Where we stand with the July 2019 patches

[woody]

Win7 basks in telemetry, the Win10 1903 RST upgrade block casts an unintentionally wide net, problems with Visual Studio, and yet another fervent call
[See the full post at: Where we stand with the July 2019 patches]

4 users thanked author for this post.

Elly, fernlady, abbodi86, SueW

[OscarCP]

Like “a demogorgon” indeed: well said. And not a single Demoperseus in sight to chop its head off… Although that might not be needed, anyway, because this Demogorgon might come to see, if it  has not already seen, its own reflection in a demomirror.

As to telemetry via undercover update: MS never ceases to give us something to talk about.

Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

[Charlie]

The telemetry part of the Win 7 “Security Only” monthly update won’t bother me that much as long as I don’t get hassled or badgered constantly with MS pop-ups nagging me.  I haven’t heard any cries of terror from the Group A people who have been subject to the telemetry since the beginning of the whole “roll-up, no-see-’em” thing.

What bothers me is that I don’t know what I might get in a Group A roll-up update.  Drivers I don’t need is at the top of the list. I want to make the decisions as to what goes into my computer and where it comes from.  I plan on staying with Group B Security Only updates unless a reason not to rears its ugly head. Then I’ll be Group W as far as MS goes and will do my online Internet things on Linux.

Win 7 Still Alive, x64, Intel i3-2120 3.3GHz, Linux Mint 19.1

1 user thanked author for this post.

SueW

[anonymous]

If one needs (or desires) to have Win 7 fully patched, but wants to really cut off the telemetry (and every other undesirable communication), is there a viable solution?  I had heard that software firewalls are worthless because the OS just goes around them.

[David F]

You could try something like Spybot Anti-Beacon. It’s made for Win10 but apparently will handle Win7 as well. I’ve never used it myself so cannot offer an opinion on it’s effectiveness, I think there are some others around as well if you search.

I have no idea how well it works or if you’ll get any unexpected effects. There are also resources on this site and ghacks (long list of servers to block) that can help minimize the intrusion.

Ultimately you have three choices, put up with it, block/minimize it or use another O/S and keep win7 offline

• This reply was modified 10 months ago by David F. Reason: Fix typo

[Alex5723]

anonymous wrote:

If one needs (or desires) to have Win 7 fully patched, but wants to really cut off the telemetry (and every other undesirable communication), is there a viable solution?  I had heard that software firewalls are worthless because the OS just goes around them.

There is a solution (mentioned here on the forum) called Simplix Pack.
It seems you can build an update Win 7 pack stripping telemetry components.

https://forums.mydigitallife.net/threads/simplix-pack-to-update-live-win7-system-integrate-hotfixes-into-win7-distribution.45005/

p.s There is a special topic for Win 7 users :

New forum: Windows 7 beyond end-of-life

2 users thanked author for this post.

Bertram Pincus, Elly

[BobT]

As mentioned, them adding telemetry to SECURITY ONLY patches means W7 support has now ended 6 months early for me. I’m now group W.

Whether the telemetry will cause problems or not is besides the point, I control what gets on my machine and out of principle I won’t install anything that isn’t as described, and with “extras” sneaked in.

SECURITY ONLY changes in my Security Only patches please, thankyou.

2 users thanked author for this post.

phaolo, wdburt1

[RockJohny]

I’ve never seen the name of this update before:

Security Intelligence Update KB2310138 (Def 1.299.867.0)

sounds a tad ominous

I couldn’t find that Definition by searching this site so could someone chime in about it?

 

Off Topic: I tried donating to get the Plus membership through Paypal but it wouldn’t just take my Paypal money, it wants to take from my bank directly. I’d rather be in control from year to year.

• This reply was modified 10 months ago by RockJohny.

[PKCano]

KB2310138 is a Definition update for Microsoft Security Essentials released 7/30/2019.

Off Topic: I tried donating to get the Plus membership through Paypal but it wouldn’t just take my Paypal money, it wants to take from my bank directly. I’d rather be in control from year to year.

Contact @AskWoody.com”>CustomerSupport@AskWoody.com to help you through your Plus signup.

1 user thanked author for this post.

RockJohny

[woody]

You should be able to get a Plus membership using PayPal only. Please shoot me email (@AskWoody.com”>CustomerSupport@AskWoody.com) and tell me the details.

[anonymous]

I guess we need Windows “11” to take care of that demogorgon of Windows 10 it is.

;p

 

[JohnH]

Does anyone know if Martin Brinkmann’s (gHacks) anti-telemetry measures are effective against the latest telemetry installs by MS?

[JohnH]

Should have checked first, of course. Here’s Martin’s piece on the new MS telemetry push, which contains the link to how to block telemetry for Win 7 & 8.1.

https://www.ghacks.net/2019/07/11/did-microsoft-just-drop-the-telemetry-bomb-on-windows-7-users-without-telling-anyone/

3 users thanked author for this post.

SueW, rexr, woody

[z.d.]

I’m a Windows 7 Group B user and don’t wish to install the July Security Only update because of the telemetry issues.

Are the telemetry elements contained only in the July Security Only update?

If so, is it ok not to install that, but to still install the IE updates and anything else that Windows Update offers like .Net and Office updates (but excluding the Security Quality Monthly Rollup and any previews, obviously)?

[PKCano]

July 2019-07 Security Only Quality Update KB4507456 is the only Security-only patch that contains the Compatibility Appraiser that we know of (so far). When you skip this patch, you also skip any other fixes that are contained in it because the Security-only updates are NOT cumulative. But, yes, you can skip the update.

Whether future Security-only updates contain the Compatibility Appraiser of not, Microsoft hasn’t said. But, then, MS didn’t say anything about including it in the July patch either.

If you skip the July Security-only update, you definitely need to go ahead and install the IE11 Cumulative Update for July and any other updates you want to install.

2 users thanked author for this post.

Elly, z.d.

[anonymous]

I’m skipping  the July 2019 IE11 Cumulative Update as well as it’s too close to the Aug 2019 IE Cumulative Update anyways and I’m using Firefox for most of my browsing. The August 2019 IE cumulative update is going to have whatever patches that are in the July IE cumulative update so that’s less updating work for me.

It’s too bad that I can not install the July Security Only Patch and if Aug has the same telemetry then that’s getting skipped as well. And one more time with any telemetry in any Security Only update and Windows 7’s EOL will be actually July 2019 and not Jan 2020 for many folks.

I know for sure that my HP Probook’s Ivy Bridge based core i7 CPU(Windows 8 Pro License with Windows 7 Pro installed via Windows Pro OS version downgrade rights) can run Windows 10 but I’m just not sure if the laptop’s discrete mobile GPU has any drivers that are certified for Windows 10. But that laptop is getting a new SSD and Windows 8 installed from the OEM provided recovery DVDs and the old hard drive will still have Windows 7 pro installed on it when it gets replaced in Jan 2020 by an SSD. I’ll upgrade in place to Windows 8.1 pro on the SSD and go from there until 2023(And Security Only Updates will be the rule).

MS has until 2023 to get Windows 10 more stable and out of folks personal business and I’m actually waiting for some Linux OS laptop OEM to begin offering Linux OS based laptops with AMD’s Ryzen 3000/later series Zen/Vega, Or Zen-2/Navi, based APUs. So hopefully the Linux OEM laptop makers will begin offering AMD APU options by 2023 at least and I’ll do fine on Windows 8.1 until 2023 on the HP Probook at least.

I’d sure like to see more Windows 8.1 reporting, up to and following Windows 7’s EOL, and and info on any 8.1 Security Only Updates that need to be avoided as well and there are many millions of Business grade laptops that shipped with a Windows 8/8.1 Pro License that where OEM Factory Downgraded to Windows 7 Pro. So millions of Business Laptop Owners have the option/rights to Windows 8/8.1 until 2023 via the license on their laptops so some reporting for those folks would sure be appreciated.

I’m also looking for any Windows 8.1 third party software solutions that can turn off the TIFKAM add make Windows 8.1 look and act as much like Windows 7 as possible.

[mn–]

anonymous wrote:

I’m actually waiting for some Linux OS laptop OEM to begin offering Linux OS based laptops with AMD’s Ryzen 3000/later series Zen/Vega, Or Zen-2/Navi, based APUs

Well yeah. It’s not hard to order laptops without embedded Windows OEM license, the hard part is getting any kind of commitment for hardware / driver compatibility with Linux…

(BTW, if you’re ordering custom-spec laptops, say using the HP TopConfig or the other equivalents… do check the Windows pricing in your supply chain, OEM embedded vs OEM sticker. I at least was surprised by some of the price differences… which do vary by model sometimes.)

[Alex5723]

mn– wrote:

It’s not hard to order laptops without embedded Windows OEM license, the hard part is getting any kind of commitment for hardware / driver compatibility with Linux…

Look at System 76, and they have Linux on Ryzen, Threadripper, Xeon CPUs.

https://system76.com/

[mn–]

Alex5723 wrote:

Look at System 76, and they have Linux on Ryzen, Threadripper, Xeon CPUs.

… sure, but rather limited in terms of localization (“use keyboard stickers”, yeah right… do you even build them with the correct number of keys?) and such.

Not a problem in a desktop or server system but laptops…

[z.d.]

Thank you PKCano for your reply. I don’t mind skipping this update, and further Security Only updates, if the telemetry issues persist, as Windows 7 is so near to end of support that it won’t be long until it’s time to move to Windows 10 anyway. I can deal with Windows 10’s issues when I get there!

[walker]

@PKCano:  Is the Defcon still remaining at only   TWO?  I keep looking for it to go to Defcon 3 or higher, however it is not changing.   Is something “wrong” with my computer that I’m not seeing Defcon 3?

I can’t recall when it’s been at Defcon 2 for this long.   I hope nothing is wrong with my computer.   I’m sure you have the correct information, as you always do, and your help with this would be very much appreciated.   Thank you again for all of your assistance.

[PKCano]

This is Aug. 1, and Patch Tuesday isn’t until the 13th of Aug. There is almost two more weeks.

Be patient. 🙂

• This reply was modified 10 months ago by PKCano.

1 user thanked author for this post.

walker

[walker]

@PKCano:  Thank you, thank you, thank you!  I can now breathe so much easier.   You are a “real”  Life Saver!  I wish there were a tremendous award for you, and all of the wonderful help you have provided to all of us!!     Your talents are unequaled IMHO, and my admiration is beyond my ability to express.    Thank you again, so very, very much!

[Alex5723]

PKCano wrote:

This is Aug. 1, and Patch Tuesday isn’t until the 13th of Aug. There is almost two more weeks.

Be patient. 🙂

• This reply was modified 10 months ago by PKCano.

How will August 13 patch Tuesday change July’s MS-DEFCON rating ?
It looks that we are “stuck” with MS-DEFCON=2 for July as max deferral of 30 days for quality updates is Friday next week.

[Kirsty]

As Woody said earlier this week:

When the coast is clear, I’ll change the MS-DEFCON rating. For now, sit tight.

[woody]

I’m writing the article right now.

Patience. There’s no pressing need to patch at this moment. And we have important new information coming in.

1 user thanked author for this post.

walker

[ppappas]

My Dell Precision M6700 is using RST version 14.8.16 and according to Intel, I cannot use a newer version as this is the last version compatible with my hardware.  If Win 10 1903 is going to require the latest RST versions, does that mean I won’t be able to upgrade? I am currenrly on 1809.

[Alex5723]

ppappas wrote:

My Dell Precision M6700 is using RST version 14.8.16 and according to Intel, I cannot use a newer version as this is the last version compatible with my hardware.  If Win 10 1903 is going to require the latest RST versions, does that mean I won’t be able to upgrade? I am currenrly on 1809.

Do you really need Intel’s RST ?
You can uninstall it.
https://forums.intel.com/s/question/0D50P0000490RrCSAU/uninstallingreinstalling-proper-rst-version?language=en_US

[ppappas]

Alex5723 wrote:

ppappas wrote:

My Dell Precision M6700 is using RST version 14.8.16 and according to Intel, I cannot use a newer version as this is the last version compatible with my hardware.  If Win 10 1903 is going to require the latest RST versions, does that mean I won’t be able to upgrade? I am currenrly on 1809.

Do you really need Intel’s RST ?
You can uninstall it.
https://forums.intel.com/s/question/0D50P0000490RrCSAU/uninstallingreinstalling-proper-rst-version?language=en_US

Yes, I do need RST as I am running my two internal drives as a RAID zero array.

[Alex5723]

ppappas wrote:

Alex5723 wrote:

ppappas wrote:

My Dell Precision M6700 is using RST version 14.8.16 and according to Intel, I cannot use a newer version as this is the last version compatible with my hardware.  If Win 10 1903 is going to require the latest RST versions, does that mean I won’t be able to upgrade? I am currenrly on 1809.

Do you really need Intel’s RST ?
You can uninstall it.
https://forums.intel.com/s/question/0D50P0000490RrCSAU/uninstallingreinstalling-proper-rst-version?language=en_US

Yes, I do need RST as I am running my two internal drives as a RAID zero array.

So unless Microsoft and Intel come to a solution for older RST drivers, you won’t be able to upgrade to 1903.

[anonymous]

? says:

out-on-a-limb prognosticating

the “telemetry” package will continue to be added into the rest of the monthly SO patches culminating with the cherry-on-top get winX in dec or jan (if not before.

“B” patchers can install the July 2019 SO and then remove it’s fangs using the excellent guides found within the pages here at ask woody. be ready to continue to remove the “telemetry” after each subsequent re-installation (monthly) until your machine bends to the will of its maker and magically downloads and tries to run windows 10, some will run it some will not (only microsoft knows for sure?)

personally, i will not be patching july because i don’t want their c**p in my winsxs, registry, system files, system32 drivers or anywhere else for that matter. if i were going to run windows 7 past the “Security Only” July patch i would burn this copy off and use Canadian T’s clean install and restricted patching system also well documented here at Ask Woody and probably run it in a virtual machine config.

thanks for listening…

[Charlie]

This is the second time I’ve heard that Win 7 users will have Win 10 forcibly downloaded and installed on their computer GWX style in or after Jan. 2020.  Is this an actual fact or just a rumor?  I haven’t heard much talk about it otherwise.

By the way, this post deals with the July 2019 update, which includes Win 7.

Win 7 Still Alive, x64, Intel i3-2120 3.3GHz, Linux Mint 19.1

[PKCano]

Another GWX of forced Win10 installation on Win7 computers is just not happening.

2 users thanked author for this post.

walker, Charlie

[anonymous]

After installing 1903 on windows 10 home, I lost file sharing.  I can see the windows 10 computer on the network from another computer, but when I try to access it I get a do not have permission error message.  I rolled it back to 1809 and still don’t have file sharing.  Anyone else have this problem?  Any ideas on how to fix it.

[Alex5723]

anonymous wrote:

After installing 1903 on windows 10 home, I lost file sharing.  I can see the windows 10 computer on the network from another computer, but when I try to access it I get a do not have permission error message.  I rolled it back to 1809 and still don’t have file sharing.  Anyone else have this problem?  Any ideas on how to fix it.

Check if SMBv1 is enabled.

[EP]

hi woody.

It looks like Mcafee has issued out new rules for protection against the BlueKeep problem but they prevent the July 2019 updates from being offered. born has recently reported about this on his web site:

https://borncity.com/win/2019/08/02/mcafee-endpoint-protection-blockt-juli-2019-updates/

that means NO July 2019 patches for Mcafee Endpoint Protection users

ah the problems between the recent MS updates and Mcafee continues…

• This reply was modified 10 months ago by EP.

1 user thanked author for this post.

woody

[ppappas]

Alex5723 wrote:

ppappas wrote:

Alex5723 wrote:

ppappas wrote:

My Dell Precision M6700 is using RST version 14.8.16 and according to Intel, I cannot use a newer version as this is the last version compatible with my hardware.  If Win 10 1903 is going to require the latest RST versions, does that mean I won’t be able to upgrade? I am currenrly on 1809.

Do you really need Intel’s RST ?
You can uninstall it.
https://forums.intel.com/s/question/0D50P0000490RrCSAU/uninstallingreinstalling-proper-rst-version?language=en_US

Yes, I do need RST as I am running my two internal drives as a RAID zero array.

So unless Microsoft and Intel come to a solution for older RST drivers, you won’t be able to upgrade to 1903.

Thank you Microsoft! If my current RST driver has worked fine in all previous versions of Win 10, what’s so special about 1903?

[Author]

Posts