News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Turning the ratchet up to MS-DEFCON 2

    Home Forums AskWoody blog Turning the ratchet up to MS-DEFCON 2

    Viewing 11 reply threads
    • Author
      Posts
      • #190250 Reply
        woody
        Da Boss

        I’ll have full instructions on Monday, but most of you know the drill. I’m changing it now because I suddenly realized that some of you may be running
        [See the full post at: Turning the ratchet up to MS-DEFCON 2]

        3 users thanked author for this post.
      • #190291 Reply
        anonymous
        Guest

        Neowin has an interesting take on this Tuesday’s round of updates

        2 users thanked author for this post.
        • #190311 Reply
          woody
          Da Boss

          Sounds like Rich has come to his senses. 🙂

          1 user thanked author for this post.
          • #190696 Reply
            Jan K.
            AskWoody Lounger

            Sounds like Rich has come to his senses.

            Reading comments at end of article, it sounds more like he’s lost it?

            Windows 10 1803/4 seems to be very popular… at least on the forums I frequently visit.

        • #190500 Reply
          sheldon
          AskWoody Plus

          If 1803 update is hidden wushowhide and all the deferrals are in place, then manually checking  for updates should not show the 1803 update.   If wushowhide doesn’t see it, then manually checking should have the same effect.

      • #190301 Reply
        RetiredGeek
        AskWoody MVP

        FYI, I ran the recovery to return to 1709 this afternoon and it went w/o a hitch.

        HTH 😎

        May the Forces of good computing be with you!

        RG

        PowerShell & VBA Rule!
        Computer Specs

        4 users thanked author for this post.
        • #190569 Reply
          anonymous
          Guest

          I wonder how long it will be before MS turn that feature off, I mean upgrade it …

          1 user thanked author for this post.
      • #190359 Reply
        Geoff King
        AskWoody Lounger

        Got this on my machine running 1803 today and I quote.

        Installation Successful: Windows successfully installed the following update: Feature update to Windows 10, version 1803

        No other info. Anyone know what that’s about ? :-/

        Apologies if post gets duplicated. I forgot to sign in first !

         

        • #190363 Reply
          Microfix
          Da Boss

          See: has-your-copy-of-win10-version-1803-been-updated

          and theres-a-seeker-born-every-minute

          These topics may answer your question 🙂

          Win7 Pro x86/x64 | Win8.1 Pro x64 | Linux Hybrids x86/x64 |
          1 user thanked author for this post.
          • #190366 Reply
            Geoff King
            AskWoody Lounger

            Hi, Microfix. Yep, I’ve seen all that stuff. I did NOT run Windows Update today, and still running 17134.1, so still none the wiser…………..

            • #190392 Reply
              woody
              Da Boss

              Not sure why, but you’ve been upgraded to 1803.

              That kind of drive-by upgrade isn’t supposed to happen until Monday, but hey, who knows.

              Did you have your machine locked down?

              https://www.computerworld.com/article/3232632/microsoft-windows/how-to-block-windows-10-april-2018-update-from-installing.html

              • #190515 Reply
                Geoff King
                AskWoody Lounger

                Hi, Woody. I manually upgraded to 1803 when it was released on 30 April. Yeah, I know I’m a thrill seeker !, but it was only on May 5 that this mystery update arrived.

                I’ll wait to see if the patch to 17134.5 settles things down, but actually I’ve had none of the issues others have had like slow downs or Chrome freezing, so I’ll monitor the situation and if there are unforeseen issues in the future I’ll revert to 1709. Thanks. 🙂

              • #190521 Reply
                woody
                Da Boss

                I don’t see any references to 17134.5. I think it’s a non-existent phantom.

                1 user thanked author for this post.
              • #190524 Reply
                b
                AskWoody Plus

                I see a reference to it here:

                If you got the Day 1 update, you’ll be on build 17134.5.

                Windows 10 Pro Version 2004: Group ASAP (chump/pioneer)

                2 users thanked author for this post.
              • #190529 Reply
                Geoff King
                AskWoody Lounger

                I think that the May 8 Patch Tuesday updates may take 1803 to 17134.5 ?

              • #190536 Reply
                ch100
                AskWoody_MVP

                Woody, there is the unofficial patch KB4135051 which was made available to insiders, but never to the public users. KB4135051 brings the version to 17134.5.
                I noticed only one hidden difference. When scanning with WUMT against Windows Update, 17134.1 shows an entry under installed upgrades as Feature update to Windows 10, version 1803, while with the patch applied, this entry is missing, like making the version more retail (RTM).
                However, on 1709 this entry Feature update… was always present and was never removed by any of the released patches.
                It may just be a coincidence and one more inconsistency inherent to the rapid release schedule.
                If anyone else and I am thinking here in the first place to @abbodi86 has other information by analysing the patch internally or by finding a documented reference, I would be interested to find out.

                Attachments:
                1 user thanked author for this post.
              • #190650 Reply
                woody
                Da Boss

                KB4135051 brings the version to 17134.5.

                Yes but, as you say, that was only made available to folks in the Insider program – beta testers.

                I imagine it’ll all straighten out on Tuesday with an update to a later build number. Probably.

                2 users thanked author for this post.
      • #190401 Reply
        anonymous
        Guest

        Woody, Is there any evidence that Windows Restore won’t mess up things? Honestly, if it’s time to restore to a previous state, it’s time to reinstall the OS from scratch.

        • #190404 Reply
          PKCano
          Da Boss

          There have been several reports of successful rollback from 1803 to 1709.
          However, there is no 100% guarantee you won’t have problems.

          From ISO installations of 1803 Build 17134.1 (the current upgrade) have had many problems. Refer to Woody’s list on this site. It just depends which version you are going to install from scratch (which will depend on which ISOs you currently have). The current ISO available is 1803. If you have the older ISOs, v1703 has been stable, v1709 not so much.

          1 user thanked author for this post.
          • #190702 Reply
            anonymous
            Guest

            Thank you!

      • #190484 Reply
        anonymous
        Guest

        Hi Woody,

        I am a simple non-power user on a Win 10 home Dell desktop I bought over a year ago. I was a seeker early this week. I just couldn’t help myself from looking. OCD?

        I don’t mean to ruffle any feathers, but 1803 Build 17134.1, of which I got through windows update is working……well….working really well. I realize people are having problems (lord knows I have had issues with Win 10). but for me, so far so good. 

        Is there any reason I would want to roll back my system?

        Thanks as always…

        • #190512 Reply
          Cascadian
          AskWoody Lounger

          First rule of troubleshooting, verify power is in fact ‘ON’.

          Second rule of Troubleshooting, do not fix what is not broken.

          Congratulations, you are among the very large portion of users with a healthy system installed on hardware of sufficient specification for the new Win10. You have not yet found any conflict in the way you use a computer. May it be that way forever for you.

          It is still good to follow discussions affecting others. Forewarned is forearmed. At the point that you need to know how to deal with reverting to a prior installation, you may not be able to reach AskWoody for directions. Unless you have another machine nearby.

          So just tuck this information away for that occasion that hopefully never arrives.

          edit to add:
          On reread, recognize I failed to directly Answer a direct Question, sorry.

          No. Your brief description gives no reason to reverse course now.

          If that condition changes, so will the advice.

          5 users thanked author for this post.
      • #190530 Reply
        RamRod
        AskWoody Lounger

        I’m using the only method I know to prevent the installation of patches on my wife’s Yoga Book – we don’t turn it on. Now trying out an Android tablet.

        RamRod

      • #190532 Reply
        GoneToPlaid
        AskWoody Plus

        Defcon 2 ain’t nothing — other than something at the present point which I wholeheartedly agree should be observed, for the time being, in terms of the updates which have this Defcon 2 rating.

        On the other hand, one security company claims to have identified (through advanced machine learning) at least a couple of hundred true Spectre 2 class malware samples, and that this is how said security company was able to independently verify these CPU flaws and these attack methods. Said security company also claims that virtually no other security product vendors are detecting these Spectre 2 class exploits. I am not mentioning the name of said security company since I have yet to vet their claims.

        And yet on another hand, it was very recently disclosed that eight (yes, 8) new Spectre class flaws have been discovered, AND that these eight new Spectre class flaws have supposedly been assigned CVE numbers. See:

        Are 8 new ‘Spectre-class’ flaws in Intel CPUs about to be exposed?

        The upshot is that if the above is true, then this puts Intel back to the drawing board — just as the disclosed BranchScope vulnerability has done.

        Alrighty, so where does this leave all of us?

        1. Apparently AV products are NOT presently detecting true Spectre class exploits, since virtually all AV products do not have machine learning capabilities. Everyone has been saing that there are no “known” Spectre exploits out there in the wild. Well, apparently there really are. This wouldn’t surprise me at all, given that some exploits have gone unnoticed for years before being eventually found.

        2. Intel, who said that they “were done” in terms of addressing Meltdown and Spectre with their version 2 microcode updates, now is right back to the drawing board.

        3. Remember when I posted about Total Meltdown? Well, guess what. Yes, Total Meltdown totally breaks out of any running virtual machine to read all computer memory.

        4. What about these latest eight new Spectre class exploits? Well, at least one or more of them as well totally break out of any running virtual machine to read all computer memory.

        I had kind of figured that it would take at least several months for new Spectre class exploits to be discovered. A lot of others thought so as well, and even opined that such exploits might be discovered over several years. Yet here we are in early May with eight new Spectre class exploits which Intel will have to address — if this is possible.

         

        5 users thanked author for this post.
        • #190636 Reply
          Noel Carboni
          AskWoody_MVP

          Are 8 new ‘Spectre-class’ flaws in Intel CPUs about to be exposed?

          The upshot is that if the above is true, then this puts Intel back to the drawing board — just as the disclosed BranchScope vulnerability has done.

          Alrighty, so where does this leave all of us?

          All? Perhaps it leaves most folks where some of us have been all along…

          Sounds scary, but don’t be scared. Be smart.

          Don’t trust software running on your computer. Don’t assume that running programs “non-privileged” in any way protects you from threats. Don’t download and run things blithely from the internet. Don’t assume UAC protects you from anything. Turn down the “glitz delivery” mechanisms in your web browser so that it doesn’t download and run things blithely from the internet.

          Don’t imagine it’s anyone else’s job to protect you and your data, but rather that it’s their job to take it from you at your expense.

          Back up your data so that if the worst happens, all you have to do is reformat, reinstall, and restore.

          Give your trust rarely and hesitantly.

          Think about what you’re doing.

          Good luck.

          -Noel

          5 users thanked author for this post.
      • #190572 Reply
        anonymous
        Guest

        It seems that the main reason for moving to DEFCON 2 is Win10-related (whatever 1803 and 1709 mean). Does that mean it might still be okay to proceed with my Win7x64 machine for now, before any May patches appear?

        • #190590 Reply
          TonyC
          AskWoody Lounger

          Yes, that is my understanding as well. Initially, I was surprised that MS-DEFCON had been reset to 2 so early because I had planned to patch my Windows 7 x64 system today. Anyway, I have just done it and I encountered only the April patches (rollup, preview, MSRT) in Windows Update. So you should still be OK.

          1 user thanked author for this post.
        • #190651 Reply
          woody
          Da Boss

          Yes, if you have a Win7 machine, you can safely update it any time up until the minute Microsoft releases patches on Patch Tuesday.

        • #190698 Reply
          Jan K.
          AskWoody Lounger

          Yes.

          Was bored, clicked “Check for updates” and picked everything except preview and… no problems.

          Still running smooth…

      • #190591 Reply
        Seff
        AskWoody Plus

        Alrighty, so where does this leave all of us?

        Getting on with our lives, is my best guess.

        From a domestic user’s point of view, especially if he/she doesn’t trust their banking and other significant financial transactions to online services, then there is in my view a danger in worrying obsessively about all these modern-day scares.

        Let’s not forget that probably 95% of computer users have their updates set to “Automatic” and of those probably another 95% never have any issues when updates are installed and don’t suffer from serious malware etc attacks either.

        We all panic over these things because we know a little bit more about computers than that original 95% do, but we also know the saying about a little knowledge being a dangerous thing.

        This is all the more so when those of us who do worry about taking every conceivable step to safeguard our computers then wander in to our local coffee shop and run our laptop or other device through their free wifi which is as often as not, of course, totally unprotected :)!

        While I don’t personally take unnecessary risks in these matters (including no wifi at home or elsewhere, no online banking etc, and no automatic updating), I do think we sometimes have to be a tad philosophical about computer security, otherwise we would simply lose our sanity. However, for business users, especially those here who are IT professionals, there is obviously a need to take things rather more seriously.

        2 users thanked author for this post.
        • #190690 Reply
          Noel Carboni
          AskWoody_MVP

          The problem is that when most of society is caught up in “cloud first” thinking, it becomes more difficult to be conservative.

          Online banking and online ordering are two obvious examples. In this day and age of having to pay fees for anything that goes wrong, there are significant advantages to being able to monitor your finances moment by moment online, and don’t look now but brick and mortar stores in which to buy important things are drying up (Radio Shack anyone?).

          Like it or not, we have to make ourselves smarter about making our computing environments more secure, and keeping our data – which obviously has value – safe.

          In my home we currently have 6 MyBook external USB drives, half of which remain plugged-in 24/7 to service scheduled backups. Think about how many you have, and consider increasing the number and learning more about how to back your data up.

          We humans don’t like to think about risk… It’s a much better feeling to feel safe – even to the point where it’s a false sense – but there is of course risk in physically visiting your bank branch in person as well. We like to think that we will “see threats coming”, and that the police can keep us safe, but if we could always count on those things no one would ever get mugged or hurt.

          So far at least it seems to be possible to put enough effort and brain power into one’s computing environment to stay reasonably safe. That’s what we can hope for.

          -Noel

          3 users thanked author for this post.
      • #190657 Reply
        laidbacktokyo
        AskWoody Lounger

        Now all this current greatest mess, hype & hidden marketing of m$ massive patching of win7 and other windows seems to become the neverendless crazy fun! 🙁

        Here is a link to the tech article about another 8 gaps of Intel CPUs found of May 3rd, 2018. It’s in German originally, so pls just make its google translate:

        https://www.heise.de/ct/artikel/Super-GAU-fuer-Intel-Weitere-Spectre-Luecken-im-Anflug-4039134.html

        In short:

        New gaps and more patches – “Specter Next Generation” is right around the corner. Researchers have already found eight new vulnerabilities in Intel processors, as evidenced by information exclusive to c’t.

        Have a nice time!

        🙂

        2 users thanked author for this post.
      • #190792 Reply
        anonymous
        Guest

        Group A, Win7 Starter Edition, emachines netbook

        Had skipped March Madness

        Just finished April updates (except the 33342 .net update which I post-poned and the evil 2952664).

        All went well, best I can tell.  So appreciative of this forum and its many contributors!  Thank you, tireless supporters of this strange and sometimes perilous journey we are on!!

    Viewing 11 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Turning the ratchet up to MS-DEFCON 2

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.