News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • The perils of shouting “fire” in a crowd of PC patchers

    Home Forums AskWoody blog The perils of shouting “fire” in a crowd of PC patchers

    This topic contains 22 replies, has 16 voices, and was last updated by  CraigS26 2 weeks, 6 days ago.

    • Author
      Posts
    • #2112042 Reply

      woody
      Da Boss

      It happens over and over again. Microsoft releases a patch and the world panics. Dire predictions of doom stampede Windows customers into installing p
      [See the full post at: The perils of shouting “fire” in a crowd of PC patchers]

      10 users thanked author for this post.
    • #2112102 Reply

      Geo
      AskWoody Lounger

      They should just turn over the patching to 0patch who seem to know more then they do about  turning out good patches.

      1 user thanked author for this post.
      • #2112110 Reply

        jabeattyauditor
        AskWoody Lounger

        They should just turn over the patching to 0patch who seem to know more then they do about  turning out good patches.

        In most cases, 0patch reverse-engineers patches that Microsoft creates. They may be doing a good job, but they don’t have a business model that works without Microsoft first creating patches.

    • #2112130 Reply

      WildBill
      AskWoody Plus

      Your graphic here (not the pic on your Computerworld article) may warn about the cries of “Wolf!”, but it reminds me of AskWoody users following MS-DEFCON. In a good way:

      *sipping coffee* “This is fine.”

      Windows 8.1, 64-bit, back in Group A... & leaning toward Windows 10 V2004. As long as it's a Lot Less Buggy!
      Wild Bill Rides Again...

    • #2112149 Reply

      Barry
      AskWoody Plus

      Completely disagree with your article. I would much rather be safe than sorry. And as always when you talk about how horrible Microsoft’s patches are you fail to mention that the overwhelmingly  large majority of Windows users are not affected.

      Barry (Seeker)
      Windows 10 Home V 1909

      • #2112194 Reply

        anonymous

        If it’s labeled as Security Only and it’s got Telemetry/Nagware/other included then it’s not getting installed and state hacking or not that’s just too bad.

        I’ve got System Image backups for all my Windows 7 Laptops so if things get too infected then it’s wipe and re-image time. I will not have SO updates that are not actually SO in nature and MS is the one that needs to come around if they are actually that interested in security.

    • #2112173 Reply

      bbearren
      AskWoody MVP

      A regimen of regular drive imaging makes unobstructed, non-delayed patching/updating a non-issue for home users.  There’s a quick and easy fix just a few clicks away.  I’m among the overwhelming majority of users who are unaffected by updates other than being up-to-date with everything Microsoft offers my systems.

      I don’t patch because of “dire predictions of doom”, I patch because a patch is available, and it has been my experience that the only updates to avoid are driver updates.  Get those from the device manufacturer, if necessary.

      Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
      "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
      "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

      2 users thanked author for this post.
    • #2112174 Reply

      Kathy Stevens
      AskWoody Plus

      I think I am following Woody’s Windows 10 updates advice by having advanced options delayed for 365 days and quality updates delayed for 21 days – plenty of time for any Windows update hoots and hollers to be addressed by Microsoft.

      Said another way, set it and forget it.

      Just remember, the people making the dire predictions are simply trying to make a living and need something to write about.

      1 user thanked author for this post.
    • #2112201 Reply

      jabeattyauditor
      AskWoody Lounger

      Sometimes the crowded theater is aflame, and other times canis lupus really is lurking about.

      I don’t mind hearing when someone near the exits smells smoke, or when the guy in camo notices a fresh pile of scat… even if they’re both wrong about their proclamations more often than others are comfortable with.

      • #2112244 Reply

        OscarCP
        AskWoody Plus

        That would be ‘canis lupus lupus’, otherwise known as ‘wolf’, not ‘c. lupus familiaris’, also know as ‘woof!’ Otherwise, a point made that is well worth considering.

        “Crying fire in a crowded theater” refers to the case when someone does it out of sheer devilry, to create a “humorous” stampede, not because there is evidence that the place is on fire.

        In any case, and in line with jabeattyauditor’s comment, when some evidence of a dire threat is revealed and the source is credible, its announcement, with the statement, when in order, that is not yet in the wild, as far as anyone can tell, is the responsible thing to do. People should heed such a warning, and take measures to keep safe until more is learned. This does not mean rushing to apply a patch just because it is available, but to do so only after one has evaluated one’s own situation and decided that there is no other practical way to protect oneself immediately.

        Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx

    • #2112496 Reply

      Myst
      AskWoody Plus

      I don’t mind hearing when someone near the exits smells smoke, or when the guy in camo notices a fresh pile of scat…

      I saw a fresh pile of bear scat on the trail once and instead of turning around in a panic, I kept moving. It isn’t until the burly beast shows up with a roar that I take cover and focus on survival in the wild. Do what you can to stay safe but don’t panic. Image backup, then move along.

      Win7 SP1 Home 64-bit, GrpA / MacOS / Chromebook

    • #2112836 Reply

      Cybertooth
      AskWoody Plus

      The fundamental problem IMO is that no hard figures are normally released for the actual number of people who are affected one way or the other. Without knowing how many computers have been infected by a given threat, versus how many computers were messed up by the patch intended to address that threat, we are all simply feeling around in the dark.

      Once in a while you’ll hear that some number of PCs had been infected by a banking Trojan or something, and–assuming there is any relationship between the number given and reality–the proportion seldom works out to be in the order of more than 1 in 5000. And of course we are not told how many of the computers affected even had basic protections installed such as current antivirus+antimalware.

       

      1 user thanked author for this post.
    • #2118971 Reply

      radiopunk0
      AskWoody Lounger

      I still havent downloaded this months patches. I always sit back and wait. Just wondered what was subtly installed into peoples computers with anyone knowing. While they expected was a needed patch due to some big threats that never surfaced. Instead was probably more snoop junk

    • #2121839 Reply

      Kathy Stevens
      AskWoody Plus

      In all fairness to the bears mentioned above, my work takes me into remote woodland areas for months at a time and I have only run into a problematic bear once in more than 20 years.

      A colleague of mine and I were working in our camp’s the garbage pit when I turned around and found that we were sharing the space with a rather large brown bear. I quietly told my friend that we needed to walk forward – quietly and slowly – out of the pit. We did and the bear remained happily eating our leftovers from the prior day. No need for a Glock 20 with a few spare magazines then or ever.

      Again, I simply set my Windows 10 advanced options to delay feature updates for 365 days and quality updates for 21 days – plenty of time for Microsoft to address any problems.  This approach is consistent with my approach to getting away from bears.  I don’t need to be the fastest person in the woods – I only have to be faster than the slowest member of our party. Or in the case of patches, I need to follow and not be amongst the first people to install a patch.

      2 users thanked author for this post.
      • #2124241 Reply

        AlexEiffel
        AskWoody_MVP

        We have a very similar philosophy from what I understand about your stance on Firefox too.

        I will just warn you about something. I used to set delays to 365 days. The problem is running the oldest supported version I hit the no support date before the 365 days is over since support is only good for 18 months unless you have Enterprise (not Pro) version and even then it is only certain versions of the feature updates that are supported longer (36 months I think).

        Depending on the version I was running, I either got a few free monthly cumulative updates beyond the out of support date for a reason that is still mysterious to me and then got pushed to the next oldest supported version or for 1803 recently, some computers were just left unpatched and not moved to 1809 until I initiated the update manually. Some might like this “feature”, but I don’t like to be unpatched on a non supported version without being told clearly. I have the group policy set to download but notify before install and maybe it played a role in keeping me not updated and not bothered while using the 365 days delay while on previous versions I got pushed anyway at some point, but always respectfully (I could click not now and drag it as long as I wanted by not restarting the computer, it seemed).

        So since I always run the oldest supported version, setting to 180 days for users might make more sense to avoid getting trapped in this no patch/no warning/no support situation. Or you can still use the 365 delays but become a seeker (click on check for updates and install updates) once you know the period of support is over for the particular version you are running. This requires a bit more involvement on your end knowing and remembering the end of support date of the version you are running. You can play that Woody style and wait another month to update if you are not particularly worried, but it just lower your support period of the next oldest version you will run, so there might not be much to gain there. Also, becoming a seeker has its own perils. It is not clear as to what Microsoft determine what happens to a seeker depending on the version. They might interpret seeking as bring me the latest version and not the oldest supported version or make “mistakes” as to which version to push like what happened in the past with other versions where people (not necessarily seekers) were pushed to a different version than maybe they would have liked.

        I noticed that running the oldest version that has been quite well tested didn’t bring too much problems vs staying cutting edge on a variety of hardware. I have a good amount of different computers and not a single 1000 fleet of the same model. I was happy running set it very secure and forget it style in the past which was a low cost very productive way to run our computers before with Windows 7, but with Windows 10, it is less manageable. And now with the latest behavior I observed going from 1803 to 1809 not being managed as nicely automatically like it happened on previous versions, I wasn’t very happy about sending someone to manually click install updates on a bunch of computers and make sure they updated properly.

        2 users thanked author for this post.
        • #2124269 Reply

          Kathy Stevens
          AskWoody Plus

          I have no philosophical problem switching Windows 10 feature updates to 180 days from my current 365 delay.

          Your argument for a shorter update period makes sense.

          So, 180 days it is unless some has a stronger argument for a longer delay.

          Thank you for taking the time to get back.

    • #2123563 Reply

      anonymous

      The number one reason to patch is, if you do financial transactions on the computer, a provider who promises to indemnify the user from damages if something goes awry, might decline to do this indemnification if the computer isn’t being kept patched.

      It’s in my user agreement with at least one of my custodians of my money.  But, the way I look at it, it might be used as a defense by all of them.

      Windows restore has worked well for many years.   Update, so long as there are restore points.

      I got rid of Win 7, now on 8.1.  Problems have been negligible.

    • #2123608 Reply

      Canadian Tech
      AskWoody_MVP

      There are two distinct profiles of users. Enterprise, and they guy at home. I have no doubt that enterprises need to focus on patching. When it comes to home users, the risk is dramatically less.

      There is way too much paranoia around patching.

      CT

      6 users thanked author for this post.
    • #2123647 Reply

      anonymous

      The media always has a tendency to blow things wildly out of proportion. Take the current coronavirus scare, for instance. The media sure is blowing it out of proportion, to the point that Chinese people are facing harassment and even racism over social media for it. The hysteria is hard to justify when the regular flu and malaria kill way more people and are way more dangerous anyway. Once the public gets fatigued, these headlines will no longer be as catchy.

      Same goes for patches. If the NSA screams about some vulnerability, then the media will cotton on and start echoing those screams. Soon everyone is screaming at the top of their lungs, and the people who stayed calm and used their head don’t get heard above the din.

      Woody isn’t saying “Don’t Patch, Ever!”, he’s saying “Keep Calm and Use Your Head”. Someone should make a laptop sticker for that. Taking the time to think decisions through makes a huge difference in many cases.

      3 users thanked author for this post.
    • #2123808 Reply

      lurks about
      AskWoody Lounger

      Woody and Susan are both saying “Keep calm and use your head!”. Often the hype and reporting fails to note that often only a limited number of users are immediately affected by the major security updates. Nor do they explain what the problem is in an intelligent manner.

      5 users thanked author for this post.
    • #2123963 Reply

      anonymous

      When the spooky vendors start telling you to patch, it makes me wonder what exactly they added to it.

       

      Moderator note: Edited for content.

    • #2123992 Reply

      anonymous

      Just did get patches installed on Win. 10 ( 1903 ) and Win. 7 Pro. All went well except when I went to update Office 365 they totally messed with everything in Word and Outlook. They changed the icons and messed with the tool bars etc. Again if not broken don’t fix it.

    • #2124507 Reply

      CraigS26
      AskWoody Plus

      A regimen of regular drive imaging makes unobstructed, non-delayed patching/updating a non-issue for home users.  There’s a quick and easy fix just a few clicks away.  I’m among the overwhelming majority of users who are unaffected by updates other than being up-to-date with everything Microsoft offers my systems.

      I don’t patch because of “dire predictions of doom”, I patch because a patch is available, and it has been my experience that the only updates to avoid are driver updates.  Get those from the device manufacturer, if necessary.

      I was setup FOR Driver Updates and changed it via Control Panel (below for others who want to). Thanks for the reminder. But – While HP is great about warning of Security/function Driver Issues – I’m Still waiting on 95% of the alleged Updates…..

      Con Panel/System/Adv System Settings/Hardware Tab/Device Install Settings……..

      W10-64 1909 Home / Hm-Stdnt Ofce '16 C2R / HP Envy i5-8400/ 12 GB / 256G SSD + 1 TB HDD / InSpectre #8 = GREEN

      • This reply was modified 2 weeks, 6 days ago by  CraigS26.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: The perils of shouting “fire” in a crowd of PC patchers

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.