News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Windows 7 Monthly Rollup patch is out

    Home Forums AskWoody blog Windows 7 Monthly Rollup patch is out

    Viewing 33 reply threads
    • Author
      Posts
      • #156263 Reply
        woody
        Da Boss

        The guesses were right. Late today, January 4, Microsoft released the usual Patch Tuesday Monthly Rollup for Windows 7. KB 4056894 2018-01 Security Mo
        [See the full post at: Windows 7 Monthly Rollup patch is out]

        1 user thanked author for this post.
      • #156269 Reply
        MrBrian
        AskWoody_MVP

        Internet Explorer fixes are included also.

        1 user thanked author for this post.
      • #156270 Reply
        PKCano
        Da Boss

        Are you using MSE? It is supposed to be compatible with the Jan patches already.

        If you are not offered the Rollup through Windows Update, your Anti-Virus vendor may not have tested that your AV program is compatible and put the RegAllow subkey in the Registry. You may be able to install the patch manually, but doing so may leave you open for a BSOD.

        Woody is using a test machine. If you manually install the patch now on a production machine, you may find you are a Guinea Pig.
        Use caution. And we are still under DEFCON 2.

        1 user thanked author for this post.
        • #156289 Reply
          alpha128
          AskWoody Plus

          Are you using MSE? It is supposed to be compatible with the Jan patches already. If you are not offered the Rollup through Windows Update, your Anti-Virus vendor may not have tested that your AV program is compatible and put the RegAllow subkey in the Registry. You may be able to install the patch manually, but doing so may leave you open for a BSOD. Woody is using a test machine. If you manually install the patch now on a production machine, you may find you are a Guinea Pig. Use caution. And we are still under DEFCON 2.

          FYI.  I use Avast! as my anti-virus.  I checked and version 17.9.2322 does put the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat registry key in place.  Therefore, the Windows 7 patch should be offered to me, but I haven’t seen it yet.  I’ll let you know when I see it, but of course I’m going to wait before installing.

          • #156295 Reply
            anonymous
            Guest

            Same here. I’m on the version prior to 17.9.2322 due to issues with that update but Avast did issue a microupdate to include the registry key (see here) though I’m also not being offered it, as is numerous other people aren’t by the look of it. I think it’s a case of wait and see, nobody should be installing updates yet anyway.

            -T

            • #156657 Reply
              anonymous
              Guest

              Still nothing. I’ve updated defender and malwarebytes (free version), i have the registry key but still no update offered. If it hasn’t come through by now it worries me that it’ll never come through and i would be unwise to install the security-only when the time comes. I HATE 2018 so far!

              -T

        • #156367 Reply
          AJNorth
          AskWoody Plus

          Yes; one Win 7 Pro x64 box does utilize MSE, together with Malwarebytes Premium. The Registry key is present and WU has offered the January Rollup (KB4056894), though this machine is Group B.

      • #156279 Reply
        anonymous
        Guest

        Not that i’m about to install any patch (certainly not the monthly rollup) but I’m only being offered December’s monthly rollup despite checking and seeing I already have that registry key. Unless it’s because I’m in the uk and the update hasn’t been rolled out here yet, we’re usually a day behind. But if it is indeed checking for the registry key (which I have) surely I should be offered January’s update? In that case I’ll avoid installing security only until it’s offered through the traditional update channel.

        -T

      • #156290 Reply
        anonymous
        Guest

        I noticed any help on the Microsoft website is written in Japanese, is this patch safe/necessary?

      • #156313 Reply
        anonymous
        Guest

        I just want to know 100% what it does

      • #156374 Reply
        AJNorth
        AskWoody Plus

        In her 2018.01.04 Patch Watch column for Windows Secrets, Susan Bradley offers this additional advice:

        “While you are there patching your workstations, review whether you have any additional overdue firmware updates that need to be installed. This isn’t the first bug in the Intel chipset; in November, Intel posted about a series of chip bugs that the company has since fixed through firmware updates available via their advisory page. Please review whether you need firmware patches as well by downloading Intel’s testing tool.”

      • #156368 Reply
        anonymous
        Guest

        I  was in group B for quite a while, but I have had many personal health issues that made me switch to group A.
        Late last night (1/4/2018) I forced a Windows update check (I have Win7-pro-32bit) and the cumulative update for January showed up. I didn’t install it as per the DEFCON level here.
        My CPU is an AMD Athlon 64×2 Dual Core processor 6000+ 3.00 GHz

        So, I can NOT take a hit on performance.  It is very slow now and I can’t afford to upgrade to a new computer.  Do I have ANY hope?

        Thanks Woody and everyone else here who keep or try to keep us peons up to date!

        EDIT html to text – contents may not appear as intended

      • #156387 Reply
        BackStop
        AskWoody Lounger

        I posted anonymously at 12:44am on January 5.  I only registered because I got tired of waiting for anything I posted to pass the “moderation” phase. (smile)

        Thanks Woody et al, for the site and all the helpful comments!

        Just when I think I am out, they PULL ME BACK IN! (sigh)

        1 user thanked author for this post.
        • #156428 Reply
          HiFlyer
          AskWoody Plus

          #156387 “Just when I think I am out, they PULL ME BACK IN!”

          ““Never let anyone know what you are thinking.” VC

           

          1 user thanked author for this post.
        • #156858 Reply
          Ascaris
          AskWoody_MVP

          Don’t panic!

          I can understand the concern.  I have a Core 2 Duo laptop that I like a lot (using it now to write this), and it’s a dead match for the Athlon 2 64 6400+ in Geekbench (which is only a slight bit above your 6000+; I doubt anyone would even notice the difference between the two Athlons).  I don’t want to lose any of its performance either, as it suits my purposes just fine, and I would like to keep using it.  I would not characterize it as very slow, though– you might find that a RAM boost or a SSD could do wonders for it, if the budget allows.

          I have no intention of running any patched OS that causes any noticeable performance loss.  We’re still in the “sky is falling” period now; we don’t really know what the actual fallout from this is going to be in real terms.  Any patches offered by Microsoft in a hurry-hurry rush to get the bug fixed now while everyone’s still in a panic mode (even though no attack in the wild has ever used this yet) are not likely to be the last word on the topic.  Haste doesn’t tend to support writing good code!  Something will be pushed out quick by all of the OS makers so that no one can claim they sat on their heels and did nothing while the world burned, but any optimizations that will make those code changes truly livable haven’t been done yet.  Changes to browser .js engines (the prime threat for those of us who don’t run just anything on our PCs; hopefully that’s all of us reading this forum) that mitigate the threat have just begun as well (Firefox has one out already), and any efforts to add anti-Meltdown/Spectre heuristic detection to anti-malware programs haven’t produced any results yet (or even been announced, that I know of, though I’d be shocked if every one of them was not scrambling to do this).

          On top of that, it’s not been established that older AMD designs like yours are susceptible to Meltdown or not.  So far, we’ve heard that AMD CPUs aren’t, but are they truly talking about all of them, or just the recent ones?

          It may become impossible to feasibly keep using Windows without taking the patch, even for AMD CPUs that are ostensibly immune to Meltdown, given that the architectural changes required will be so deep that it will become the new normal for Windows.  Even if AMD CPUs can run the old code relatively securely (excepting Spectre), it may not matter if all the antimalware programs and other kernel-level programs have to change to the new way in order for their products to keep working.

          Fortunately, Linux offers the ability to turn the mitigation for these exploits off if you want… and if the performance decrease is anything bothersome to me, I will turn it off unless and until I perceive the threat to me to be great enough to justify it (and that applies to Windows too).   I’m already actively pursuing the migration to Linux in the wake of Microsoft’s apparent efforts to destroy the Windows platform; this may be just one more thing that hits the gas on that one.

          Group "L" (KDE Neon User Edition 5.18.4).

          3 users thanked author for this post.
          • #156915 Reply
            BackStop
            AskWoody Lounger

            Thanks.

             

            I understand the “rush rush” approach and I am waiting for the all clear from Woody.  That is why I came here a few years ago.  I only registered recently because I never really felt the need to post anything.

            When I first read (on AMD’s site) that the risk was minimal on AMD chips, that made me feel a little better.  But, then of course, MS reared its ugly head and started this whole mess with the (continuation) of bad patches.  Again, the reason why I am here.

            I know Firefox has supposedly patched v57 and up, but I am still using the ESR release because of the way 57 broke so many extensions and add-ons, and essentially crippled as many more with “webextensions”.  FF is now essentially Chrome and if I had wanted Chrome, I would have installed Chrome.

            I have been using NoScript for years, so I do have some control over java-script.

            I too am looking at moving to a Linux OS in the near future.  For me, the headaches and privacy intrusions that come with MS are getting to be too much.

            The really scary part is that Spectre may not be fixable without new CPU architecture and that means a lot of people are going to be SOL if they can’t afford to buy the new hardware.  Hopefully, this will not end up being the case, but I’m not holding my breath at this point.

            Thanks again for your reply!

            2 users thanked author for this post.
      • #156398 Reply
        radosuaf
        AskWoody Lounger

        This is so annoying. Windows 8.1 is still in mainstream support but is neglected completely. The article Microsoft published on the issue:

        https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released

        does not even mention 8.1. That’s why I encourage all the ones that are not too keen to embrace Windows 10 to move to 8.1. The more of us, the more support MS will be (hopefully) forced to provide to us. I’m afraid that with such low market share, when W7 support is ended in 2020, there will be no other option but Windows 10 for W8.1 will be completely dead (something like W10M now – you get monthly updates, but that’s just patching holes).

        MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Aorus Radeon RX 570 4GB * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 10 Pro 2004 64-bit
        2 users thanked author for this post.
        • #156407 Reply
          Ascaris
          AskWoody_MVP

          Even now, AMD doesn’t bother to release Win 8.1 drivers for much of their stuff.

          Group "L" (KDE Neon User Edition 5.18.4).

        • #156476 Reply
          abbodi86
          AskWoody_MVP

          Couple of day delay wouldn’t hurt

          Windows 8.1 falls in area between Users-beloved Windows 7 and Microsoft-beloved Windows 10
          so it will always left behind
          for me it’s the best of both of them 😀

          3 users thanked author for this post.
          • #156480 Reply
            radosuaf
            AskWoody Lounger

            Couple of day delay wouldn’t hurt Windows 8.1 falls in area between Users-beloved Windows 7 and Microsoft-beloved Windows 10 so it will always left behind for me it’s the best of both of them  

            It’s still in MAINSTREAM SUPPORT. Should be fixed at the same time W10 is. Of course, I’m in no hurry, will wait until MSI publishes BIOS update and it’s benchmarked. While you can uninstall and update or reinstall Windows, with BIOS I guess you can’t reflash with an older version.

            MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Aorus Radeon RX 570 4GB * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 10 Pro 2004 64-bit
            1 user thanked author for this post.
            • #156491 Reply
              abbodi86
              AskWoody_MVP

              Wll, the KB article is ready and published
              https://support.microsoft.com/en-us/help/4056895/windows-81-update-kb4056895

              waiting for pushing the .msu button 😀

            • #156861 Reply
              Ascaris
              AskWoody_MVP

              The real mainstream support for Windows 8.1 ended July 29, 2015, regardless of what the official story line may be.

              Windows 7 was released with a new version of DirectX, but that was soon backported to Vista, which was at that time in mainstream support, and which had strong architectural similarities to 7.

              Windows 10 was released with a new version of DirectX, but that will never be backported to 8.1, which was then and is still now in mainstream support, and which has strong architectural similarities to 10.

              In practice, there’s been no difference in the way 8.1 and 7 receive patches.  Win 8.1 isn’t being modified to enable the new CPU architectures that supposedly require the wondrous new Windows 10 kernel to work (which is nearly identical to the 8.1 kernel).  They both have received the same patches for the same things since Windows 10 landed.

              Microsoft can’t be trusted to honor their own support periods if they conflict with their marketing plans.  They think nothing of imposing serious costs and obligations on their customers and claiming it’s for their own good when anyone can clearly see that Microsoft is the only beneficiary.  They are not acting as a trustworthy partner.  It has turned adversarial, and it’s all their doing.

              Group "L" (KDE Neon User Edition 5.18.4).

              2 users thanked author for this post.
      • #156429 Reply
        anonymous
        Guest

        I haven’t received any of the updates on my Win7 or Win10 systems. The registry key is there and Avast is compatible. What could be wrong?

        1 user thanked author for this post.
      • #156445 Reply
        FakeNinja
        AskWoody Lounger

        I’m searching Windows Update right now and there is no new patch for me :/ (Win 7)

        • #156448 Reply
          PKCano
          Da Boss

          Check your Registry. You anti-virus has to add a subkey to make you eligible for the update. This has to be present signifying that your AV is compatible. (Otherwise it may cause a BSOD)

          Key=”HKEY_LOCAL_MACHINE” Subkey=”SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat” Value=”cadca5fe-87d3-4b96-b7fb-a231484277cc”
          Type=”REG_DWORD”

          1 user thanked author for this post.
          • #156471 Reply
            FakeNinja
            AskWoody Lounger

            Oh, yeah I don’t have the QualityCompat. Is there a complete list where you can see what antivirus software are supported? I use Malwarebytes 3.0.

            EDIT: According to the Malwarebytes blog, they are supposed to be compatible, however I still don’t get the patch from Windows Update. I will wait and see what happens, I wasn’t going to install the patch right now anyway.

      • #156446 Reply
        des911
        AskWoody Lounger

        I’m Group B and note that there is a Security Only Update for Jan 2018 (KB4056897) which also requires the registry key. This update is dated Jan 3.

        Norton (Symantec) anti virus has automatically updated for me – the required registry key is present and eraser64.sys has been updated to version 117.3.0.358 (dated Jan 4).

        As we are still at Defcon 2, how long to wait before installing?

         

        Win7 Pro x64, Intel i7 860

        • #156451 Reply
          PKCano
          Da Boss

          Until Woody raises the DEFCON nymber to 3 or above, or gives instructions otherwise to say it’s safe.
          WAIT

          4 users thanked author for this post.
      • #156453 Reply
        satrow
        AskWoody MVP

        GossiTheDog, aka Kevin Beaumont, is trying to keep track of compatible AV for the MS Meltdown/Spectre mitigation patches here.

        6 users thanked author for this post.
      • #156483 Reply
        FakeNinja
        AskWoody Lounger

        I can confirm the alleged Sandboxie issue, what IS strange though is that I haven’t even patched my system and Sandboxie still stops working, it must be something to do with the Antivirus and not necessarily the patch. I had to uninstall Sandboxie temporarily.

        • #156486 Reply
          PKCano
          Da Boss

          Try this one by @GrossTheDog

          1 user thanked author for this post.
          • #156487 Reply
            FakeNinja
            AskWoody Lounger

            Thank you, Malwarebytes seem to have fixed the registry key and the update now appears in Windows Update, though I will obviously not install it right now.

      • #156493 Reply
        abbodi86
        AskWoody_MVP

        Side-topic

        it seems .NET 4.7.1 will be published through Windows Update, mostly on next tuesday
        https://support.microsoft.com/en-us/help/4052152/how-to-temporarily-block-the-installation-of-net-framework-4-7-1

      • #156504 Reply
        rontpxz81
        AskWoody Lounger

        Is this rollup patch safe for Windows 7?  Notice appeared on my PC this morning.

        Anyone that has installed it with or without system problems after please post.

        Concerned as it came out so quickly and that it makes changes to Windows kernel.

        • #156507 Reply
          PKCano
          Da Boss

          We are still on DEFCON 2!!! WAIT WAIT WAIT WAIT

          It’s time for testers who know how to recover from BSODs and the like, and have adequate backups, to see what problems there are. This is a major kernel update.

          Or you can be a Guinea Pig.

          7 users thanked author for this post.
          • #156661 Reply
            anonymous
            Guest

            Hi,

            I got BSOD on Windows 7 machines on Asus M2A-MX / DualCore AMD Athlon 64 X2, 2100 MHz (10.5 x 200) 4000+ – even Safe mode – BSOD (strange error 0x00000c4 0x0000000000091  – it was actually NOT a standard BSOD!). There was update kb4056894 automatically installed.

            How did I recover ? I’m not using System restore, so going to RECOVERY CONSOLE and running : dism.exe /image:E:\ /cleanup-image /revertpendingactions

            (E: drive is where my system in Recovery Console is)

             

            2 users thanked author for this post.
        • #157272 Reply
          anonymous
          Guest

          I let the update of KB4056894 take place on my Windows 7 machine with an AMD processor. As soon as I restarted it, it just sat there trying to start by never got beyond the first screen. Trying to repair the start up system did not work, nor did restore. I had to use the F8 and then go to recovery using my complete back-up on my external hard drive. Then the system worked as before though I had to replace some files that I had added between the time I made the recovery file on the ext hard disk. Tonight I created a new recover file and then retried the update. Same thing happened. Again I used the new recovery file and now all is well. But I will not be allowing that update to take place. Sounds like it has to do with the AMD processor and that Intel processors don’t seem to be effected.

      • #156505 Reply
        cyberSAR
        AskWoody Plus

        Installed updates yesterday so I could start testing before rolling out to clients at a later time.

        2 Win10 machines (older i5 models for kids and grand kids use) with no slowdowns or issues reported so far.

        1 Win7 machine I7. On login this morning the mouse cursor was not visible. Never did that before. Right-click desktop and refresh restored it. No noticeable slowdowns or issues other than that.

        3 users thanked author for this post.
      • #156539 Reply
        anonymous
        Guest

        1. AMD CPU and Windows 7 Pro x86. MSE, key in registry present. BSOD after install of kb4056894.

        2. AMD CPU and Windows 7 Pro x64. 360 TSE, key in registry added manually. Normal boot after install of kb4056894.

        1 user thanked author for this post.
        • #156572 Reply
          woody
          Da Boss

          Thanks for the report!

          Monthly Rollup (from Windows Update or Catalog) or Security-Only?

          How did you recover from the BSOD?

        • #156614 Reply
          anonymous
          Guest

          same here. windows 7 32bit with no antivirus at all installed and reg key present (added manually). After updating via windows update the system went titsup (BSOD) after reboot. Had to run windows restore in order to recover….

          • #156637 Reply
            anonymous
            Guest

            Hello, Are these AMD or Intel CPU computers? Can we please have; OS, bit, CPU, and maybe Video (nvidia, ati, intel, etc.)

            2 users thanked author for this post.
            • #156652 Reply
              anonymous
              Guest

              amd athlon 64×2 (tk-53), nvidia graphics (geforce 7000)

              2 users thanked author for this post.
      • #156602 Reply
        anonymous
        Guest

        I received the KB4056894 windows update today for my Windows 7 computer.  Tried to install, and after half way thru it failed, so the computer reverted back to original status before install attempt. 
        I have Norton Internet Security.  They say my Registry Key has been updated. 
        I think there may be something wrong with this Microsoft patch.  Will wait a few days before trying again to update. Or will wait to to see what Woody has to say about this patch.

        • #156609 Reply
          PKCano
          Da Boss

          Did you look to see if the Registry key actually existed?

          • #156688 Reply
            anonymous
            Guest

            No I didn’t look at the actual Registry Key.  Norton representative told me it was there/updated.  I received the update automatically from Microsoft.  It downloaded okay, but after Microsoft Update prompted me to shut the computer down so it could update, the computer did it’s thing (showing the % of update completed).  Then a message came up saying there was a failure in installing the update so it reverted back to it’s original state (before I downloaded the update).  Until Woody gives the go-ahead, I think it’s smart to sit back and wait.  I talked to the local computer company where I purchased my computer.  They recommended waiting around 5 to 7 days and then check for updates, and THEN try installing the update.  Sounds like a good idea!

      • #156619 Reply
        geekdom
        AskWoody Plus

        “I’m installing it right now on my “Group A” test Win7 machine, using Windows Update.”

        How is your test machine behaving?

        Have there been any difficulties?

         

        G{ot backup} TestBeta
        offline▸ Win7Pro SP1 x64 InUse
        online▸ Win10Pro 1909.18363.752 x64 i5-9400 RAM8GB HDD Firefox75.0 Windows{Image/Defender/Firewall}
      • #156639 Reply
        anonymous
        Guest

        Installed KB4056894 from windows update had no problems.  Win 7 pro x64 and  using MSE. I checked the registry but I’m not sure if anything was changed with the mse anti virus.

         

      • #156649 Reply
        fk5353
        AskWoody Plus

        AMD CPU with NVIDA video (Dell Optiplex 740) and Windows 7 Pro x86. MSE, key in registry present.

        Boots to System Repair after install of kb4056894 on two diffrent systems.

        3 users thanked author for this post.
      • #156683 Reply
        anonymous
        Guest

        I am not a techie, I am a simple users. My first PC was a 386 machine a friend built for me in 1988. I know less today than I did then about what makes things work. I also know I was many 100s of times safer when I first began online than I am today.

        I have never done the Windows Monthly Security and Quality Roll-ups. I do not trust Microsoft enough for that. However, I do the monthly Security only roll-ups. I usually wait 7 – 10 days after they are released to determine if they do anything harmful. I do not use any of the mainstream browsers, I use Pale Moon which was secure from these two attacks already. Plus it is non-invasive and privacy respectful.

        I also have not had an Intel cpu for the past 15+ years. AMD has been my preference staring with Windows XP. I have never visited an app store. I have used the same 5 browser extensions for many years (first on FireFox and now on P M). I changed Ad-blockers to use the one most compatible with my current browser. Flash player does not automatically run anywhere and I have the final ESR version when I must use it.

        What I have learned is one stays safe in the digital age by moderating their own behavior moreso than anything else they might try in terms of hardware or software.

        One important trick is not to use anything that makes you the actual product. AKA, “There ain’t no such thing as a free lunch.”

        2 users thanked author for this post.
      • #156707 Reply
        Seff
        AskWoody Plus

        I now have KB4056894 offered but unchecked on my Windows 7 x64 home gaming desktop – an AMD machine with MSE running in the background, and MBAM ver. 2.x free installed for manual scans only. I don’t have my other home desktop (Intel Core i7 from 2011 with Office 2010 installed and otherwise similar specs) on at the moment but imagine that will also be offered the update. No action to be taken of course.

         

      • #156726 Reply
        Nick
        AskWoody Lounger

        Hi Woody and Group:

        I have a Dell Inspiron 1501 running a Windows 7 SP1 platform.

        When I tried to apply the above Windows Automatic Update, it caused my computer to crash.  The system rebooted to the Windows Start screen and crashed.  Then it kept rebooting in a continuous loop.

        I had to insert my installation CD and selected, “Repair My Computer” and then selected System Restore to the last previous restore point to get my computer back to a normal state of operation again.

        Apparently, the above update is not compatible with my computer although it states the update is compatible with, “Windows 7 SP1.”  Or the entire update file is corrupt?

        That’s my observations of the above update.  I e-mailed Woody,and he suggested I post this for everyone to see.

        Thank you!

        Nick

        3 users thanked author for this post.
      • #156728 Reply
        anonymous
        Guest

        AMD Athlon 64 X2 4200+, MS Windows 7 Ultimate x64.

        Installed KB4056894 and BSOD at reboot; recovered system at last restore point and all ok.

        Re-installed KB4056894 and BSOD at reboot; recovered system at last restore point. Now I have hidden the update.

        Fufu

        2 users thanked author for this post.
      • #156801 Reply
        Bill D
        AskWoody Plus

        I’m running Windows 7 Ultimate on a Gigabyte motherboard (LGA 2011) with a 3rd generation i7-4960X processor. I have updated my Symantic definitions, which I think has taken care of the registry update. Beyond that, I’ve not yet done anything to mitigate any vulnerability to either “Meltdown” or “Spectre”. I downloaded the Intel-SA-00086 detection tool which ostensibly determines a system’s vulnerability to this —-. I expected to be vulnerable, but to my surprise, it came up with “This system is not vulnerable.”

        Does anyone know whether I can rely on that result?

        • #156806 Reply
          MrBrian
          AskWoody_MVP

          Intel-SA-00086 detection tool is not relevant to Spectre or Meltdown.

          2 users thanked author for this post.
      • #156831 Reply
        DrBonzo
        AskWoody Plus

        Something odd has happened.

        I’m Group B Win 7 x64 SP1 Intel core i3, current through December updates/patches and running up to date MS Security Essentials.

        Until yesterday Windows Update was showing me the December Rollup. Then yesterday evening I was offered the January Rollup. Now, this evening the January Rollup isn’t showing, but the December Rollup is back. I haven’t installed or even attempted to install any of the December or January Rollups or the January Security Only patch.

        I don’t understand why I would be offered the January Rollup only to have it “taken away” the next day. Has anybody else seen this or can explain this? I understand I need to wait before attempting an installs, but it seems like this is a step in the wrong direction.

        • #156866 Reply
          PKCano
          Da Boss

          The December patches are safe to install. The January patches are under DEFCON 2.

          If the January patch is not available, and the December patch has not been installed, the Dec patch will show up in Win Update because the January patch which superseded it is no longer there. When the Jan patch shows up, it supersedes the Dec patch and the Dec patch will no longer be offered.

          That is why, when you hide the Jan patch, the Dec patch shows up if it hasn’t been installed. If you hide the Dec patch, the Nov patch will show up if it hasn’t been installed. And so on.

          2 users thanked author for this post.
          • #156877 Reply
            DrBonzo
            AskWoody Plus

            Yes, I understand what you’re saying.

            But what puzzles me is that the December Rollup was offered but then replaced by the January Rollup without my doing anything to the December Rollup (I didn’t hide it, I didn’t install it, didn’t do anything), and then after being offered for about 24 hours, The January Rollup went away and was replaced by the December Rollup, again without my doing anything to the January Rollup. Not only did I do nothing to either of these Rollups, neither did Windows Update, with the exception of offering and then un-offering them. In other words, neither Rollup has been installed.

            I don’t want either of them to be installed since I’m Group B, but I do want to be offered the January Rollup because that is apparently a sign that Windows Update is happy with my antivirus software. I’m running MS Security Essentials so it should be happy, but frankly, I don’t trust MS for much of anything anymore.

            And yes, no matter what I’m offered, I’m going to wait to install the January Security Only patch until Woody gives the all-clear. 🙂

            • #156878 Reply
              PKCano
              Da Boss

              The Win8.1 Jan patch was reissued.
              Perhaps the Win7 patch was also revised. If it was temporarily pulled then reissued, that would explain the Dec patch showing up for a while then being replaced by the Jan one again.

              1 user thanked author for this post.
              • #156967 Reply
                DrBonzo
                AskWoody Plus

                OK, that makes sense. I’m still showing the December Rollup and not the January, but it seems lots of folks are seeing the January Rollup now unchecked even though it was previously checked. So it seems that as per usual there’s a lot of MS flopping going on.

                Oh well.

      • #156837 Reply
        anonymous
        Guest

        Installed MS 2018-01 KB4056894 on my Win7 SP1 with Norton AV. At Restart got message “Your computer was unable to start”. After startup repair, got message “can not repair this computer automatically.  The Startup repair diagnosis and repair log said “Root cause found: A patch is preventing the system from starting”.  
        Win7 SP1 with Dec 2017 update.  Norton AV.  Dell Optiplex 740.

        1 user thanked author for this post.
        • #156867 Reply
          PKCano
          Da Boss

          Boot from your Rescue Disk to access System Restore. Restore to a point before the update install. Set Windows Update to “Never check for updates” and wait to install any updates.

          1 user thanked author for this post.
        • #156961 Reply
          anonymous
          Guest

          Hello, Are these AMD or Intel CPU computers? Can we please have; OS, bit, CPU, and maybe Video (nvidia, ati, intel, etc.)

           

      • #156909 Reply
        anonymous
        Guest

        KB4056891 has just auto-installed without any warning/information .. even though I have Windows Updates/ quality updates deferred for 23 days – Win 10 #1709

      • #157324 Reply
        ardvark
        AskWoody Lounger

        Ardvark here… Total novice at this… checked virus scan list & found my virus SW (Avast) was designated as fixed… So, I installed kb 4056897, which is the Security Update only (from MS Catalog) on my W7 64bit Asus PC… assume/hope it included update for IE 11… understand it only has a possible Meltdown fix (I never install the complete ‘Rollups’ like kb4056894 – don’t trust them) – assume I will need to contact Asus at some point for Firmware & BIOS update…no issues & no BSOD with PC so far – no issues with IE 11 either… wonder when we will see W7 update to handle Spectre? Can anyone confirm same process/results?

        • #157329 Reply
          PKCano
          Da Boss

          Secuity-only patches and IE11 Cumulative Updates (two separate patches) are available at AKB200003 in our Knowledge Base.

      • #157332 Reply
        ardvark
        AskWoody Lounger

        Ardvark her again…Thanks PKCano! One question…I have installed all of the individual Security Only Patches each month as they were released, in order. Since the IE 11 Patch is Cumulative, do I need to install each of those that are listed at AKB200003 individually also like the Security Patches, or just the latest one? Best regards & thank you for your patience & help!

        • #157333 Reply
          PKCano
          Da Boss

          Since it is cumulative, you only need the latest IE11 Update.

      • #157335 Reply
        ardvark
        AskWoody Lounger

        Thanks PKCano… assumed that was the case but hate to assume things! Will download the latest IE update as directed…Best regards, and thank you again!

      • #156347 Reply
        mindwarp
        AskWoody Lounger

        Have you updated Malwarebytes?  That needs to be updated as well, and they have already got their update out to be compatible with the Windows patch.

    Viewing 33 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Windows 7 Monthly Rollup patch is out

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.