News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • The new Microsoft Security Essentials, KB 3205972, fixes the right-click scan bug

    Home Forums AskWoody blog The new Microsoft Security Essentials, KB 3205972, fixes the right-click scan bug

    Viewing 53 reply threads
    • Author
      Posts
      • #20483 Reply
        woody
        Da Boss

        Short answer: The patch is completely undocumented, but in my tests the latest version, 4.10.209.0, fixes the bug introduced in Sept 28’s MSE 4.10.205
        [See the full post at: The new Microsoft Security Essentials, KB 3205972, fixes the right-click scan bug]

      • #20484 Reply
        Tom
        Guest

        It appears that Microsoft has 2 different releases of the same Microsoft Security Essentials 4.10.209.0.

        The first release: https://www.microsoft.com/en-us/download/details.aspx?id=29942 is entitled Microsoft Security Essentials Prerelease, and has a published date of 11/29/16.

        The second release: https://www.microsoft.com/en-US/download/details.aspx?id=5201 is entitled Microsoft Security Essentials and also has the same published date, 11/29/16.

        According to the file details shown below, the prerelease version includes some extra baggage that most users will want to avoid at all costs. Especially if your trying to avoid, Microsoft Error Reporting, Customer Experience Improvement Program, and Microsoft Active Protection Service:

        As a Microsoft Security Essentials Prerelease user, you will have the opportunity to explore and test new builds of Microsoft Security Essentials before they are publically available and provide feedback to Microsoft. Your feedback helps Microsoft to make its software and services the best that they can be. As a Microsoft Security Essentials Prerelease user, Microsoft Security Essentials updates will automatically be installed on your computer through Microsoft Updates. To help us improve the software, you will be enrolled in the Microsoft Error Reporting, Customer Experience Improvement Program, and Microsoft Active Protection Service.

      • #20485 Reply
        woody
        Da Boss

        I assume the version rolling out via Windows Update is the second, not-pre-release, version.

        Gawd. So now MSE has a prerelease program? Maybe Belfiore’s getting his ducks lined up.

      • #20486 Reply
        Ray
        Guest

        Gawd, is right. It just seems there is one problem after another and Microsoft sure as hell don’t care about Windows users.

      • #20487 Reply
        Jim
        Guest

        I saw the new Microsoft Security Essentials, KB 3205972 on Askwoody.
        I then checked windows update, there was no updates.
        So I updated the MSE virus spyware definitions.
        After updating MSE two KB’s showed up in windows update.
        One was a definition update the other was the the new version Microsoft Security Essentials, KB 3205972.

        The question is which KB 3205972 do I have?
        The 1st release or the 2nd release.
        Is there a way to tell the difference?

      • #20488 Reply
        fp
        Guest

        Dont always attribute to malice what can be easily explained by incompetence.

        This the certain consequence of turning users into unpaid debuggers and designers.

        I dont think Ms could fix this even if it wanted to.

      • #20489 Reply
        BobbyB
        Guest

        hmm took them long enough to fix it, i think i advocated removing and reinstalling then not installing the update as a workaround which worked for me. Woody raised an interesting point in a reply the other day i have never seen MSE flag or catch a virus ever. Sure it’ll flag the odd “script file” or imported .reg entries but never an actual virus. I had just put it down to the fact i never frequent “shady” web sites or open suspect emails.

      • #20490 Reply
        C
        Guest

        Thanks for reporting this Woody.

        Bottom line though in your opinion: Since this is undocumented, is it worth upgrading to this from 4.9.218 or should I just stick with that?

      • #20491 Reply
        C
        Guest

        Some advice, if you want to make sure you get the non-prerelease version, go to the second release link Tom provided and download that MSE (and after download install that).

        It seems to have worked for me.

      • #20492 Reply
        woody
        Da Boss

        Thx!

      • #20493 Reply
        woody
        Da Boss

        The last one’s undocumented, too. I’d wait a few days and if there aren’t any huuuuuge cries of pain, I’d go ahead and install it.

      • #20494 Reply
        David F
        Guest

        The problem is also finding out what it really does.

        I gave up upgrading things because it has a bigger version number a long time back, in my experience the “new and improved” version in many cases is not and sometimes a much worse version (and I’m not just talking about software here).

        So without any definitive feature list what is the actual point of upgrading to something that nobody knows what it really does or if it works any better than the old version does?

      • #20495 Reply
        woody
        Da Boss

        Good point.

      • #20496 Reply
        Seff
        Guest

        May I suggest that MSE client updates are added to the other Windows Updates as something to be left well alone for a couple of weeks until the dust has settled? Keep the definition updates going, but the client updates need careful evaluation before they are installed.

      • #20497 Reply
        woody
        Da Boss

        Makes sense – but I’ve never had an MSE event….

      • #20498 Reply
        EP
        AskWoody_MVP

        @woody: Version 4.10.209.0 of MSE removes the Administrators option on the Settings tab of MSE. The option for Admins to turn the MSE app On or Off has been removed. I’ve just found out about this when running this newest version.

      • #20499 Reply
        woody
        Da Boss

        Oh boy. So does that mean admins have to use GPEdit – or is there some other mechanism?

      • #20500 Reply
        Seff
        Guest

        Me neither, apart from the limited loss of function in the last update and which is fixed in this one.

      • #20501 Reply
        Geo
        Guest

        I`m group A. Canary in the coal mine. Did the MSE update. So far nothing happened.

      • #20502 Reply
        woody
        Da Boss

        Thanks for the post!

      • #20503 Reply
        abbodi86
        Guest

        Official download links:
        https://support.microsoft.com/en-us/help/14210/security-essentials-download

        gives the same as 5201

      • #20504 Reply
        Cartoonist Aaron
        Guest

        So that sudden loss of right-click scan was a bug, eh? I figured MS just decided to drop the feature on Win7 for some reason.

      • #20505 Reply
        woody
        Da Boss

        It appears to be a bug. But then, I’ve never seen any official confirmation…

      • #20506 Reply
        Eric
        Guest

        Get with the MS view of the world — the removal of the right click menu was a Customer Experience Enhancement and feature improvement.

        The return of the right click menu is the unacknowledged bug!

        I’m going to stick with 4.9.218 until such time as there is a concrete, documented justification for making a change.

      • #20507 Reply
        Bill C.
        Guest

        I really think folks need to carefully look at the implications of the EULA. You will need to use 7-Zip to inspect the EULA of both releases. The pre-release has a whole section on Validation. It is not in the release.

        Here is a small part of the section:
        1. VALIDATION.
        a. The software may cause the operating system software to conduct validation checks of your operating system software from time to time, depending upon your specific operating system.

        b. Validation verifies that your computer’s operating system has been activated and is properly licensed. Validation also permits you to use certain features of the operating system software or to obtain additional benefits.

        c. If a validation check is performed, the operating system software will send information about the software and your operating system software to Microsoft. This information includes the versions of the software and operating system software. Microsoft does not use the information to identify or contact you. By using the software, you consent to the transmission of this information. For more information, see http://www.microsoft.com/genuine/downloads/PrivacyInfo.aspx.

        d. If, after a validation check, your operating system software is found not to be properly licensed, the software you are installing may be disabled, or the functionality of the operating system software may be affected, depending upon your specific operating system and applicable laws. For example, you may need to reactivate the operating system software or you may receive reminders to obtain a properly licensed copy of the operating system software, or you may not be able to use or continue to use some of the features of the operating system software or obtain certain updates, upgrades or services from Microsoft.

        e. You may only obtain updates or upgrades for the operating system software from Microsoft or authorized sources. For more information on obtaining updates from authorized sources, see http://www.microsoft.com/genuine/downloads/faq.aspx.

        Meanwhile on the non-prerelease AND the pre-release, it has these gems:
        Both enroll you in the CEIP. Both turn on automatic updating. My concern is can you turn them off?

        Customer Experience Improvement Program (CEIP). This software uses CEIP. CEIP automatically sends Microsoft information about your hardware and how you use this software. We use this information to improve our products and services. We do not use this information to identify or contact you. To learn more about CEIP, see go.microsoft.com/fwlink/?LinkId=52097.

        Windows Update; Microsoft Update. The software turns on automatic updating from Windows Update and Microsoft Update. To enable the proper functioning of the Windows Update and Microsoft Update service in the software, updates or downloads to the Windows Update and/or Microsoft Update service will be required from time to time and downloaded and installed without further notice to you.

        Call me paranoid, but I will leave this to others to see if it removes the ability to opt-out or change the options. I believe this is the first step and the EULA variations are fair warning. Maybe it is time for Group W.

        This could be part of the payload or the trigger to eliminate Group B or W, as well as further damage Win7 and 8.1 machines functionality.

      • #20508 Reply
        Squall
        Guest

        Wait… does this mean that real-time protection can no longer be turned off?

      • #20509 Reply
        woody
        Da Boss

        HA! I needed that…

      • #20510 Reply
        Ed
        Guest

        Why anybody would feel comfortable using a “free” program offered by M$ after the GWX campaign refuses to register in my mind as either a valid or a sane option.

        The words “free” and “Microsoft” in the same PARAGRAPH should raise your eyebrows!

      • #20511 Reply
        Bill C.
        Guest

        To clarify, I have no problem with an OS doing a check to ensure it is properly licensed. Win7 already does that, as does Office at least as far back as Office 2010. It should be limited to MS software, and it should tell us what it is collecting (but we all know how likely that will be.)

        I also believe that Validation parts d. and e., are evidence that Windows as a service is definitely headed to a pay as you go subscription model. From the other postings on AskWoody about the rate of adoption of Win10 and the future of PC computing, I see MS trying to eak every last drop of blood ($$) and limiting user control for the home user. For the enterprise, they will be far more cautious of customer alienation.

        I have not reviewed all MS EULAs, just the two in the MSE downloads. I have no problem with an AV or anti-malware program doing signature updates automatically, I just find the potential of forcing WU for all updates to full auto via a Security product to be objectionable, especially if that changes the options (ability to turn WU off, etc.) we as Win7 users originally purchased. Currently MSE updating is automatic even with WU off. It should remain that way. If this patch does not implement that now, the wording of the EULA certainly lays the foundation for a future implementation.

      • #20512 Reply
        LoneWolf
        Guest

        As a side note, I highly recommend doing what I do when it is possible (it would not be in this case):

        Every time I get a patch that Microsoft has a KBID placeholder page with no information (e.g., “Install this update to resolve performance and stability issues in Windows/Office, with no other information”), I mark the KB site unhelpful, and I tell Microsoft that not providing me information on what the patch does means that I decline it, wasting both my time, and the time of the developers that coded it. An undocumented patch, to me, is as good as no patch at all, worse because I waste my time trying to find out what it does only to receive no information.
        Usually, I keep those patches queued but not installed, for 30 days. If Microsoft goes a month from release with no documentation, I decline them and tell them exactly why. To steal from Arlo Guthrie:

        And three people do it, three, can you imagine, three people walking in tellin’ Microsoft they won’t use it, They may think it’s an
        organization. And can you, can you imagine fifty people a day,I said fifty people a day walking in, givin’ Microsoft a hard time, then walking out. And friends they may thinks it’s a movement.

      • #20513 Reply
        LoneWolf
        Guest

        Just for the sake of example:

        https://support.microsoft.com/en-us/kb/3039737

        That’s a patch for Microsoft Office 2013. It tells me it has a prerequisite. It tells me nothing else.

      • #20514 Reply
        Ray
        Guest

        Would someone tell me why we should even bother with Windows Security Essentials. As far as I know it has never been of any use whatsoever.

      • #20515 Reply
        woody
        Da Boss

        Ah, the Office Group W Bench!

        And that’s what it is, the Alice’s Restaurant Anti-Massacree Movement, and all you got to do to join is sing it the next time it comes around on the guitar!

      • #20516 Reply
        woody
        Da Boss

        If you want an antivirus program, Microsoft Security Essentials is a good choice.

        If you’re living without an antivirus program, you’re flirting with danger. This is another one of those religious, discussions, though – and I would submit that the need for antivirus software isn’t nearly as great as it was ten years ago.

      • #20517 Reply
        Chuck B
        Guest

        Win7 Pro: I was offered ..5972 by Win Update but when I checked right clicking on a folder or file, I still had “Scan with MSE” as an option. So I guess I don’t need …5972?

      • #20518 Reply
        Geo
        Guest

        I wonder if that MSE update fixed the Atom bomb exploit Steve Gibson talked about on his “Security Now”? Nov. 8th show? He mentioned MS will probably come out with a change to kill it.

      • #20519 Reply
        rcprimak
        Guest

        Other free programs outperform MSE/Windows Defender time after time, depending on who’s doing the testing. But I’d still submit that everyone should have some AV/AM protection on a Windows PC.

        Whenever anything third-party is installed which has active protections, Windows Defender is supposed to step aside and no longer be active. Which removes the problems of the WD program and its updates. And moves these problems over to the third party program.

        No AV is perfect, but two or three programs properly selected may work just fine.There are many options which work well together.

        But we still have to be careful what we download, which email attachments we open, and what we click on at web pages.

      • #20520 Reply
        woody
        Da Boss

        You probably have an older version of MSE, and haven’t updated since September.

      • #20521 Reply
        Ray
        Guest

        OK, so I need WSE…Where the heck do I find it? It does not appear when I do a Check for Updates in Group B. This is where it always appeared in times past but not now.

      • #20522 Reply
        woody
        Da Boss
      • #20523 Reply
        Chuck B
        Guest

        How does one check the version? The Help items takes one to MS web site rather than “About” for a version Number.
        Anyway I update MSE almost daily but never have been asked to upgrade. Thanks!

      • #20524 Reply
        Walker
        Guest

        @Woody:

        Woody: I have not had any e-mails notifying me of postings, and this website is not showing the old graphics, calendar, and everything else that it did previously. I had 2 e-mails this morning, the last one dated about 6:24 a.m. That’s all I’ve received all day.

        Please, please help so I can get back to the “normal” website. I cannot access anything without the calendar and other “tools”.

        Please, please help. 🙁

      • #20525 Reply
        woody
        Da Boss

        I had a request to remove the calendar, but I’ll put it back, at the bottom. Basically it shows that I’m now publishing new stuff just about 7 days a week.

        Not sure about the emails. Are you following a specific comment series?

      • #20526 Reply
        Pierre75
        Guest

        Click on the downward pointing arrow located at the right side of the panel and a dropdown menu appears. The click on ‘About’.

      • #20527 Reply
        Hugh McFarlane
        Guest

        Click on the little down-pointing arrow, at the right of the word Help, and you get a popup menu. Click About. The MSE Client version should be the top item in the result.

      • #20528 Reply
        Walker
        Guest

        @Woody:

        I have received a few e-mail notices this morning, so apparently that is functional again. I changed nothing at all.

        I check the calendar for “new” subjects, and then if it’s something I want to follow I subscribe to it. If I don’t have the calendar I don’t know if there are any new subjects I want to subscribe to.

        I don’t follow any specific comment series, as I depend on the e-mail notices to alert me.

        I have vision problems, and I appreciate having the calendar back once again. Thank you so much for your help. 🙂 🙂 🙂

      • #20529 Reply
        LoneWolf
        Guest

        Woody,

        Just note –Sophos has a free (for home) 10-user Mac and Windows antivirus program, which you can centrally manage in the cloud. And it’s *ad-free*, unlike some of the others.

        I’ve been using it for eight months now, it’s unobtrusive, takes few system resources, and I’ve found my Microsoft replacement.

      • #20530 Reply
        Chuck B
        Guest

        Thanks. I’m running …216.0 so I clicked on the “Check for updates” option which took me to a page that said: use Windows Update”
        Well, Win Update has never “offered” an update to MSE.
        Had to download from MSE web page.

      • #20531 Reply
        grayslady
        Guest

        For anyone using the new MSE version, do you know if it finally addresses the issue with Administrative Events related to EppOobe.etl? I used to be able to rid myself of this error by the well-publicized 6-step method involving numerous re-boots, but that technique no longer works on my machine. I think I’ve pretty well established that occasional problems with inability to shut down the computer are MSE related–especially the OOBE error–but I’d be interested if those who used to receive that particular error event have noticed that upgrading eliminates the problem.
        Thanks.

      • #20532 Reply
        Bill C.
        Guest

        That is a good question.

        I usually disable real-time protection when installing certain programs or driver packages. I have not had a problem either way, but a number of programs or driver installs recommend it.

        Of course this is for known software from a known company website.

      • #20533 Reply
        Bob?(Maybe?err…ok)
        Guest

        The validation part is just “you have to run a legal copy of windows to use MSE”, that’s pretty much how it’s always been. As for the CEIP auto opt-in… ICK.

        I’ve been revising my former anti-GWX script, now it opts out of CEIP and blocks it via policy, blocks DNS for telemetry sites (I chose not to block watson / crash reports since I consider that legit data to send microsoft). It also deletes the ID number CEIP assigns to your pc and disables the DiagTrack service and deletes its data.

      • #20534 Reply
        Bob?(Maybe?err…ok)
        Guest

        I’ve found it’s detection rates to be poor, virus removal capacity to be poor. On the plus side it’s not crammed with junkware.

        AVG free (direct download link missing as of the last website changeup) has junk in it, (toolbar that changes your search, homepage, and installs a toolbar that re-enables itself after a few weeks if you disable it, they bug you to install the toolbar and if you accept it closes all your browser windows without further notice). They also prompt you to install snake-oil type products (tuneup, driver updater, the “use our search so you will see ads we get paid to show you” search. but most of that can be side-stepped if you do it right. Sometimes the program breaks itself during the update process (long term), but doing a yearly clean install usually prevents this. Detection rates are reasonably good, behavior based detection is reasonably good. Exploit blocking is ok.

        AVG has some obvious trade offs vs MSE, but when working properly (and the user is not being tricked by it) it is better.

        Norton (in the paid category) is actually pretty good too, static detection rates seem to outmatch AVG, behavior based detection (called sonar in Norton) is good and their reputation (cloud) based detection has merit. Exploit blocking (preventing the initial attack against your PC) in Norton seems to be one of its strong points. Some people can get Norton free from their ISP.

      • #20535 Reply
        fl
        Guest

        Has there been enough time for the dust to settle regarding whether or not this update is worth applying, or simply more trouble than it’s worth?

        Right now I’m running MSE 4.10.205.0, and the update would bring it up to 4.10.209.0.

      • #20536 Reply
        woody
        Da Boss

        I haven’t seen any complaints.

    Viewing 53 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: The new Microsoft Security Essentials, KB 3205972, fixes the right-click scan bug

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.