• Reaffirming that we’re still at MS-DEFCON 2

    Home » Forums » Newsletter and Homepage topics » Reaffirming that we’re still at MS-DEFCON 2


    There’s still no pressing reason to install the early crop of Patch Tuesday patches. Full rundown coming in Computerworld.
    [See the full post at: Reaffirming that we’re still at MS-DEFCON 2]

    3 users thanked author for this post.
    Viewing 9 reply threads
    • #156570

      I am wondering for Windows PC users (Win 7 in my case) who want to avoid any performance hits if it is going to be generally safe to assume that if we do any online transactions or banking, that a simple reboot afterwards will clear kernel memory and thus avoid any problems? It would seem that if all I have done over the last few hours was work on a Word document or Excel spreadsheet, or maybe play an online game, that there won’t be any loot in loaded in memory that can be stolen. Obviously patching will be necessary soon, but I was hoping to wait for improved work arounds in the future, rather than applying the first patch they come up with.

    • #156628

      Group A  Win 7 X64.  No problem so far.  No slow down.  I use windows up date clean up after down loading.  KB4056894

    • #156656

      I’m missing something, I think. I’m group B so I do all my updates manually, by which I mean I download the stand-alone patches and then install them. Woody’s article in Computerworld says something to the effect of ‘for heaven’s sake don’t update manually’ (pardon the paraphrase).

      Please educate me as to what’s bad about the manual installs. (I am waiting until Defcon 3 or 4 before any installation of any patches this month.)


      • #156658

        There is a Registry entry that is made by anti-virus programs to show that it is compatible with the SO or Rollup. It prevents the Rollup from showing in WU, thus preventing the install from WU.

        However, the lack of the Registry entry does not prevent a manual install. If the AV is incompatible it can cause a BSOD. So, you need to check for the Registry entry BEFORE installing.

        AND, We are still at DEFCON 2. WAIT WAIT WAIT

        4 users thanked author for this post.
        • #156740

          OK, got it. Thanks PKCano.

          I’m definitely waiting, waiting, waiting. 🙂

          I’m running Microsoft Security Essentials and I did get the Rollup notification on Windows Update, so I should be OK with the Security Only update. I’ll grit my teeth and check the registry, though.

        • #156776

          Ah, so that’s how it works… the least elegant and consumer-friendly way possible.  Should have known, really.  Thanks for the info, though.

          With each passing day, Windows gets less and less relevant. If this is the point of reckoning with regard to Windows updates, well… it’s gotten here earlier than I expected.

          Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
          XPG Xenia 15, i7-9750H/32GB & GTX1660ti, KDE Neon
          Acer Swift Go 14, i5-1335U/16GB, KDE Neon (and Win 11)

        • #156847

          We’re Group B (and of course we are NOT updating until Woody says) but the January patches are
          not showing in WU – the December roll ups are still there- as we had installed the Security only
          manually for December. We run Norton Security and have just updated – but it is on Live Update automatically… My question/request is. When the time comes to update would someone very kindly run through the steps of being able to check the Registry to see if the AV has the correct setting please before one goes ahead and install the security patches manually. Have just changed the settings in WU to NEVER and then reverted back to Check but let me decide to download etc. and the
          same ones have been offered again, that is the December ones…… mind you I didn’t reboot and that might have triggered the new batch should our computers have passed muster.
          Once more we owe a great big vote of thanks to Woody and all those who’ve chimed in to help.
          Many thanks! LT

          There’s an indeterminate sized
          not quite full
          shining like an arrow,
          through an
          undefined gap of
          ancient Persian elegance,
          in an old and endangered Deodar Tree.

          The little red monkeys are squeaking
          and grizzling as
          and cold
          come on.
          (Can’t say I blame them.
          Would I like dark and cold, sleeping in a tree?)

          I enjoy the moon
          and the dark redbrown
          fearful colour of the mountains
          immediately post

          T’wasn’t sweet and pink tonight,
          our winter alpenglow.
          The world is trembling,
          and all life’s balance is
          nervewrackingly precarious.

          I know the feeling.

          So hell, reach out to the world
          reach out to your friends and their friends
          and create ripples
          of caring
          and let us all
          hunker down,
          legs spread and feet planted firmly
          for balance
          and see if we can just, together, save the world.

          Happy New Year.

          love joy peace freedom to all and impeachment where needed….
          (Courtesy of the Guardian UK – quote by FerenjiNan )

          1 user thanked author for this post.
    • #156665

      sadly I have to inform that after installing this updates in serveral computers with Windows 10, now they does not start anymore, they just stuck in Windows Logo after the first reboot, so seems thet last update introduced the same bug that is present in Insider Build 17063 :S

      all the machines affected have AMD Athlon 64 X2 CPUs.

    • #156703

      Tried a manual installation on v.1607 with the full accumulative file, didn’t finish. After 15-20 min. it replies with a generic message saying that it will revert the changes. And that’s that.

      Mind you: it requires the Windows Update service to be enabled or it won’t install.

      Tomorrow I’ll test with a couple of v.1709. Well, at least it isn’t an important issue!

    • #156755

      List of vulnerabilities Microsoft fixed this month (from https://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2018/av18-002-en.aspx):

      “CVE-2017-5754, CVE-2017-5753, CVE-2017-5715, CVE-2018-0818, CVE-2018-0788, CVE-2018-0754, CVE-2018-0750, CVE-2018-0741, CVE-2018-0753, CVE-2018-0746, CVE-2018-0747, CVE-2018-0748, CVE-2018-0751, CVE-2018-0752, CVE-2018-0744, CVE-2018-0745, CVE-2018-0749, CVE-2018-0743, CVE-2018-0762, CVE-2018-0772, CVE-2018-0766, CVE-2018-0773, CVE-2018-0774, CVE-2018-0781, CVE-2018-0800, CVE-2018-0758, CVE-2018-0767, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, CVE-2018-0780, CVE-2018-0803”

      1 user thanked author for this post.
    • #156775

      I’ve installed the security only patch and theIE 11 patch on a Win7 X64 machine and have had no issues as of yet. It has a Core i3 processor. I am NOT installing the security only patch on my main AMD (Ryzen) machine, although I did install the IE 11 patch, as my understanding is that it’s for Meltdown, which doesn’t appear to affect AMD chips. Again, no issues are apparent.

      To be clear, both machines are Win 7 X64, I’m group B, and have at this time experienced no problems. My name is guinea pig.  🙂


      1 user thanked author for this post.
      • #156972

        patch is not only against Meltdown, it’s again more vulnerabilities too, so you should install it anayway, even if you are using a Ryzen CPU.

        • #157205

          I will politely disagree with your assessment; especially given the BSOD issue.


    • #157270

      Anyone know what’s going on with KB4056898 for Windows 2012 R2?

      My WSUS server received TWO entries for the x64 processor on 01/06. They look identical, except for the revisions:
      – one shows revisions 203 and 204 (and it appears 204 is now marked expired)
      – the other shows revision 200 (not expired in revision history view, but in the main view it is also marked as expired).

      This one’s a minefield to install. So theoretically I should approve revision 203, but the main entry containing 203 is marked as expired.

      No matter where you go, there you are.

    • #157314

      Ardvark here…Updated my W7 64 bit system after verifying Avast had fixed their Virus Scanner…downloaded security update kb4056897 only (not rollup kb4056894) from MS Catalog… downloaded & installed with no issues… understand it probably only covers Meltdown fix from MS… not sure when/where Spectre fix will be available…no BSOD or other issues so far… system working fine… will need IE 11 update at some point, but not sure where to get it…assume I will need to contact ASUS or visit their web site at some point for firmware or BIOS updates. Can anyone confirm my assumptions?

    • #157387

      From https://twitter.com/GossiTheDog/status/950325474022092800 (my bolding): “Microsoft have added the following text to their KB article to clarify that unless the AV compatibility registry key is set, Windows Update will not delivery January’s *or all future* security updates. […]”

      2 users thanked author for this post.
      • #157394

        What if someone isn’t running antivirus, will the registry switch ever be set?

        • #157400

          If you are not running AV, you can manually add the RegAllow key. But at this point, I wouldn’t take the chance of a BSOD. Wait until this is sorted out.

        • #157402

          From https://www.bleepingcomputer.com/news/microsoft/how-to-check-and-update-windows-systems-for-the-meltdown-and-spectre-cpu-flaws/:

          “If you’re one of the unlucky souls whose AV company doesn’t plan to add that registry key, this is a .reg file Bleeping Computer put together to automatically create the following registry key for you.


          We’ll display this in red so it sticks out. Do not run the .reg file unless you’ve confirmed with your AV vendor that they’re compatible with the Meltdown and Spectre patches.”

        • #157409

          Not for me, I know what is going on. I mean for someone barely gets updates installed let alone keeps good track of their antivirus.

          Are they just going to stop getting updates because nothing set the key?

          Starting state:
          Gets updates but has no (working) AV protection.

          Ending state after this update is released:
          Still has no (working) AV protection, key not set, no-longer gets updates either.

    Viewing 9 reply threads
    Reply To: Reaffirming that we’re still at MS-DEFCON 2

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: