News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – not every side effect is widespread

    Posted on Susan Bradley Comment on the AskWoody Lounge

    Home Forums AskWoody blog Patch Lady – not every side effect is widespread

    Viewing 30 reply threads
    • Author
      Posts
      • #2169627 Reply
        Susan Bradley
        AskWoody MVP

        Today Woody recommended that you wait on the February updates and pass on them until the March updates come out.  I honestly wouldn’t wait that long. 
        [See the full post at: Patch Lady – not every side effect is widespread]

        Susan Bradley Patch Lady

      • #2169643 Reply
        bbearren
        AskWoody MVP

        Bottom line it’s my personal opinion that you need to be more scared of ransomware than of updating. As long as you have a backup, neither one will be a worry to you.

        Indeed.  That’s been my personal mantra for a couple of decades, to include hardware failure in the list of things not to fear.

        Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
        "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
        "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

      • #2169650 Reply
        OscarCP
        AskWoody Plus

        Susan Bradley wrote: “you need to be more scared of ransomware than of updating. As long as you have a backup, neither one will be a worry to you.

        I entirely agree that keeping ones files with data, software one has written, with all the usual attendant annoyances and effort, as well as valuable and even personal “electronic” documents is very important and neither updating, nor ransomware can cause their loss if one has a good backup policy and sticks consistently to it. However, with ransomware, I tend to suspect that the need to buy a new computer in a hurry would bother me somewhat.

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

        1 user thanked author for this post.
        • #2169719 Reply
          bbearren
          AskWoody MVP

          However, with ransomware, I tend to suspect that the need to buy a new computer in a hurry would bother me somewhat.

          You’re missing the point.  With drive imaging, the entire, complete contents of your PC can be backed up.  There’s no need to buy a new computer, not even new drives.  Just be comprehensive in backing up your PC.

          I have complete drive images all six drives in my PC on an air-gaped 3TB drive.  If ransomware somehow managed to get past my defenses and encrypted everything on my PC, I would boot my restore USB, run a full format on all drives first, to completely remove the ransomware, then restore my drive images, which would in turn put all 21 of my various partitions back in place.

          I would then use my latest individual partition images for OS, Programs and Users folders to get everything completely up to date, still on the same old PC, now completely clean.  The point is to be prepared beforehand, not wring one’s hands after the fact.

          Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
          "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
          "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

          2 users thanked author for this post.
      • #2169664 Reply
        arfurdent
        AskWoody Plus

        locked down until late March

      • #2169670 Reply
        migongo
        AskWoody Lounger

        I do not intend, in any way, to interfere with the disagreement, which I respect. However, and for the better understanding of those of us who are part of this community, I believe that the rule established for it, the DEFCON system, still applies. This being the case, it would be up to the person who manages to define when it is time to apply the patches.Am I right?

        • This reply was modified 1 month, 2 weeks ago by migongo.
        3 users thanked author for this post.
      • #2169674 Reply
        The Surfing Pensioner
        AskWoody Plus

        I am trying to maintain a balanced perspective these days. I have my updates on Pause until 9/3/20, as Woody recommends, but I know the I.T. guy for the charity which own the P.C.s I use (he tests these patches for M/S as part of his computer business!) will want me to update long before then – he wanted me to install the next feature update as soon as it came out, but I’m holding back on that for the time being. Probably I’ll install the updates a little before 9/3/20, as soon as I feel ready. After all, I’m the one who has to cope with any glitches!

        2 users thanked author for this post.
        • #2169850 Reply
          OscarCP
          AskWoody Plus

          TSP: Same situation here with my other, government issued, Mac: the IT guy in charge of such matters in our working group always wants things to be done by the book: if MS or Apple says patch! then patch it is! I simply ignore him, as do the rest of the group. My own understanding is that his advice is a reflex CYA act performed by someone who likes his job very much and wants to keep it for as long as possible and even improve things by getting promotions. I do not know if this, to some extent, might not also apply to your IT guy. So if you chose, and were able to abide by the DEFCON and other useful pointers available here and elsewhere on the Web, then follow your inclination, as I do myself, and good for you!

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

          3 users thanked author for this post.
      • #2169675 Reply
        EstherD
        AskWoody Plus

        There’s lots that needs to be said on this issue. But my music program is going to end soon, and I’m not sure I want to stay awake long enough to finish writing this diatribe. But let’s begin and see how far we get.

        BACKUPS

        Yeah, great. With you and bbearren all the way on this one. Problem is… What you WANT to have is a backup that was made (and verified) within MINUTES of the time the update occurs, so you can be SURE you have captured EVERYTHING of value.

        Under the current Win10 update regime you cannot do that because you typically do NOT have control over EXACTLY WHEN the update will occur. So the best you can do is an approximation… what the machine state looked like when the backup program was last run, NOT what the state of the machine was just prior to the update.

        If you have to restore under a condition of approximation, then you have a rock and hard place choice to make: Abandon everything that didn’t make it onto the backup, or try to capture it from the failed system and merge it into the restored system. I’ve done both; NEITHER is acceptable to me. I want FULL CONTROL over updates. MY timeline, NOT someone else’s.

        TELEMETRY

        If I could be SURE that MS’s telemetry could actually do all the wonderful things you claim it can do for us, then yes, I would be in favor of it, too. But I do NOT believe it can. Or ever will.

        In a former lifetime I did program development in a world-class scientific research lab. I once tried to write code that watched one of my programs run and gave me feedback on what went wrong. That’s a VERY HARD task. MUCH harder than writing the code itself. Perhaps impossible. As in NP Complete impossible. And I suspect Gödel himself might have a few words to say about the theoretical impossibility of doing it, too.

        Why? Because the ONLY things your telemetry code can test for are things you already know to look for, and how to test for. But in order to do what you want MS’s telemetry to do that code has to watch for all the UNEXPECTED things that by definition cannot be predicted IN ADVANCE before you actually SEE them happen at least once.

        Here’s another way to look  at this. What MS is trying to do is analogous to trying to write a diagnostic program that runs within the OS. But writing diagnostic programs that REALLY and FULLY test hardware and/or software is well known to be a  thankless and difficult task.

        In that same former lifetime, my fellow engineers and I used to quip that our application programs were better at diagnosing failures of the DEC hardware we were running on than the diagnostic programs that DEC wrote and supplied to  us.

        We’d have a failure and call in a DEC FE. First thing he did was run the standard diag. Most of the time it would come up clean. But our app  would crash consistently. And if we could get the FE to try a few board swaps, oftentimes the problem would vanish with one of them. And magically reappear if the original board was swapped back in. QED

        But sometimes it wouldn’t, because the failure was intermittent. Then we would have to pare down our code until we found something that would repeatably provoke a failure. Once we knew EXACTLY what to look for, and how to tickle it, then AND ONLY THEN could we  write a  diagnostic that reliably demonstrated the fail.

        How is that different than Win10 updates? If MS knew what was going to fail in a new patch, then they certainly could write telemetry code to test for that particular failure. But why would they do that, when they could more easily use that same insight to correct the problem in the patch BEFORE it shipped.

        How does the telemetry code know to look for a particular profile failure mode when there are hundreds or thousands of ways  that something can go wrong? Or identify a race condition that cannot even be defined let alone tested for? And again, if MS knew what to look for, a more straight-forward approach would be simply to FIX THE CODE, either in the OS or the patch, and be done with it. Writing yet more telemetry code gets you nowhere useful. It’s a REACTIVE strategy whereas what you really want is a PROACTIVE approach.

        And don’t tell me “AI can do it”. Nope. Still have to train it. And if there’s a category missing from the training set, AI won’t help you find it. AI is good for finding exotic variants of things you already know something about, NOT for exploring the unknown. Which is what bad code is, because if you KNEW in advance it was bad, then you wouldn’t ship it until it was fixed. Or at least most competent programmers wouldn’t.

        One final point. There are also fundamental limits on HOW MUCH telemetry you can gather before your telemetry becomes a drag on productivity. So even if you know what to look for, you may not be able to gather sufficient data to perform the needed analysis, because the computation required is so cpu- or disk-intensive that the user would immediately notice the slowdown.

        Bottom line: NO, I do NOT believe telemetry BY ITSELF can now or ever will compensate for MS’s poor coding. Or make updating easier or safer for the average user or sysadmin.

        And with that, I’m donning my flame-proof nightgown and heading off to bed…

        — EstherD

        • #2169709 Reply
          anonymous
          Guest

          In order to be able to make a backup immediately before a windows update, you could use some Registry tweaks to provide/restore a “Download” button to the Update section of the Settings App.

          I have seen this sort of thing described in a few places, but I stumbled upon it towards the end of one of Federico Dossena’s “Windows 10 Privacy Guide”s – see https://fdossena.com/?p=w10debotnet/index_1903.frag for the latest and last W10 1903 guide – in the section titled NO MORE FORCED UPDATES. This involves adding/changing 4 policies – setting numerical values to the 4 DWORD sub-keys of a key. (You probably need to restart your PC after this?)

          W10 still checks for updates and gives notifications (the bottom right corner thing), but does not download or install. When you open the Settings App, the Update section shows a “Download” button and above this the oustanding updates are marked as “ready to download” or some such wording (I’m writing this in W8.1 so cannot check). This does not give any granularity about which of these updates are downloaded and installed, but does give you the opportunity to make a backup before clicking the “Download” button. (There are 3rd party programs giving more granularity, but I have not looked at these.)

          BTW: Federico has now given up these guides and switched to Linux (he wrote), but I found that this did still work with W10 1909 when I tried it on a spare disk a few weeks ago. I normally use W8.1, but out of curiosity I check out the new W10 version/”feature upgrade” every few months to see if W10 is improving (it isn’t!).

          Your words about Telemetry are probably the best I have read about this subject on this site or elsewhere. 100% spot on!

          HTH. Garbo.

           

          3 users thanked author for this post.
          • #2169775 Reply
            Cybertooth
            AskWoody Plus

            BTW: Federico has now given up these guides and switched to Linux (he wrote), but I found that this did still work with W10 1909 when I tried it on a spare disk a few weeks ago.

            Good post, Garbo–and thank you. It was interesting to read Federico Dossena’s explanation for abandoning Windows 10:

            With the release of the 1903 update a few weeks ago, which broke a lot of things on my computer, I just couldn’t take it anymore; I’m sorry to let you down but Windows nowadays is as unstable as a c***** arch linux distro, I cannot be productive if the OS keeps breaking with every update.

            Thanks for telling us about Federico’s site. You know what I’ll be reading this weekend!  🙂

             

        • #2169721 Reply
          bbearren
          AskWoody MVP

          Yeah, great. With you and bbearren all the way on this one. Problem is… What you WANT to have is a backup that was made (and verified) within MINUTES of the time the update occurs, so you can be SURE you have captured EVERYTHING of value.

          Not entirely true.  The point is to have a comprehensive backup system.  What you’re suggesting is not at all necessary.  I have tinkered and plundered the innards of Windows 7/8/8.1/10 many, many, many times, and had to restore the appropriate drive/partition images many, many, many times.  Nothing is lost or lacking.  Task Scheduler creates weekly drive/partition images early every Sunday morning.  Task Scheduler copies my data to my OneDrive folder daily, which is synced with my NAS’ OneDrive folder.

          Under the current Win10 update regime you cannot do that because you typically do NOT have control over EXACTLY WHEN the update will occur. So the best you can do is an approximation… what the machine state looked like when the backup program was last run, NOT what the state of the machine was just prior to the update.

          I have never been interrupted by an update during my “working” hours.  Never.  The doom and gloom portrayed in tech news is frankly not as bad nor as widespread as they would have us believe.

          Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
          "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
          "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

        • #2169738 Reply
          joep517
          AskWoody MVP

          Backups have always been a point in time. Even if you do a backup immediately before applying an update it is still a point in time. Most people are not willing to endure the overhead it takes to do “real time” file backups. Most people don’t’ really need that either. A good backup regime is meant to get you to a known good state so you may recover from that point forward. If you are doing real time backups all you are doing is inviting problems to replicated when you restore the most recent backup which is what most would do. Trying to determine when a problem was injected into a system is very time consuming and difficult.

          In a former lifetime, I’ve architected and written OS code (not Windows), device drivers, major modifications to packages, and applications used worldwide. Telemetry was expected to report events that occurred or capture error information in dedicated error reporting routines. It is up to the people interpreting the telemetry to determine further action. That action may be additional debugging code, further isolated testing, or identifying an issue and correcting it. If you do not have telemetry available you are shooting in the dark as distinct problems many times have the same external symptoms.

          --Joe

          2 users thanked author for this post.
        • #2169753 Reply
          Susan Bradley
          AskWoody MVP

          Yes you can control when updates occur.  Also I backup daily.

          Susan Bradley Patch Lady

          2 users thanked author for this post.
        • #2169833 Reply
          jabeattyauditor
          AskWoody Lounger

          Under the current Win10 update regime you cannot do that because you typically do NOT have control over EXACTLY WHEN the update will occur.

          One nit to pick – you can have EXACT control over update timing, you just have to know how, and you have to purchase the correct software.

          In my opinion, if an individual doesn’t know how to control updates, and doesn’t know enough to purchase the correct software, that individual should accept Microsoft’s default patch timing scheme. They’ll be better served by it than by trying to follow a series of steps, tricks, and procedures that they don’t understand, and they’ll avoid having their systems in an unsupported and/or unsupportable state (I have update A but not update C except on Thursdays when the Moon is blue).

          How many of the complaints here start with a simple “I applied update C and now my system is toast – #%$@! Microsoft can’t get it right!” then 75 posts later they end with something like “Why didn’t update C work properly with my highly-customized installation of ‘NoUpdates4Jonah v. 000.z.231?’ #%$@! Microsoft!”

          The constant “#%$@! Microsoft” rants would be so much more palatable if they were accompanied – just every once in a while – with a simple “You know, I messed with this SO MUCH that the most recent update just imploded. Lesson learned.”

        • #2169856 Reply
          OscarCP
          AskWoody Plus

          EstherD: having been there myself, I agree 100% with your opinion, my own experience probably also dating to the same distant time you recall here (when there were still new or newish Digital computers around). But I also find it conceivable that the motivation for garnering reports on how our PCs are doing via telemetry might have a different objective than figuring out what is wrong with Windows, etc.: it saves MS time and money having people employed to provide (?!?!) answers to its angry customers. They learn that something might be wrong directly instead, then they try to figure it out… and the average result of this process speaks for itself.

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

      • #2169676 Reply
        Alex5723
        AskWoody Plus

        ” Bottom line it’s my personal opinion that you need to be more scared of ransomware than of updating. ”

        I think you are wrong here. Ransomware doesn’t hit each month 1B Windows PCs. Windows updates do.
        So the chance of your PC rendered useless with $thousands in damages is way greater that being hit by ransomware, virus, identity theft…

        • #2169735 Reply
          bbearren
          AskWoody MVP

          So the chance of your PC rendered useless with $thousands in damages is way greater that being hit by ransomware, virus, identity theft…

          That statement is patently false, not born out in the least by data.

          Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
          "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
          "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

          4 users thanked author for this post.
          • #2169757 Reply
            Alex5723
            AskWoody Plus

            So the chance of your PC rendered useless with $thousands in damages is way greater that being hit by ransomware, virus, identity theft…

            That statement is patently false, not born out in the least by data.

            OH Yes it is. Just read the forum for posts here where tens/hundreds PC/servers were hit by a Microsoft update bug and administrators had to work days to bring them back to life. There are many such stories here. Each such incident = $ten-thousands in damages.

            1 user thanked author for this post.
            • #2169852 Reply
              bbearren
              AskWoody MVP

              bbearren wrote: Alex5723 wrote: So the chance of your PC rendered useless with $thousands in damages is way greater that being hit by ransomware, virus, identity theft… That statement is patently false, not born out in the least by data. OH Yes it is. Just read the forum for posts here where tens/hundreds PC/servers were hit by a Microsoft update bug and administrators had to work days to bring them back to life. There are many such stories here. Each such incident = $ten-thousands in damages.

              I reiterate: your statement, as quoted (note the bold, please) is patently false, not born out in the least by data.

              The chance of my PC (and any other properly prepared PC) “rendered useless with $thousands in damages” is nil, nada, zip, ain’t gonna happen, etc.

              Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
              "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
              "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

            • #2169868 Reply
              b
              AskWoody Plus

              Just read the forum for posts here where tens/hundreds PC/servers were hit by a Microsoft update bug and administrators had to work days to bring them back to life. There are many such stories here. Each such incident = $ten-thousands in damages.

              Please point me to just one post here where hundreds of computers were hit by a Microsoft update bug causing multiple administrators to work for multiple days to bring them back to life (or anything that may have cost damages amounting to tens of thousands of dollars).

              Windows 10 Pro Version 2004: Group ASAP (chump/pioneer)

              1 user thanked author for this post.
      • #2169672 Reply
        anonymous
        Guest

        With Microsoft, more than fear, it should be rage. A multibillion-dollar company doing the same thing for decades and still has problems that a relative new company like 0patch fixes with less drama.
        By the way, a quick note regarding backups and fear: if the ransomware exfiltrates data, it won’t save you.

        1 user thanked author for this post.
        • #2169739 Reply
          bbearren
          AskWoody MVP

          By the way, a quick note regarding backups and fear: if the ransomware exfiltrates data, it won’t save you.

          Again, I’m talking about a comprehensive backup regimen.  Until someone codes some ransomware that can jump an air gap, my data, my entire PC, is completely safe from ransomware.

          Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
          "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
          "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

          1 user thanked author for this post.
          • #2169754 Reply
            Susan Bradley
            AskWoody MVP

            What he said.  Macrium and the paid version that changes the permissions on the external drive so that Ransomware cants get to it

            Susan Bradley Patch Lady

            2 users thanked author for this post.
            • #2170015 Reply
              anonymous
              Guest

              >>changes the permissions on the external drive so that Ransomware cants get to it

              It works both ways. You just need a ransomware that flips the switch. Like some do to stop Microsoft Defender protections. With Macrium Image Guardian, find a Windows EoP and then it is game over.

              My recommendation. Keep your backups offline. Use a removable rack if it is needed.

          • #2170001 Reply
            anonymous
            Guest

            >>Until someone codes some ransomware that can jump an air gap

            There are many ways to exfiltrate data in air-gap cases. It is a long topic, you can read https://hackaday.com/2017/02/02/hacking-the-aether/ as an introduction and then Google some more.

            • #2170094 Reply
              bbearren
              AskWoody MVP

              >>Until someone codes some ransomware that can jump an air gap There are many ways to exfiltrate data in air-gap cases. It is a long topic, you can read https://hackaday.com/2017/02/02/hacking-the-aether/ as an introduction and then Google some more.

              I didn’t find any method even remotely capable of reading data from afar off of a 3TB HDD unplugged and in storage.  Maybe I should have specified “Dead Air Gap”.  The storage drive to which I refer has no power, no connection, is not in a PC.  It’s in a box, dead.

              I’m not afraid of ransomware.

              Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
              "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
              "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

              1 user thanked author for this post.
              • #2170723 Reply
                b
                AskWoody Plus

                I think the point being made was that some ransomware now steals data before encrypting it, and threatens to distribute or sell it if the ransom is not paid. A backup doesn’t stop your data being broadcast or marketed. (This clearly applies more to businesses whose data has some potential value, or whose corporate reputation or insurance premiums can be easily damaged by a published breach.)

                Windows 10 Pro Version 2004: Group ASAP (chump/pioneer)

              • #2170784 Reply
                bbearren
                AskWoody MVP

                A backup doesn’t stop your data being broadcast or marketed. (This clearly applies more to businesses whose data has some potential value, or whose corporate reputation or insurance premiums can be easily damaged by a published breach.)

                Yes, clearly.

                I’m not afraid of ransomware.

                Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
                "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
                "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

          • #2170108 Reply
            HappyElderNerd
            AskWoody Plus

            I automatically run a scheduled backup script on each and every computer, with the schedules set so that only one computer at-a-time is performing a backup, all starting after my customary quitting time for the day (I’ve got five Windows systems).  I create a unique, local partition on each computer for a “cascade” of backups.  The cascade is simply a pattern of subfolders:  The script merely deletes the last folder (and contents) down the list, and then creates a new, empty folder for today’s backup at the top.  The number of subfolders is up to you.  (Do ya feel lucky?)

            One of those computers also has an additional external drive, to which all backups are copied, automatically, every night, from the local backup drive, to that central drive…I change that drive every few weeks, and have a few (six) in rotation.

            After each backup is added to the top of the cascade, then copied to the central cascade, the script then shuts down the computer.  So, I could, theoretically, go back as far as 42 days to recover any system, if needs be.

            I believe in the value of redundancy…and the cost of 1TB drives is significantly lower than the angst of having to rebuild a computer from scratch!  (Admittedly, I started with one backup on one computer…but, like Topsy, it “…just growed…”)

            It’s all automated, so I never forget to do it; it’s after hours, so I can relax with my family, and it has “saved my bacon” many times over the past decade.

             

            I’m not sure this is the place for this…I invite the Leadership of these fora to move it where you think it would be most appropriate.  –CAO

            1 user thanked author for this post.
        • #2170538 Reply
          rc primak
          AskWoody_MVP

          a relative new company like 0patch fixes with less drama.

          Do we have statistics on how often their patches have broken Windows PCs, or interacted with future MS Windows patches and caused issues?

          -- rc primak

          • #2171280 Reply
            anonymous
            Guest

            Maybe if they implement telemetry like MS does. The important thing here is this: they don’t actually mess with your system, changes are on the fly. Whereas MS can render your system kaput. I know, that is what backups are for, but that also means you have the down time, the extra work, the unnecessary wear of your SSD/NVME, etc.

      • #2169720 Reply
        agoldhammer
        AskWoody Plus

        For me this is all a tempest in a teapot.  If personal users don’t like MSFT, they can switch to IOS or Linux and still do most of the work they normally do (unfortunately Adobe photo apps are not ported to Linux).  I’ve been using MSFT OS going back to the MS-DOS days.  I cannot remember an OS patch every causing any issues for our home PCs.  The two Win10 PCs we currently have are set to update 16 days after the initial release of patches and 75 days for the OS changes.

        Anyone doing critical work should have a separate data drive and for protection a second one where data is backed up.  I have mine configured to do a full OS system image weekly just in case something really goes wrong.

      • #2169731 Reply
        Brocktoon
        AskWoody Lounger

        I had intended to keep my system on pause for updates, but this morning I updated my relatives computer without issue.  They have a new Dell laptop Win10 1909 running Norton.

        I have a new Dell XPS8930 desktop also running Norton with win10 1909 … decided to give the update a shot and everything seems to have updated fine!

        So that’s 2 more data points for the 1909 update, and it appears  at least for me that Norton isn’t causing update issues on newer Dell machines

        1 user thanked author for this post.
      • #2169752 Reply
        Barry
        AskWoody Plus

        I am not sure why my original post was deleted but let me try again.

        First thank you Susan for a well thought out and written Post. There are many of us on this site who every month report that we download all updates as soon as they come out with no problems . We are ether ignored or shouted  down. I think in many cases instead of screaming about Microsoft you should be taking a long hard look at your own computer and how its configured.

        I have long believed but can offer no proof that the large majority of problems people have with patches are due to third party apps that try to force Windows into doing things it was never meant to do. In my many years of using win7 and now many years of using win10 i can count on one hand the number of problems i have had and they were all minor. i too do regular back ups but to be be honest i have been forced to use one.

        Barry (Seeker)
        Windows 10 Home V 1909

        1 user thanked author for this post.
      • #2169756 Reply
        DriftyDonN
        AskWoody Plus

        Some say if you have issues w/ windows(MICROSOFT) use linux,IOS or whatever. So, you folks say “let ’em eat cake?” Really.

        Regarding Susan’s opine, I respectfully have to ask does msfts telemetry collection of EVERY machine running windows REALLY come under scrutiny to determine what needs patching/repairing? Not a chance. It’s a scatter gun approach and anything on MY computer is not taken into consideration to any real effect. If it were there would NEVER be any problems with the coding they force feed us(eventually.) There is no responsibility taken by them(and they say so up front, always have.) So damage hardware all over the world w/ no consequences and charge an exorbitant price. Nice for them.

        What came first? Hardware or software?

        BTW, this is not a personal attack- I admire Susan and woody very much. I’ve been playing w/ pc’s since keypunch days. Not to say I have an IT degree-just alot of self taught experience. Windows 10 is so different from ANY windows OS that its not truly even a cousin IMO. Having to relearn almost from ground up is proof positive to me. I suppose I have to say I skipped win8-which was a foretaste from what I heard- cancer has a way of taking time away from msfts shenanigans.

        Tirade end. 🙂

        Peace and love everyone!

        DriftDonN

         

        2 users thanked author for this post.
        • #2170543 Reply
          rc primak
          AskWoody_MVP

          So damage hardware all over the world w/ no consequences and charge an exorbitant price.

          When has any Windows or Office patch ever damaged PC hardware? Software breaks, the OS breaks, web browsers break. Occasionally, firmware gets messed with. But hardware?

          All I have ever had to do to recover from a bad MS update was to restore the partition(s) using a free system imaging program. Never had to throw out the PC and start over, or replace any PC hardware. Maybe (rarely) restore a previous firmware version.

          I’ve had to spend time and effort to recover from bad MS Updates, but never had to spend money on replacing hardware.

          -- rc primak

          • This reply was modified 1 month, 1 week ago by rc primak.
          1 user thanked author for this post.
          b
        • #2170549 Reply
          rc primak
          AskWoody_MVP

          For me it was Windows 8.0 not Windows 10 which was the jarring transition vs. Windows 7. You may have missed that “transition”. (More like a world-shattering jarring discontinuity for me.) It was at that point that I began using Linux as my everyday operating system. I just keep my toes in the water with Windows 10 these days.

          -- rc primak

      • #2169768 Reply
        Carl
        AskWoody Plus

        While I agree with what Susan has said, there are also reasons why some people (including myself) should follow Woody’s advice and defer this month’s CU. Like Susan, none of my clients have reported borked systems – at least not yet.

        At the top of the list is the lack of transparency on the part of Microsoft. Simply stating that they are “aware of the problem and investigating” with NO ongoing progress reports is simply unacceptable. More than likely, telemetry doesn’t provide much in the way of useful or actionable metrics in this situation. Apparently, for those who experienced the profile issue, the patch installed without error.

        In my case, I have gone to extremes to prevent the CU from installing on one of my Win 10 machines. Why? Well for one, it is an AMD 3800x build with some cutting edge components (WiFi 6, PCIe v4 bus, multiple PCIe v4 M.2s, 2.5gb ethernet, etc.). Susan believes the problem is a race condition (or maybe timing related). If so, is a machine with 8 cores that boots to desktop in 3 seconds at a high queue depth (with fast boot, hibernate etc. disabled) more likely to fail? Is the problem related to recent drivers for this relatively new hardware?

        By now, Microsoft has most likely identified the hardware (OEM, computer SKUs) that seem to be most impacted. They probably know the cause for many of the failures. It’s a certainty that OEMs and software vendors are aware and are in communication with Microsoft. Any information from Microsoft, even if incomplete or unverified, would help.

        Because of Microsoft’s lack of transparency, however, I cannot make an informed decision. Yes, I have multiple off-line backups (image, differential), separate USB backups of critical files, and data is even synced to a Win 7 ESU fallback machine. Even so, if this AMD machine gets bricked, it’d take days to do a bare metal restore since it contains more than 4 million files (terabytes). This is time I cannot afford to lose.

        I suspect that installing the CU would not cause issues on this computer. I know that the security risk of not installing the CU is probably greater. Still, the risk of patch failure is too high for me because of time constraints. I’m therefore following Woody’s advice. For people that only have one computer, or don’t have a disaster recovery plan or in-depth computer experience, they may also choose to follow Woody’s advice. None of us want to become “cannon fodder”.

        Let’s be honest here, Microsoft’s track record hasn’t been great lately. I fell victim to the 1909 GUI search bug after installing a CU which initially rendered the computer not usable. Because of the unusual manner in which the computer was behaving, I thought bad actors had taken control of the computer and I wasted time barking up the wrong tree.

        So, each to his own I guess …

        2 users thanked author for this post.
        • #2169770 Reply
          jabeattyauditor
          AskWoody Lounger

          More than likely, telemetry doesn’t provide much in the way of useful or actionable metrics in this situation. Apparently, for those who experienced the profile issue, the patch installed without error.

          What telemetry most likely provides in these cases is an opportunity to know how big the issue will eventually be.

          For example, if Patch A is a problem for some folks, and that problem can eventually be found to be caused by Configuration B, then knowing how many systems in your installed base have Configuration B would help you decide how many resources to assign to resolve the issue, as well as the urgency of the situation.

          Conversely, if Patch A is found to affect everyone, you put all hands on deck, pull the nasty patch, and push Patch B as soon as possible.

          Properly-configured and properly-analyzed telemetry would make that possible.

          I don’t know if we can have that telemetry-collection and analysis process be completely transparent without also making it a completely-exploitable avenue of attack for the rotten folks out there.

          1 user thanked author for this post.
          • #2169781 Reply
            Carl
            AskWoody Plus

            This is precisely my point though.

            Microsoft could at least provide some basic metrics for public consumption without giving up the ghost. I’m reasonably confident that my Intel Z97 builds, for example, would have no issues with the CU. Newer machine configurations that aren’t in widespread use yet – no so sure. (Sorry, I’m showing my age. I grew up in a time when computers literally were “machines” e.g. punch cards, tape storage, line printers. They were called “computing machines” or simply “machine”.)

            At this point, MS has given no indication in terms of numbers, types of hardware, possible interactions with drivers, A-V, third party software, etc. For system builders, any information is better than silence.

            • #2169788 Reply
              jabeattyauditor
              AskWoody Lounger

              At this point, MS has given no indication in terms of numbers, types of hardware, possible interactions with drivers, A-V, third party software, etc. For system builders, any information is better than silence.

              I’d bet that most of the larger system builders are constrained by NDAs – we wouldn’t necessarily know until after the fact that MS and Dell (for example) are working to resolve problems with a particular patch.

              I generally agree that more information is preferable to less, but I’d also want those information releases to be balanced by the fact that too much info sometimes serves to assist the malevolent types.

              • #2169795 Reply
                Carl
                AskWoody Plus

                NDAs? I’d bet you’re right too. Small potatoes like me usually don’t have those constraints except when Federal contracts are involved.

                Agreed – too much disclosure may tip off bad actors and also scare those not experienced enough to interpret the data correctly (the sky is falling).

                I don’t know what the answer is, but I do know the Windows 10 “nanny” approach isn’t working for many – consumers and businesses alike.

      • #2169804 Reply
        anonymous
        Guest

        Meaning of ‘issue’: Does it mean ‘problem’ or ‘matter’ (perhaps contentious) or something being delivered (eg from a pipe or chute) or what?

      • #2169824 Reply
        Fred
        AskWoody Plus

        You’re right, but consider…

        Susan’s audience is IT Pros.

        My audience is Dummies. Of which I am one.

         

        I do agree with Woody. A really good pro ought to act in a humble and simple way, and prepare for infectiondamage; Instread of acting to know it all, like most admins tend to. (no offence ment). Patience is always a good advisor

        After all.. Just because we're paranoid doesn't mean they aren't out to get us.
        2 users thanked author for this post.
      • #2169826 Reply
        MrJimPhelps
        AskWoody_MVP

        Excellent post, Susan. I agree that for most regular folks, there will be no problems.

        Update problems generally occur if you have old software or hardware, or if you have something that is really unique, such as a really oddball piece of hardware or software. On occasion, Microsoft is tightening up on a security hole that has needed closing for a long time (e.g. SMBv1). Up until (and including) 1803, you could connect Windows 10 to an SMBv1 server. But starting with 1809, you couldn’t. That is, unless you went into Setup and checked the box allowing you to connect. If you did that before trying to connect, you would have no problem. If you knew to check the box, you didn’t consider it to be an update issue. But if you didn’t know, you would probably think that Microsoft broke something with 1809.

        Here’s how I do updates:
        * I delay them for seven days – this gives Microsoft a chance to fix a broken update. It also gives me a chance to stop the update before it is installed. Seven days isn’t much of a delay, so I will basically be up to date all the time.
        * I don’t allow driver updates – if it ain’t broke, don’t fix it. If your devices are working just fine, you do not need a driver update. If you have a reason for a driver update, you can always do it manually; but you are asking for trouble if you let driver updates happen automatically.
        * I don’t allow preview updates – I don’t want to be a beta-test user.
        I set all of this in Group Policy, to make sure that it happens this way. And I also limit auto-update reboots so that they occur while I’m not using the computer (e.g. from 1AM to 5AM).

        Group "L" (Linux Mint)
        with Windows 8.1 running in a VM
        • #2169855 Reply
          Charlie
          AskWoody Plus

          * I don’t allow driver updates – if it ain’t broke, don’t fix it. If your devices are working just fine, you do not need a driver update. If you have a reason for a driver update, you can always do it manually; but you are asking for trouble if you let driver updates happen automatically.

          In this day of “Rollup, everything in one huge pile” updates that MS foisted upon us back in 2016, I wasn’t aware that driver updates could be pulled out or otherwise gotten separately.  This has been one of the main reasons that I’ve been a Group B updater – not knowing what on earth I might get that I don’t want!  Can other things be separated?  Does this apply only to Win 8.1 or 10?  It’s news to me.  Thanks.

          Win 7 Still Alive, x64, Intel i3-2120 3.3GHz, Linux Mint 19.1

          2 users thanked author for this post.
          • #2169875 Reply
            Carl
            AskWoody Plus

            Drivers are separate in Windows 7 and long before that and to this day. I’m still a Group B (and L), but for other reasons.

            The problem with Windows 10, is that it has been known to overwrite newer, certified drivers with older ones, particularly video (nVidia). Or it may overwrite a known good driver with an incompatible one. Hence the reason why some, like myself, block driver updates.

            • #2170554 Reply
              rc primak
              AskWoody_MVP

              What you just posted about Windows 10 CUs sometimes overwriting OEM drivers means that these rollups don’t allow separation of drivers from CUs. Not to mention all the changes a Feature Update imposes…

              -- rc primak

              • #2170815 Reply
                MrJimPhelps
                AskWoody_MVP

                Are you saying that a driver update may be included in the standard “roll-up” update, thereby making it impossible to block if you refuse driver updates?

                Bummer. Microsoft should at least keep driver updates out of the standard “roll-up” update.

                Group "L" (Linux Mint)
                with Windows 8.1 running in a VM
              • #2170825 Reply
                bbearren
                AskWoody MVP

                Bummer. Microsoft should at least keep driver updates out of the standard “roll-up” update.

                I don’t believe driver updates are included in CU’s.  Even if they were, if Group Policy > Administrative Templates > Windows Components > Windows Update > Do not include drivers with Windows Updates is enabled, driver updates won’t be installed.

                I know that there is a Windows update for my Intel HD Graphics 4600 Display adapter, but it’s still running Intel Driver Version 20.19.15.4531, a Microsoft Windows Hardware Compatibility Publisher.  Driver updates are the only updates I have blocked, and I am fully updated otherwise with everything else Microsoft has offered my PC.  So either driver updates are not in CU’s, or Group Policy keeps them from being installed if they are.

                Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
                "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
                "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

      • #2169857 Reply
        Canadian Tech
        AskWoody_MVP

        Woody has good reason for his advice being different from yours. As I see it, you present advice for enterprise IT folks. Woody provides advice for the rest of us.

        Updating for enterprise installations has very different requirements because the need for security is dramatically and substantially greater.

        The threat profile has changed radically in the last 10 or 20 years. Threats are principally coming from criminal organizations seeking to profit from the damage they can do. In years gone by, the threat was the nerd in the basement out to have fun. The criminal organizations know that there is little if any profit to made from damaging joe/mary-ordinary.

        CT

        4 users thanked author for this post.
      • #2169865 Reply
        Noel Carboni
        AskWoody_MVP

        Like Susan I often “jump the gun” and do my own update testing (e.g., in virtual machines) because I have the skills to repair/restore from backups in a pinch. I haven’t, however, chosen to put in February’s updates yet on the systems I care most about.

        I do want to say one thing, though: I dislike it when companies or people try to motivate other people into acting by holding the specter of Ransomware or other malware up as a sole reason to act. Don’t do things out of fear! Weigh your risks, take your time. And don’t hope that someone else will make decisions for you. If you don’t feel you have enough info, seek it out. Wait until things are more clear. Common sense stuff.

        Sure, malware can be scary, but it’s not a given that you’ll fall victim to it if you just practice common sense while computing.

        -Noel

        5 users thanked author for this post.
      • #2169878 Reply
        OscarCP
        AskWoody Plus

        The advice given in this thread is useful to those with the necessary skills to create disk images, use them to restore the system from serious malware attacks such as ransomware ones and, most particularly, know what to do when (as sometimes happens with anything we do) the restore fails and leaves a mess in the hard drive or SSD, instead of the desired outcome: a restored system plus personal data and applications that do not have to be reinstalled, exactly as if something bad had never happened.

        That does not help much the majority of users, that consists of those who try to deal with their computers the way they do with their other home appliances. That computers are not like other home appliances — although, in an ideal world at least, they ought to be — obeys to many, many reasons. But the fact remains that those reasons are of no help from the particular point of view of the average home or small business user. Which makes for jobs for technical savvy people that set up shop to help those who can afford their services. (Some do it on a voluntary basis, of course, and that is a most excellent thing to do.)

        As Woody has pointed out, here, now, as well as in several previous occasions, Susan Bradley writes for IT people, not common users, but, in my most humble opinion, it might be a good idea if this fact were to be made very clear in each and everyone of her posts, at the very top of her initial comment. Just a thought.

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

        5 users thanked author for this post.
        • #2169881 Reply
          Canadian Tech
          AskWoody_MVP

          Oscar, I could not agree more!!

          CT

          1 user thanked author for this post.
        • #2170558 Reply
          rc primak
          AskWoody_MVP

          For the home user who does not want to get involved with detailed selective patching the best practices are fairly simple:

          1. Make data backup your priority, not system backup. Use Cloud Sync wherever it’s available, and/or set up Windows File History locally.
          2. Weekly or twice-monthly, back up the File History drive (simple copy operation) to a second, identical drive. Keep two copies of  these File History backups. (The primary drive plus the backup drive.) Store the copies away from being connected to the computer. Alternate drives, so that File History gets updated both in the primary drive and the backup drive.
          3. Do not mess with any default Windows or software settings. This includes automatic updates as patches and Feature Updates are issued. This makes restoring a system mush easier. Use Refresh and Reset to handle any software or OS issues.
          4. Let someone else do anything more technical you may need done. Don’t be afraid to ask for help if you don’t understand what is going wrong. It’s likely to be “end user error”, but advice and help would still be worth the price.

          In other words, most folks would be happiest if they treated Windows PCs like Chromebooks, iPads or phones. The main difference is that PC software can be downloaded and installed from sources other than a Company Store.

          We have to keep things simple for most folks. They just want to use a computer, not master its intricacies.

          The advice offered at this site and in these forums is not always aimed at the typical home user. But all are welcome to come here and look around. Then decide if you are ready to get into some system details.

          -- rc primak

          • This reply was modified 1 month, 1 week ago by rc primak.
          • This reply was modified 1 month, 1 week ago by rc primak.
          • This reply was modified 1 month, 1 week ago by rc primak.
      • #2169879 Reply
        anonymous
        Guest

        Speaking of motivating other people to act, computer viruses do have some similarity to real viruses.  If you don’t have good backups, or time to do a restore, as an individual it benefits you to avoid updates until someone else has told you they are good.  But, if enough people avoid a security update, that lowers the herd immunity and makes criminals more likely to try to exploit the security flaw.  If all users automatically got the security patches in a few days, there would be little reason to try to exploit those flaws.  So, it is in Microsoft’s, and everyone’s, interest to try to make it hard for most other users (other than yourself) to avoid automatically getting the patches.

        I wish I had data to back it up, but one or two decades ago, most computers I looked at for users were not up to date, had expired antivirus software, and a large portion maybe over a third had viruses.  With Windows 10, most people do not know how to turn off updates and I rarely see a computer that is not updated or has expired antivirus, and I don’t see viruses anymore except for users who seek out the darkest corners of the web.

        If users could learn to backup their system and data more often, that is the main thing I would want to tell them.  Also many people only have a few files and data for a few programs that are really important to them, and if they would copy those to some backup it would make everything easier.  Woody seems to be recommend Chromebook more often, and threads about how to make kiosks seem to recommend Chromebook more often.  If you trust Google, I can see why people would enjoy not having to worry so much about backup.

        1 user thanked author for this post.
      • #2169921 Reply
        anonymous
        Guest

        I know this goes against most thought. But I wish to point out one possible DISADVANTAGE about backups.  Most IT may tell their clients to DELETE their backups after a virus attack. This is because the virus is likely in the backup and using that backup will just reinfect the computer. And with the nasty malware out there, their payload can stay hidden for a long time. While sometime backups are a great idea, depending on a backup only, can backfire.

        • #2169929 Reply
          Carl
          AskWoody Plus

          Hence the need for incremental and image backups as well as storage media rotation (or possibly more than 1 cloud provider if that’s the strategy). The last small business I worked with that was hit by ransomware had to go back two sets (1 day lost).

          Even on my home network, I use multiple external hard drives for backup. Also, separate ones for imaging purposes. No near-line backups. Also keep a dedicated computer that is synced every three days or so with it’s own separate set of backups.

          I do realize this not feasible for most users here though.

          1 user thanked author for this post.
          • #2170564 Reply
            rc primak
            AskWoody_MVP

            I am not a fan of incremental backups. If even one link in the chain is corrupted or infected, this can affect the whole backup set. I use full backups. And three copies (original drive plus two archival drives.) But then, I only do one or two backups for my system each month, and I only support three PCs at most. (One archival drive would probably suffice — I haven’t had issues affecting two backup drives at once, as long as they are kept separate from each other.)

            -- rc primak

            1 user thanked author for this post.
            • #2171056 Reply
              Paul T
              AskWoody MVP

              Use the consolidate feature to create a single backup regularly.

              cheers, Paul

              1 user thanked author for this post.
      • #2169936 Reply
        Zaphyrus
        AskWoody Lounger

        I think we should let people choose,  I prefer to wait until Mr.Woody gives the greenlight, since not everyone has backup software or archives.

        but I think   that if people think that updates dangerous, shouldn’t they skip it? (its the safer way for them I guess) , nothing gonna happen if you skip 1 month of updateds, (unless we are talking about 2 months or more..)

         

        Just someone who don't want Windows to mess with its computer.
        • This reply was modified 1 month, 1 week ago by Zaphyrus.
      • #2169937 Reply
        James Bond 007
        AskWoody Lounger

        I would like to believe I know a bit more than most “dummy” users on PC issues, but I am not an IT Pro, nor do I want to be one. I do have the necessary expertise to create disk images and recover from problems, but that’s about it.

        As Canadian Tech said, security requirements in the Enterprise is stricter than us users. As Susan’s audience is the Enterprise IT, I can understand her views, but I disagree with and won’t adopt her advice on this issue. I place my computers’ stability over their “security” every time.

        Personally, I have no wish to act as a tester for Microsoft, nor do I want to become “cannon folder”. I will wait for as long as I want, until the time I am satisfied that installing these updates won’t cause any significant problems on my machines. For example, after Meltdown/Spectre broke out in January 2018, I decided that the updates Microsoft put out at the time had far too many problems, and I therefore waited several months (until early June) to patch my Windows 7 systems. During the time period from January to June 2018 ALL my Windows 7 machines were on December 2017 patch level, and I didn’t have a problem.

        I have been wary of the quality of Microsoft updates ever since its CEO decided to fire its testing department and replaced those testers with “Insiders”. And I don’t think there has been any improvement on this more than 4 years after the release of Windows 10. I therefore require FULL CONTROL of ALL updates (including drivers and security updates) including the right to decide when to apply them. Windows 10 (at least in its default configuration) does not offer that, which is one big reason why I am still on Windows 8.1 and Windows 7.

        I know I will eventually be forced to Windows 10 (well, at least some of my machines) so I have been experimenting with the LTSC version of Windows 10 1809. I use a group policy setting to completely disable Windows Update (meaning it will NOT search for, download or install updates on its own) and it seems to be working for me. It also has patch support for 10 years and will not be offered feature updates (to 1903 or whatever). So this is probably what I will be going to in the future, but NOT before the end of support of Windows 8.1.

        If you are OK with installing updates (on any version of Windows, but in particular Windows 10) soon after they arrived and you don’t encounter significant problems every time you do that, good for you. I won’t adopt such a policy as I consider it too risky, but I am not going to persuade you to my view either. Let’s agree to disagree.

        Hope for the best. Prepare for the worst.

        6 users thanked author for this post.
        • #2169945 Reply
          Canadian Tech
          AskWoody_MVP

          007, you are so right!!

          If you will recall, i am strictly on Win7. I look after 120 Win7 systems.

          Update:

          Not one of those 120 machines has had a MICROSOFT update since May, 2017. That is 33 months now. not a single instance of any kind of a problem. Those machines are so stable and reliable that my phone rarely rings. My support work has fallen of by 90%.

          Again, not one of them are in an enterprise. Just ordinary folk.

          I did this 33 months ago because I decided the risk of fouling up these systems from allowing Microsoft updates was far greater than the risk of not installing them. 3,960 computer operation months later, the proof is positive.

          CT

          5 users thanked author for this post.
      • #2169979 Reply
        anonymous
        Guest

        “You’re right, but consider… Susan’s audience is IT Pros. My audience is Dummies. Of which I am one.”-Woody

        I agree fully with Woody.

        For the average non-techie doctor, lawyer or college student, following Woody’s Defcon ratings are warranted and cause less man-hours repairing computers. Microsoft has been hostile and not transparent towards a portion of their users. Further, not all MS customers can spend huge amounts of time and money on MS products or new equipment.

        Susan runs some Domain controllers and domain attached clients. When Susan says “all of the machines” under her control… I wonder what if she is saying all domain members machines and domain controllers. This not very helpful to the average Microsoft user.

        2 users thanked author for this post.
      • #2169999 Reply
        anonymous
        Guest

        I don’t like the logic here. You do not ignore something simply because it may be rare, if you don’t know how frequent it actually is. The risk is not worth it–if you screwed up all of those computers under your control because you decided to go ahead, you’ve just made a whole lot more work for yourself in having to fix them.

        There is no reason for an arbitrary time limit for when things become insecure. You are not at significantly more risk waiting two months to patch instead of one. If you have sane policies, it shouldn’t be a huge deal.

        As for Ransomware–you should already have that mitigated. Not only the backups everyone mentions (which do at least require some downtime to implement), but also blocking unauthorized software from running and having proper Ransomware detection that would stop any ransomware before it gets very far, because it can detect thta files are getting encrypted in some way.

        I don’t even worry about ransomware on my home computer, which isn’t as locked down, because I have multiple mitigation strategies for Ransomware employed. It’s no more scary than any other malware.

        Bottom line, I don’t fine any of the logic used in Patch Lady’s post compelling. I would not follow her advice on this issue. I would only deploy if I had some way of knowing with reasonable certainty that I would not face the profile problem. I wouldn’t just assume that a problem is not widespread because we lack data.

        And, no, I would not expect any security-minded organization to turn telemetry on. I expect it to be turned off on all software, not just Windows. The good it provides can be adequately substituted with a good IT staff that voluntarily reports data for bug reports and such, without risking sending data they don’t want to give out. There’s no need to trust a black box.

        4 users thanked author for this post.
      • #2170079 Reply
        anonymous
        Guest

        Windows 10 Pro ( 1903 )

        I did an image first and then installed the Feb. updates this morning and surprise!, no bugs or profile problems to report. All went well.

        1 user thanked author for this post.
      • #2170328 Reply
        Kranium
        AskWoody Lounger

        No one runs to a tech forum announcing that they survived the update.

        Actually, plenty do, and there’s even some here. Definitely a minority, but they do tend to repeat themselves a lot.

        Group B for WIN7 w/ ESU, plus trying out Linux builds in dual boot.

        2 users thanked author for this post.
        • #2170697 Reply
          bbearren
          AskWoody MVP

          No one runs to a tech forum announcing that they survived the update.

          Actually, plenty do, and there’s even some here. Definitely a minority, but they do tend to repeat themselves a lot.

          We are known as Seekers and cannon fodder.  If one is properly prepared, there is no need to pause updates, no reason not to actively check for updates, no need to worry.

          If an update causes an issue, I will be happy to explore the issue as best I can, so that I can report it here.  Then I will restore my most recent drive image, and all will be right with the world once more.  For my OS partition, that takes ~6 minutes.

          I’ve been running Windows 10 since 1507, and I have yet to encounter an issue with a Windows Update/Upgrade.  If that day should ever come, I’ll report it here as soon as possible, with as much detail as I can uncover.

          I will continue to report not having any issues with updates as they are released and I install them.  As Susan said in the OP, “not every side effect is widespread”.

          Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
          "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
          "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

      • #2170726 Reply
        geekdom
        AskWoody Plus

        Looks like there are some difficulties:
        https://answers.microsoft.com/en-us/windows/forum/all/cumulative-updates-february-11th-2020/548d4ded-39a1-4270-a866-627ea7c25de6

        G{ot backup} TestBeta
        offline▸ Win7Pro SP1 x64 InUse
        online▸ Win10Pro 1909.18363.752 x64 i5-9400 RAM8GB HDD Firefox75.0 Windows{Image/Defender/Firewall}
      • #2170850 Reply
        migongo
        AskWoody Lounger

        And also looks like finally M$ recognize there are difficulties:

        https://www.techradar.com/news/microsoft-finally-acknowledges-that-windows-10-has-a-serious-problem-and-explains-how-to-fix-it

        1 user thanked author for this post.
      • #2170884 Reply
        Fred
        AskWoody Plus

        And also looks like finally M$ recognize there are difficulties:

        https://www.techradar.com/news/microsoft-finally-acknowledges-that-windows-10-has-a-serious-problem-and-explains-how-to-fix-it

        Perhaps there is a bit of movement by Micr0$0ft, I don’t see a real solution yet.yes, a lot of adds and messages how great all other things are.

        As for a common soul, I read mrs.Susans letters very careful, and try to learn. For the rest is Woodys “Defcon index” is leading, and will follow his advise. It surely has proven to be a “quiet” way to follow, as being a not-knowing-it-all consumer.  X

        After all.. Just because we're paranoid doesn't mean they aren't out to get us.
        1 user thanked author for this post.
    Viewing 30 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Lady – not every side effect is widespread

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.