU AU OSUgrade Enabled, Au & WUTurned Off in Windows.reg (W8.1) (W 10 at a minimum)

      Windows Registry Editor Version 5.00

      [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
      “NoAutoUpdate”=dword:00000001
      “NoAutoRebootWithLoggedOnUsers”=dword:00000001

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade]
      “KickoffSource”=dword:00000001
      “KickoffDownload”=dword:00000001
      “AllowOSUpgrade”=dword:00000001
      “ReservationsAllowed”=dword:00000001
      “Refresh”=dword:00000001

      Note the W designations: I am not sure if W 7 has add the OSUpgrade feature or not. If they haven’t there would be nothing to look at those Keys anyway so they won’t hurt anything. They weren’t there when I was on W 7, that’s all I can say….

      C&P them into a text file with ext= .reg

      Then run which ever one seems appropriate …. That’s it.

      NOW YOU ARE IN TOTAL CONTROL AND IT IS YOUR RESPONSIBILITY TO CHECK FOR PATCHES, DOWNLOAD AND IN INSTALL THEM!

      I only use the WU GUI on W 10 only when I want to D/L the Upgrade, otherwise I never touch it.

      I use Powershell for all other WU activity….

      PowerShell Gallery | PSWindowsUpdate 1.5.2.2

      https://www.powershellgallery.com/packages/PSWindowsUpdate/1.5.2.2

      Learn how to install it with the Module PowershellGet a built in module. I also use Powershell ISE run with Admin rights. The ISE is very useful to access the modules that are installed with the WMF, as well as ones you Install. There are several camlets in this module like Get-WUlist, Get-WUinstall, Get-WUServiceManager etc.

      Windows 10 is even more complicated if one is complete about it but the above is the minimum.

      Hope all of this helps….

      --------------------------------------

      1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

      SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

      CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
      Graphics Radeon RX 580, RX 580 ONLY Over Clocked
      More perishable

      2xMonitors Asus DVI, Sony 55" UHD TV HDMI

      1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
      1xOS W8.1 Pro, NAS Dependent, Same Sony above.

      -----------------

    • #91928

      KB3197356 for Windows Server 2016, Windows 10 1607 and Windows 10 1607 64-bit have been expired.

      This is CU from October 2016.

      EDIT: I don’t see it in this list.

      Windows-10-1607-Update-History

      Does anybody know why this update is not in the list?

      EDIT 2:
      It is documented here
      https://support.microsoft.com/en-us/help/3197356/cumulative-update-for-windows-10-version-1607-october-6,-2016

      This update has been retired and removed from Windows Update and the Microsoft Update Catalog website. This update is replaced by Cumulative update for Windows 10 Version 1607 and Windows Server 2016: October 11, 2016 (KB 3194798).

      • #91998

        Wuh?

        So would somebody tell me what “cumulative” means?

        How on earth can you retire an old cumulative update????

        • #92117

          It is retired (like any other patch, CU or not) when there are enough later versions available.
          There may be few reasons for this action.
          One is to avoid the well known supersedence issues causing slow scans when too many patches superseding each other and sometimes in a more complex relationship accumulate.
          Another one would be Microsoft’s declared intention of having as few versions available as possible to avoid failed patches or other difficult to control side effects.

          EDIT: The third reason would be that a specific patch, CU or not, was found to be faulty and Microsoft does not want anyone to install it at all. They would have to deal with those who installed it in the past though and have not kept with updates since then.

          1 user thanked author for this post.
        • #92132

          Woody,

          I know you have a mental block with the concept of “Cumulative Patches”, since I have seen you write about it in confusion.

          “Cumulative” is a collection of something, lets say Trash. If another collection includes the first one, one now has a bigger Bunch. Now you put that in a larger bag which includes the Second Collection and the First Collection BUT wait the First one, was in a bag all along toooo!

          Now this is where the physical analogy starts breaks down BUT with Data, One can still go in and access the First Bag of Trash(CU 1) from the Trash Dump as well as have the Second Bag of Trash(CU 2) include the First Bag of Trash(CU 1). Both are available at the Dump(in the Catalog) but when one Lists the Trash Bags(CU), Bag 2(CU 2) is going to come up first including all that came before.

          The only way to get Bag 1(CU 1) out of the List, BUT not lose the Trash(remove its contents), is to retire the BAG(CU 1) but allow the contents of Bag 1 to become part of Bag 2(CU 2)(Bag 1 Now no longer in the Catalog). That’s when Supersedance gets involved.

          In other words it is all about access not the contents. The contents will keep accumulating BUT the Bags or Containers WILL NOT.

          Of course something Magical happens at an Upgrade. Only the Contents of the last CU that IS NOT going to get adjusted, changed, thrown out or replaced is retained for the Upgraded Dump.

          I think where some people were going wrong, is they are looking at a CU KBnnnnnnnn. as ONE THING, but it is really two things, a Container and the contents that can be separated at will but the contents are not lost.

          Hope this helps clarify CU’s…. 😛

          --------------------------------------

          1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

          SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

          CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
          Graphics Radeon RX 580, RX 580 ONLY Over Clocked
          More perishable

          2xMonitors Asus DVI, Sony 55" UHD TV HDMI

          1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
          1xOS W8.1 Pro, NAS Dependent, Same Sony above.

          -----------------

          4 users thanked author for this post.
          • #92135

            @Crysta
            I think you understood better than me which was the true meaning of Woody’s post. 😀

            • #92136

              OH, CH 100,

              I have watched Woody struggle with CU’s in articles and in comments on Patchmanagement.org for some time but didn’t feel I had the right forum to Reply. I am new to AskWoody(by his invitation on Twitter, actually), the Forums are new, and His confusion came up. A perfect convergence, an alignment of the Stars. 😆

              I do hope it makes enough sense??? It is clear to me but I am not always able to impart that to others.

              --------------------------------------

              1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

              SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

              CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
              Graphics Radeon RX 580, RX 580 ONLY Over Clocked
              More perishable

              2xMonitors Asus DVI, Sony 55" UHD TV HDMI

              1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
              1xOS W8.1 Pro, NAS Dependent, Same Sony above.

              -----------------

            • #92421

              Crysta, if you scored a “Thanks” from @satrow, I guarantee to you that it makes sense 🙂

              1 user thanked author for this post.
            • #92488

              It makes perfect sense.

              My confusion stems from the thought that old CUs would be retired automatically as new CUs are issued. I didn’t realize that MS would save up all the old trash bags and throw them out at a later date.

              Thanks for the analogy! Spot on.

              1 user thanked author for this post.
        • #92587

          Woody, Y’all,

          On occasion MS will ‘suggest’ one should uninstall a problem “CU”(Albeit obscurely). When one does this the former “CU” will present itself for Install. If they were ‘Retired’ immediately that would not be possible. I prefer your ‘Silver Bullet’ but MS does not always use it because they prefer to deceive users they put out ‘perfect “CU”.

          --------------------------------------

          1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

          SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

          CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
          Graphics Radeon RX 580, RX 580 ONLY Over Clocked
          More perishable

          2xMonitors Asus DVI, Sony 55" UHD TV HDMI

          1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
          1xOS W8.1 Pro, NAS Dependent, Same Sony above.

          -----------------

    • #92023

      I am really lost here.
      I have a TP Yoga running 8.1 Pro which has been set at ‘never update’ since last year. My last manual update had been the Dec security update – installed Dec 30.
      I remember Woody saying there were no security updates for 8.1 in January, but two days ago my TPY announced there were 84 updates pending and 100 plus optional.
      Then today, another 13 and some optional.
      All in all there were about 75 described as security updates.
      I downloaded and installed the 75 security, .NET, Adobe and IE updates. And for the mo everything seems to be okay.
      The other machines with 8.1 home [also on never update] have been dead quiet by comparison.
      I thought the updates nowadays were all in one monthly package rather than individual KB files?

      • #92028

        The setting “Never check for updates” is meant to allow you to check for updates when you want to, as opposed to Windows checking for you. If you have had it set to “Never” since last year and only manually installed certain updates, all the other available updates have accumulated in the pending list.
        When the DEFCON number is 3 or more, updates are safe to install. If you are in Group B (installing security-only updates, not ROLLUPS), you need to install the security-only manually, click on “check for updates,” UNCHECK the “Security Monthly Quality ROLLUP,” and install the rest that are ALREADY CHECKED. If you have not been doing this, that would explain a year’s worth of checked updates in the important queue.

        For Group B: be sure you do not install (uncheck) anything that says “Security Quality Monthly ROLLUP for WINDOWS.” The ROLLUPs for .NET are safe. DO NOT check anything that is not already checked – that includes the optional list of updates.

        2 users thanked author for this post.
      • #92108

        PKcano – Thanks for the comments on 8.1 Pro updates.
        I have no problems with selecting the security only updates and leaving out the drivers & optionals.
        What I ain’t clear on, is whether from now on if I just stick to using Windows Update, will I be receiving lists of selectable individual KB security updates, or just one KB security update incorporating many?
        And, would there be a difference in delivery between Pro and Home editions?

      • #92114

        The security-only updates DO NOT come through Windows Updates. They have to be downloaded from the Microsoft Update Catalog and installed manually. Their terminology is “Security Only Quality UPDATE for Win.”
        What comes through Windows Updates is the cumulative update (non-security and security updates rolled up into one). It’s terminology is “Security Monthly Quality ROLLUP for Win.”
        If you just stick to Windows Update, you will be getting the Cumulative ROLLUP that contains security and non-security updates. The difference here is “UPDATE” implies security-only and “ROLLUP” implies the whole shebang.
        The ROLLUP is for Group A, the UPDATE is for Group B.

        2 users thanked author for this post.
    • #92043

      Microsoft Office Updates are dropping today? SOUND THE SIREN! *siren wails* ALERT THE NATIONAL GUARD! WE’RE ON DEF-CON 2! THIS IS NOT A DRILL! REPEAT! THIS IS NOT A DRILL! WE ARE ON DEF-CON 2! TO THE BUNKER!

    • #92051

      What about security-only updates from October-December that I still haven’t been able to get (despite the best efforts of you and your merry band of experts, bless you all)? Should I just give up on them?
      The only one that worked for me was the Janurary update.
      I’m running Windows 7 Enterprise, Version 6.1.7601, Service Pack 1 Build 7601
      Thanks,
      Morty

      • #92054

        One question I’m not sure you were asked (I did not follow the whole thread) – did you by any chance install the Oct-Dec ROLLUPS? If you did, the security-only update would not be applicable to your system. Look in the “Installed Updates” and see if they’re there.

        1 user thanked author for this post.
    • #92084

      One question I’m not sure you were asked (I did not follow the whole thread) – did you by any chance install the Oct-Dec ROLLUPS? If you did, the security-only update would not be applicable to your system. Look in the “Installed Updates” and see if they’re there.

      I didn’t install any ROLLUPS (that I know of). Here’s what I have installed since June 2016:
      Security Update KB3159398 Admin-PC\Admin 7/7/2016
      Security Update KB3160005 Admin-PC\Admin 7/7/2016
      Security Update KB3161561 Admin-PC\Admin 7/7/2016
      Security Update KB3161664 Admin-PC\Admin 7/7/2016
      Security Update KB3161949 Admin-PC\Admin 7/7/2016
      Security Update KB3161958 Admin-PC\Admin 7/7/2016
      Security Update KB3163245 Admin-PC\Admin 8/5/2016
      Security Update KB3164033 Admin-PC\Admin 7/7/2016
      Security Update KB3164035 Admin-PC\Admin 7/7/2016
      Security Update KB3167679 Admin-PC\Admin 9/13/2016
      Security Update KB3168965 Admin-PC\Admin 8/5/2016
      Security Update KB3170106 Admin-PC\Admin 8/5/2016
      Security Update KB3170455 Admin-PC\Admin 8/5/2016
      Security Update KB3175443 Admin-PC\Admin 9/13/2016
      Update KB3177723 Admin-PC\Admin 9/13/2016
      Security Update KB3177725 Admin-PC\Admin 9/13/2016
      Security Update KB3178034 Admin-PC\Admin 9/13/2016
      Security Update KB3205394 Admin-PC\Admin 1/29/2017
      Update KB976902 Admin-PC\Administrator 11/21/2010
      Update KB982018 NT AUTHORITY\SYSTEM 2/15/2013

      I have no idea how the two from 2010 and 2013 came up in this date-ordered list. But I’m leaving them there just in case they are symptomatic.
      Thanks again!
      Morty

      • #92501

        I don’t know enough about Enterprise to speak with any authority, but…

        KB3205394 is the January Security-only patch

        I see here that you downloaded the October Security-only update, KB 3192391, ran the MSU file, and it just sat there, stuck on “searching this computer.”


        @PKCano
        suggested that you try again, logged in with an admin account, stopping the Windows Update service before you run the MSU file.

        You did so and generated a windowsupdate.log file that includes an error 0x80248002 (see 2017-01-31 16:40:17:667 )

        @jmwoods suggested that you rename the softwaredistribution folder. Looks like you tried to do that, but you were in the wrong folder. What happened when you used the revised method suggested by @jmwoods here?

        Renaming the softwaredistribution folder is a wonderfully arcane method of dealing with error 0x80248002. See https://social.technet.microsoft.com/Forums/windowsserver/en-US/e7ccf991-4229-42f6-ba37-083eaeb2c594/updates-not-downloading-to-windows-7-system?forum=winserverwsus

        No doubt you’ll be thrilled to discover that you have a corrupt folder. 🙂

        1 user thanked author for this post.
        • #94416

          Hi. It’s me again, finally.
          I tried closing the service from the CMD prompt as Administrator and got this:

          Microsoft Windows [Version 6.1.7601]
          Copyright (c) 2009 Microsoft Corporation. All rights reserved.

          C:\Users\Admin>cd %windir%

          C:\Windows>net stop wuauserv
          System error 5 has occurred.

          Access is denied.

          C:\Windows>

          Then I shut off Windows Update by going to Services and stopping it. Then I tried this:

          Microsoft Windows [Version 6.1.7601]
          Copyright (c) 2009 Microsoft Corporation. All rights reserved.

          C:\Users\Admin>ren softwaredistribution softwaredistribution.old”
          The system cannot find the file specified.

          C:\Users\Admin>

          I’m now downloading the October standalone and will try running it. Wish me luck!
          windows6.1-kb3192391-x64_8acd94d8d268a6507c2852b0d9917f4ae1349b6c.msu

          Thanks again

          • #94422

            Then I shut off Windows Update by going to Services and stopping it. Then I tried this:

            Microsoft Windows [Version 6.1.7601]
            Copyright (c) 2009 Microsoft Corporation. All rights reserved.

            C:\Users\Admin>ren softwaredistribution softwaredistribution.old”
            The system cannot find the file specified.

            C:\Users\Admin>

            In order to rename a folder, you have to be in that folder’s parent folder (C:\Windows), or you have to give the path (location) of that folder. The location is C:\Windows\softwaredistribution. You were in C:\Users\Admin, but the folder you want to rename is not there.
            Use EITHER:
            C:\Windows>ren softwaredistribution softwaredistribution.old from the C:\Windows directory
            OR
            C:\Users\Admin> ren C:\Windows\softwaredistribution softwarediwtribution.old

            • #94550

              Oog.
              Thank you. But is there a way to do all that without doing all the tinkering in a command window? I’m starting to feel like one of those old movies where a passenger takes instructions by radio on how to land the plane. Where’s Xtree for DOS when I really need it?
              Morty

            • #94557

              Right! Old DOS commands.
              cd = command for change directory
              Use a pencil to record your moves (if you are as old as I am).
              You are at C:\Users\Admin – at the prompt type
              cd C:\Windows (Enter)
              Now you are C:\Windows – you can type
              ren softwaredistribution softwaredistribution.old
              To get back to where you came from type
              cd C:\Users\Admin

              Try changing directories then changing back first (without renaming), just to be sure of yourself.

              1 user thanked author for this post.
          • #94420

            Wow. I leave for awhile and I become anonymous 🙁
            That was me, Morty. But I don’t remember my password to log back in again.
            Sigh….

    • #92219

      What does – – – MSSEC – – – mean? Also what does – – – GUI – – – mean?

      Thank you for the clarification (think MSSEC may mean MS Security Updates ??).

      Walker;

      Try using browser ‘Duck Duck Go’ (no trackers). Highlight the item > rt click it > click on ‘Search DuckDuckGo for (the item). It often works fast for me.

      Try it on GUI

      btw: Using this on MSSEC didn’t work but it found an interesting site.

      https://mssec.wordpress.com/ Microsoft Security Solutions, Tips, Tricks and info on Security Solutions from Microsoft

      3 users thanked author for this post.
      • #92960

        @HiFlyer:

        I’ve used DuckDuckGo for searches for quite a while.
        The “no-tracking” that DuckDuckGo has is a good feature.

        I use Google a lot too. It’s interesting to compare the various
        search engines, and what they come up with.

        • #94566

          Have you tried Startpage SSL searching? It’s also non-tracking, and uses the Google engine. Firefox can have it added on, and I mainly use it when I can’t get a good result from DDG, before going directly to Google.

          1 user thanked author for this post.
          • #94661

            @Kirsty:

            Haven’t tried that, however I (like you) do try the “Duck” first, and then
            just go to Google. Yours is probably a preferable approach, and appreciate the
            information. Thank you! 🙂 🙂

            1 user thanked author for this post.
          • #95123

            Been using Startpage since soon after it started. It will allow you to use their proxy to view results… very private. Suits me, and I search out all kinds of things.

            Non-techy Win 10 Pro and Linux Mint experimenter

    • #92558

      I don’t know enough about Enterprise to speak with any authority, but…

      KB3205394 is the January Security-only patch

      I see here that you downloaded the October Security-only update, KB 3192391, ran the MSU file, and it just sat there, stuck on “searching this computer.”

      @pkcano suggested that you try again, logged in with an admin account, stopping the Windows Update service before you run the MSU file.

      You did so and generated a windowsupdate.log file that includes an error 0x80248002 (see 2017-01-31 16:40:17:667 )

      @jmwoods suggested that you rename the softwaredistribution folder. Looks like you tried to do that, but you were in the wrong folder. What happened when you used the revised method suggested by @jmwoods here?

      Renaming the softwaredistribution folder is a wonderfully arcane method of dealing with error 0x80248002. See https://social.technet.microsoft.com/Forums/windowsserver/en-US/e7ccf991-4229-42f6-ba37-083eaeb2c594/updates-not-downloading-to-windows-7-system?forum=winserverwsus

      No doubt you’ll be thrilled to discover that you have a corrupt folder.

      As corruption goes these days, I’m glad it’s just my folder! But, much like other corruption, I feel powerless to correct it.
      I didn’t get to try @jmwoods revised method–had too much work (thank Heaven). By the time I could get back to try again, you had the DEFCON-2 siren going. That’s what brought me to this post, to ask if it’s too late to go back and try to pick up the pieces.
      So now you know the rest of the story.
      Thank you again, Woody!
      And thank you @jmwoods, PKCano, hansR, and all of you again. Much appreciated.
      Morty

      • #92568

        It’s not too late to go back and pick up the pieces. The DEFCON number applies to the patches coming out in FEB. The patches from previous months have been OK-ed. Go ahead and do the repairs on the folder as instructed.
        When you get to the updates, don’t install ANYTHING with a Feb date (on the right side when you look at the important updates list) – uncheck it in the important updates before you check install.
        If you are in Group B, don’t install ANYTHING that has “Security Quality Monthly ROLLUP for Windows” in the title. (.NET ROLLUPS are OK if they are checked). Group B installs the “Security Only Quality UPDATE” files that have to be downloaded from the Catalog and manually installed.
        Let us know when you get things straightened out.

        2 users thanked author for this post.
    • #92583

      It’s not too late to go back and pick up the pieces. The DEFCON number applies to the patches coming out in FEB. The patches from previous months have been OK-ed. Go ahead and do the repairs on the folder as instructed.
      When you get to the updates, don’t install ANYTHING with a Feb date (on the right side when you look at the important updates list) – uncheck it in the important updates before you check install.
      If you are in Group B, don’t install ANYTHING that has “Security Quality Monthly ROLLUP for Windows” in the title. (.NET ROLLUPS are OK if they are checked). Group B installs the “Security Only Quality UPDATE” files that have to be downloaded from the Catalog and manually installed.
      Let us know when you get things straightened out.

      Thank you! Can’t do it right now. But I’m still confused about something. If I use a standalone installer, why would I even see a list of current updates? Isn’t each of the standalones month-specific?

      • #92584

        Each of the Security-only patches is download, manually install only.

        But some other patches need to come through Windows Update – Office, .NET, IE, and others.

        I have detailed instructions for each month.

    • #92589

      I bought Office 2013 (Click-To-Run) when I bought my Windows 8 (now 8.1) laptop. In the past, having Office automatically update didn’t cause problems. However, in October 2016 (maybe September), when I tried to open Office (usually Word), I got a dialog box saying “We’re sorry, but Word has run into an error that is preventing it from working correctly. Word will need to be closed as a result. Would you like us to repair now?” I got this for 1 or 2 months whenever I tried to open Word (or Excel, PowerPoint, or OneNote). None of the ‘answers’ on the MS Support forum seemed to help, except when I was told to download & run OffCAT (Office Configuration Analyzer Tool). It found “Possible slowness issues because Windows Installer logging is enabled”. By clicking “Fix it for me”, that seemed to clear the problem. That was on 12/04/16. When I ran OffCAT on 12/16/16, I found Office needed updating from 15.0.4875.1001 to 15.0.4885.1001. I updated Office, then set it back to Not Automatically Update. I ran OffCAT again on 01/15/17 & January had showed up. I needed updating from 15.0.4885.1001 to 15.0.4893.1002. As of 01/15, I am up to date.

      Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
      Wild Bill Rides Again...

    • #94562

      I sent you mail.

      Thanks. I wrote back. Just realized that was supposed to be a password. It looked like something you wouldn’t say it public!
      I think I got back in again.
      But I still can’t get the October update.
      Next book: “Windows Update for Dummies.”
      And after that, “Administrator for Dummies.”
      I could add not accidentally throwing the router switch while pulling the Ethernet plug.
      Those Group W pencils are looking better every day!
      Morty

    • #94565

      Each of the Security-only patches is download, manually install only.

      But some other patches need to come through Windows Update – Office, .NET, IE, and others.

      I have detailed instructions for each month.

      I’m about ready to give up. Resistance is futile. I will be assimilated……
      It’s looking more like either “They know more about me than I do anyway, so just join Group A” … or head for the hills and join guerrilla Group W.

    • #94567

      Right! Old DOS commands.
      cd = command for change directory
      Use a pencil to record your moves (if you are as old as I am).
      You are at C:\Users\Admin – at the prompt type
      cd C:\Windows (Enter)
      Now you are C:\Windows – you can type
      ren softwaredistribution softwaredistribution.old
      To get back to where you came from type
      cd C:\Users\Admin

      Try changing directories then changing back first (without renaming), just to be sure of yourself.

      Thank you. I’ll bet I’m older than you!
      What do I do once I rename the file? I’m already lost now.

      • #94571

        I tried to follow the thread back, and I think you are trying to do is install the Oct – Jan security only updates. I assume you have installed KB3020369 and KB3172606 manually or through WU. If this is right:
        1. Reboot your computer. After it comes back up, login as Admin and don’t do anything for 10-15 minutes.
        2. Control Panel\Administrative Tools\ Services Highlight Windows Update Service. Click on Stop (be sure it stops)
        3. Double click on the earliest (Oct?) update and install.
        4. Reboot your computer – login as Admin – do nothing for 10-15 min.

        If this is successful, repeat steps 1-4 with each successive patch.
        When you finish, search for updates and install the rest of the patches. BE SURE each time you UNCHECK the patches (ROLLUP) you do not want to install BEFORE you click on the install button.

        If this is not successful, come back and we’ll try something else.

        2 users thanked author for this post.
        • #94581

          OK. Will try.
          Why the 10-15 minute wait?
          Do I have to disconnect the internet? (Last time, when I pulled an Ethernet plug, I threw the on/off switch on my router. I never even knew there was a switch! When I finally got it back on, I had to reboot my other computer to get back online.)
          Stay tuned….

          • #94615

            Why the 10-15 minute wait?

            This may explain a little:

            4. After restarting your computer, wait about 10 minutes until Windows Update completes its tasks. Do not use the computer for any other purpose during this wait period.

            I believe if the computer has been turned off for a few days, that it’s advisable to wait even longer.

            From https://www.askwoody.com/forums/topic/how-would-you-install-win7-from-scratch/#post-12670:

            26. After re-start is complete and you see a desktop, start Task manager – Right-click on task bar. Look at the % at the bottom. Do NOT attempt to use the computer for any purpose until you see that % fall to and stay at 10% or less. Windows Update is still working and has a lot of work to do.

            PS I don’t believe you need to be disconnected from the internet during this period

            1 user thanked author for this post.
    • #94583

      Hi,

      I have not read the whole thread in sequence but I believe you are trying to Update from MU/WU and/or the Catalog???

      If we can’t get the current Patches is it possible one can’t get past ones, as well? If Woody and myself are correct??? you shouldn’t be able to. We have a concern that the AU/MU/WU Distribution system is broken. In some way it appears this ia affecting the Catalog in some way???

      Nobody knows for sure BUT maybe you are beating your head against a broken wall of bar wire????

      --------------------------------------

      1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

      SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

      CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
      Graphics Radeon RX 580, RX 580 ONLY Over Clocked
      More perishable

      2xMonitors Asus DVI, Sony 55" UHD TV HDMI

      1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
      1xOS W8.1 Pro, NAS Dependent, Same Sony above.

      -----------------

      2 users thanked author for this post.
      • #94613

        Ouch.
        Thank you. It certainly is a headache. This reminds me of the old line that even paranoiacs have enemies.
        It would be no big deal if I could just let it run in the background and still work while it’s spinning its wheels. It’s getting to a point of diminishing returns.
        I’ll give it a few more tries. You never know.

    • #94621

      @ Morty

      Manually installing monthly Security-Only Rollups(= Win 7/8.1 Group B) from M$ Update Catalog is very similar to manually installing the KB3020369 & KB3172605 fix for slow/broken Windows Update that happened from Aug 2015 until Jan 2017. IOW, both use the same procedures to manually install the updates/rollups. If still unsuccessful, look for the instructions to reset Windows Update Service by Canadian Tech.
      Pls refer to these links,

      http://www.canadiantech.info/for-techies/windows-update/windows-update-a-long-time/

      https://answers.microsoft.com/en-us/windows/forum/windows_7-update/windows-7-update-solution/f39a65fa-9d10-42e7-9bc0-7f5096b36d0c

      https://answers.microsoft.com/en-us/windows/forum/windows_7-update/windows-7-update-problems-read-this-first/28147a5f-b0b0-480b-bed9-834a2da7a375

      1 user thanked author for this post.
    Viewing 19 reply threads
    Reply To: MS-DEFCON 2: Time to make sure your Windows machine is locked down

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: