|
There are isolated problems with current patches, but they are well-known and documented on this site. |
.I’m seeing more updates released to fix side effects introduced into the March updates. First up is Server 2016: Addresses an issue that can cause ope
[See the full post at: Patch Lady – More updates released to fix March patches]
Susan Bradley Patch Lady
“I’m still not seeing any confirmation that the Windows 7/Server 2008 R2 release earlier today KB410048”
Typo: should be KB4100480 ?
Windows 10 Home 22H2, Acer Aspire TC-1660 desktop + LibreOffice, non-techie
Probably “Microsoft is not currently aware of any issues” is equal to “Public users have not discovered the issues” 😀
Another update: Stop error 0xAB when you log off a Windows Server 2008 session.
I delay applying updates based on the advice I find on this site. I agree that for those with the time and experience to do so, it is prudent to let the dust settle each month before letting Windows Update change things.
Prior to the Patch Lady’s arrival, we had MS-DEFCON to use as a guide. These days, that suggestion stays at 2 most of the time offering the advice not to apply patches unless there is a pressing need to do so. I am not always able to tell if I have a pressing need or not. Once a month usually just before the arrival of the next series of monthly patches, we are told to go ahead, get caught up.
The new Master Patch List maintained by the Patch Lady at least for my version 1703 already states that the available patches are OK to install.
I don’t necessarily want to wait for the last possible moment to apply patches all the time nor do I need to walk into problems without a pressing need to apply something. I have to assume the patches are released for a reason and generally, assuming there are no problems with the patch, it’s a good idea to install them sooner rather than later. The longer one defers installing updates, the more wushowhide gymnastics are required.
My question is this: The P.L. with the mater patch list says the patch is good to go, but ms-defcon says don’t do it. Which end of this dog do I feed?
Consider that I’m looking at each patch individually whereas Woody is looking at the overall picture. He sees that we have rain forecast. I say … well gee, it’s not raining where I am! In the meantime it’s raining buckets where you are.
Seriously I have not been tracking issues on the 1703 platform.
Susan Bradley Patch Lady
well bud, better be safe than be sorry, Miss.Susan and Mr.Woody bears a high responsability with its update diagnostics , so Mr.woody and Miss.Susan must test in their own methods to give a veredict. So its up to you if you wanna listen to one or another of both.
As for me, I will wait the MSDEFCON system. to be honest the more I can delay an update the better since if it were for me I would never update if it werent for the fact that its unsafe and bad for my computer.
I guess that in the end, we are the only ones that actually decide the MSDEFCON system and the “Ok to install” in our systems, even if Mr.Woody or Miss.Susan says yer or no, since we are the ones that will download and apply the updates in our own computers not them.
Along the lines of what Susan and Zaphyrus have said, but with my little different outlook. I like reading as many informed and educated opinions that I can absorb in a given time to make a decision; then make my own decision. This provides the luxury of weighing those opinions to my own locally specific criteria with knowledge from those specific backgrounds. Generally this works pretty good in the big wide world.
In the smaller world of Microsoft updating, however, each moment of decision is not an endpoint. Because we do not have access to the full knowledge of each patch. And Microsoft has a way of shifting sands and moving goalposts. I do not hold those new conditions against the advisers that I listened to. I blame that squarely on Microsoft. There is an ongoing problem in the underlying hardware, sure. But the incomplete and overcomplicated patching is Microsoft’s response, and responsibility.
If it were easy, I would not require advice at all. I appreciate those who are willing to put their own opinions out there, for me to choose among the variety.
I am inclined to agree that patching these days is more akin to a “roll of the dice” than a de facto means to achieve greater stability and security.
What I am pointing out and attempting to clarify is the seeming contraction between the defcon advice and the master patch list advice. The left hand says don’t do it and the right hand says jump right in (my paraphrasing).
Differing advice on the same site. I can appreciate that opinions can and often do differ but with such a high profile and frequently publicized topic, I would hope for a more “hand in hand” message, if such is possible.
Neither new patches KB4100480 or KB4099467 fix known issues in March Rollup/Security Only
KB4100480 only update/fix OS kernel ntoskrnl.exe
KB4099467 only update/fix kernel mode driver Win32k.sys
all other components are still the same in March Rollup/Security Only
I’ve been a die-hard, card-carrying member of Group B (Win 7 & 8.1) since October 2016. But over the past few months, it’s increasingly difficult to keep everything straight, even for a technically-inclined person like me.
My patch management notes are getting ridiculous. The growing list of addendums, caveats, contraindications, and revision info is leaving me frustrated and fed up. It shouldn’t be this complex to patch a system.
I remember when news of the revised patch system broke through the ranks. Some folks claimed that roll-up style updates would be our silver bullet. They claimed it would streamline the patching process, making it quick and easy to keep everything running well. In theory, it should work that way assuming it’s handled correctly.
Honestly, I miss our previous discrete patch system. We could decline or uninstall an individual, problematic update, without giving up the security/bug-resolving nature of the other patches. Nowadays, we have to swallow the whole lot. Even the Security Only update isn’t immune. Yet, if a fly gets in the stew (as it often does these days), we have to throw up the whole thing and wait for a fix if a workaround doesn’t exist. It doesn’t have to be this way.
Microsoft’s abysmal QA, the Agile patching policies, and Redmond’s continued iron-clad crusade towards a Cloud-y SaaS doesn’t give me confidence for the future. Coming home to my Mac at day’s end is a breath of fresh air…and then I remember I’ve got to apply the latest patches to my Win 7, 8.1, and 10 systems. Ugh! Time to make me a screwdriver!
-Disgruntled SysAdmin
Update KB4099950 has just shown up (3/30) for Win7 to fix the NIC problems:
https://support.microsoft.com/en-us/help/4099950/network-interface-card-settings-can-be-replaced-or-static-ip-address-s
AND!!! From the KB4099950 page, it says, “Important: This update must be installed prior to installing KB408875 or KB408878.” That is even though it is showing as Optional and unchecked, and the March 2018 Rollup is checked and important, and Security Only patches is catalog only.
So maybe, just maybe this is the patch to fix the NIC issue without running the VBScript. I wonder if installuing this will bring back KB408875.
Do we have any victims, oops, guinea pigs, oops, no I really mean volunteers. Come on all yee beta testers so MS can upgrade it to checked and important!
Spot on “which is inherently usable, which is stable, which does not spy on everything which consumers do with their computers which are owned by those consumers.” This will be issue that will cause the demise of MS. The Windows ecosystem is worthless if users can not use Windows reliably. They will migrate out of necessity to something else when the aggravation gets to much. Note how many posters here openly talk about migrating to Linux as a fact or a viable option.
Edit to remove HTML. Please use the “text” tab in the entry box when you copy/paste.
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
