Yet another massive release of patches, re-patches, re-grouped patches, and a few explanations

Topic

New Reply

If you thought it couldn’t possibly get worse, you ain’t seen nuthin’ yet. Lengthy, angst-filled post coming in Computerworld.
[See the full post at: Yet another massive release of patches, re-patches, re-grouped patches, and a few explanations]

10 users thanked author for this post.

walker, Fred, SueW, geekdom, JDeC, abbodi86, Microfix, MrBrian, Elly, AJNorth

Reply | Quote

Replies

I just checked my WU and the .net rollup is now checked . ( Win7sp1 64bit)

Win 10 Pro v.20h2

Reply | Quote

woody wrote:

If you thought it couldn’t possibly get worse…

Oh, I’ve never doubted, it couldn’t…

4 users thanked author for this post.

Cartoonist Aaron, Pepsiboy, BobbyB, JDeC

Reply | Quote

2018-01 Preview of Monthly Quality Rollup for Windows 7 (KB4057400) 😀

and yes, although not documented, but it does contain the AMD bootable fix

4 users thanked author for this post.

Cascadian, HiFlyer, MrBrian, woody

Reply | Quote

Holy Moses. There’s ANOTHER group of patches out today. Updates coming.

3 users thanked author for this post.

SueW, JDeC, AJNorth

Reply | Quote

Woody:

I have started using the Windows 10 Update History page to try to keep track of changes.  Right now, the top level page for Version 1703 is https://support.microsoft.com/en-us/help/4018124  .  The detail page for the newest Version 1703 update is titled January 17, 2018 – KB4057144 (OS Build 15063.877).  There may be a new release today of this build but at least the build number has not been incremented for two days.  Maybe I should take that as progress.  All it tells me is that I am still waiting for this to get far enough along this month for an all clear, i.e. MS-DEFCON 3,4, or 5.

 

Reply | Quote

It’s a great resource – but frequently it’s out of date, or incorrect.

@abbodi86 notes, below, that it’s just metadata changes. https://www.askwoody.com/forums/topic/yet-another-massive-release-of-patches-re-patches-re-grouped-patches-and-a-few-explanations/#post-160491

Reply | Quote

Woody,

Thanks for the cautions.  At least it sounds like they catch up sooner or later.

Reply | Quote

“and yes, although not documented, but it does contain the AMD bootable fix”

That is my conclusion also, because every file in KB4073578 (x64 version) is also present in KB4057400 (x64 version). The analogous conclusion is also true for the Windows 8.1 January 2018 preview Windows monthly rollup (x64 version).

I don’t understand why Microsoft isn’t documenting this explicitly.

2 users thanked author for this post.

walker, woody

Reply | Quote

Does that mean all Windows 7 cumulative updates will from now on contain the AMD bootable fix?

 

1 user thanked author for this post.

morat

Reply | Quote

Yes.

1 user thanked author for this post.

morat

Reply | Quote

@abbodi86:   It’s been a while, so I cannot recall for certain, however I thought that all of the “Previews” for Monthly Quality Rollups for Win7 for x64 (e.g. 4057400) were never to be installed.   I haven’t seen reference to this in quite a while, so I could be wrong.  Thank you for all of the information you provide to us all.    🙂

Reply | Quote

Just received KB4057270, monthly quality roll up for net framework on  windows 7.  didn`t down load it yet.

1 user thanked author for this post.

JDeC

Reply | Quote

Is there any substantive data on the impact of the meltdown and spectre patches on pre6 series CPUs; need to decided if I’m ploughing my own furrow or not

Reply | Quote

There are new registry keys that control whether the protections (and performance hits) are enabled or disabled, after the applicable updates are installed. So, if it slows things down too much for you, apply registry changes, reboot, back to performance as normal.

Yes, this leaves you vulnerable again, but, that’s the boat you’re in if you simply skip the updates anyways… except now you get to keep installing new rollups for other security issues.

1 user thanked author for this post.

Cascadian

Reply | Quote

ky41083 wrote:

There are new registry keys that control whether the protections (and performance hits) are enabled or disabled, after the applicable updates are installed. So, if it slows things down too much for you, apply registry changes, reboot, back to performance as normal.

Are you certain about this?  The way I understand it is that the registry key allows the applicable update to be installed (once the AV flags itself as compatible), and that from that point forward, you’re stuck with it.  I had hoped it would be as you suggest, but everything I have read thus far leads me to believe that the fix is either installed (and thus active) or not (and thus not active).

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, KDE Neon
Acer Swift Go 14, i5-1335U/16GB, KDE Neon (and Win 11)

Reply | Quote

While I would defer to others for proper terminology on the functions involved, I have seen the Gibson Research tool discussed here: https://www.askwoody.com/2018/scan-for-meltdown-and-spectre-with-steve-gibsons-new-inspectre-utility/ offers just such options in a push-button interface to toggle the featured protection ON and OFF.

Reply | Quote

Yes, absolutely certain.

These are the registry settings I am citing:
https://support.microsoft.com/en-hk/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

These are the registry settings you are citing:
https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software

The first link being a post update install way of turning the protections (and performance impact) on and off, and as it appears, are the same registry settings InSpectre controls with the enable / disable buttons. I personally made myself two .reg files, one on, and one off. These registry settings should work on any OS version that is / will be getting patched for this.

The second link is the registry setting that controls whether or not the update is offered in the first place, and is supposed to be set by security software vendors, after compatibility testing passes on the vendors end. Issues arise when multiple security products are installed…

3 users thanked author for this post.

SueW, Elly, Cascadian

Reply | Quote

“Are you certain about this?”

See Questions 9 and 11 at https://support.microsoft.com/en-hk/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution.

2 users thanked author for this post.

SueW, Elly

Reply | Quote

The Registry key “QualityCompat” only allows the fix to be installed as part of the Rollup through Windows Update. If you don’t have the key signifying that the AV is compatible, WU will not offer the updates.

BUT: The lack of the key does not stop someone from installing the patch containing the fix manually. I was able to install the Security-only update, the Monthly Rollup and Win10 Cumulative manually WITHOUT the Registry key being present. You can bork your machine if you want to.

AND uninstalling the Registry key does not uninstall the patch with the fix. It only prevents you from getting any more updates from MS.

1 user thanked author for this post.

SueW

Reply | Quote

I’ve gotten to the point where I make sure I’m wearing an adult diaper before I visit this site!

🙂

Have you seen the price of Tums? It's enough to give you heartburn.

6 users thanked author for this post.

Microfix, Cascadian, SueW, BobbyB, lurks about, woody

Reply | Quote

You know, Charlie, this has caught my eye several times while scrolling to marked new comments. I find it funnier each time I try to decide what the hazard is. At first glance it is the ‘first you say it then you do it’ loss of sphincter tension from the shock of even more bad news. But then I recognize the time spent this month, and the undivided attention required to make sense of the conflicting information. It can be difficult to tear yourself away from the continually developing problem. Fear of missing out.

I guess now I finally realize where portable devices may come in handy. If the potty will not come to the information display; take the information display to the potty. Just be careful not to drop it.

1 user thanked author for this post.

SueW

Reply | Quote

No change on Windows 10 patches binaries, just metadata revision (whatever have change)

1 user thanked author for this post.

woody

Reply | Quote

Cousinjack wrote:

Is there any substantive data on the impact of the meltdown and spectre patches on pre6 series CPUs; need to decided if I’m ploughing my own furrow or not

One of my systems is a i7-3820 SandyBridge_E running 4.7 Ghz in an Asrock x79 Extreme6 MB w/ 16GB’s G_Skill DDR3 running at 2128Mhz DDR.  It has (2) Samsung 850 SSD’s and (2) WD Black 500GB HDD’s.  It is my main, everyday in everyway, use system. This box quad boots DOS 7.1, 32b WinXP SP3, 64b Win7 HP SP1 (primary OS) and 64b Win10 Pro v1703.

I disk imaged the W7 and W10 installs on 01/04/2018 then manually installed KB4056897 & KB4056568 in Win7 and KB4056891 in Win 10 without any issues.  Only Meltdown is mitigated here as Intel has not released the Spectre mitigation MicroCode for Sandy or Ivy Bridge CPU’s yet.  Note both systems run Panda Free AV 17.01 which is compatible with the Windows “Meltdown” patches. Both W7 and W10 have had  the “QualityCompat” registry info manually added so Windows Update doesn’t have a hissy fit and stop installing future updates.

In the days since the “Meltdown” patch installs I have done many DOZENS of hours of benchmark runs plus real world stop watch timed runs of WinZip unzips, WinRAR unpacks and MKV movie video conversions.  Benchmarks included CrystalDiskMark, Passmark, PCmark8, PCmark10, Geekbench, Cinebench, UserBenchMark and a few others.

Without getting into pages and pages of useless, boring details my results showed a slowdown of 0.0% to 2.1% (worst case) post Meltdown Patch Install in ALL of the benchmarks (and benchmark runs) in Windows 7.

Windows 7 timed runs of WinZIP, WinRAR and MKV movie video conversion Pre and Post update were identical.  I used file sizes of 1 to 15 GB’s for testing.  Timed bulk file copies (100 files of various sizes from 50KB to 10GB) between the SSD’s and/or HDD’s were unchanged.  I saw no change in Far Cry 4 frame rates (or any game frame rates).  There were no changes in Gigabit network xfer speeds with network utilization easily staying pegged at 99%.

The numbers for Windows 7 and Windows 10, both Pre and Post Meltdown patch, were virtually identical.  If the OS used for the test runs was not indicated you would have not be able to tell that two differnt OS’s were used by looking at the results.

Note My Samsung 850’s top out around 550MB/sec Seq so they may be simply not fast enough for a copy slowdown to show up.  If you had some Samsung 960’s that could do 2000MB/sec maybe you would see an copy slowdown with them.

The bottom line I found is MicroSoft is absolutely and shamefully trying to take advantage ot the Meltdown/Spectre issue to push Windows 10.  They are totally blowing smoke up your rear end about “older silicon” (or any silicon by my Win 7 only testing of my I3-6100 Skylake box) being slowed more on Windows 7 than on Windows 10 post “Meldown” patch.

Now maybe it will very different on a multi processor server with hugh anounts of disk I/O over fiber or multiple 10Gb/sec ethernet cards, but they would be running older/newer versions of Windows Server OS’s, not W7/W10.

Viper

Total of 21 users thanked author for this post. Here are last 20 listed.

Steve, Danster, GoneToPlaid, kdock, HiFlyer, Charlie, SueW, woody, wdburt1, David F, SkipH, Cybertooth, Elly, anita.yk, Cascadian, Steve S., AJNorth, MrBrian, satrow, Jan K.

Reply | Quote

Thanks. This is good info from what has been clearly a lot of testing time on your part. I’m thinking the final ‘tell’ will be whether slowdowns become real-world significant after the microcode is released & flashed to your system. Keep us posted.

Win10 Pro x64 22H2, Win10 Home 22H2, Linux Mint + a cat with 'tortitude'.

3 users thanked author for this post.

HiFlyer, AJNorth, woody

Reply | Quote

ViperJohn said:
Windows 7 timed runs of WinZIP, WinRAR and MKV movie video conversion Pre and Post update were identical.  I used file sizes of 1 to 15 GB’s for testing.

How about compressing a large volume of files (say, 500 MB – 15 GB) using WinRAR & 7zip (if you have this) ? From experience on my low-end machine, compressing large files typically takes a much longer time & incurs much higher CPU usage than unzipping similarly large archived files.

As for general patching impacts, below is a contrasting experience from a Win 7 user — whose 6-year-old PC is likely of lower-end specs compared to ViperJohn’s high-quality rig — who installed Microsoft’s Meltdown kernel patch, but apparently lacks any BIOS or CPU microcode update from OEM/Intel.

Fortunately, user is able to reverse the system slowdown by disabling Microsoft’s Meltdown patch (ie. undoing patch’s registry change) via Steve Gibson’s InSpectre tool.

https://www.ghacks.net/2018/01/16/gibson-releases-inspectre-vulnerability-and-performance-checker/#comment-4338163
User wvo:
my 6 years old laptop with Intel i-5 and Windows 7 is protected but performance is compromised. Subsequently I disabled protection, since it was already obvious my machine is slow to start up and has problems with copy pasting files. After applying Steve’s fix all is smooth again

 

ViperJohn said:
… about “older silicon” (or any silicon by my Win 7 only testing of my I3-6100 Skylake box) being slowed more on Windows 7 than on Windows 10 post “Meldown” patch.

Perhaps the issue is not so much the age of the CPU or perhaps even the age of Win OS (especially since Win 7 & Win 10 are released less than 6 years apart), but rather the quality/ price-point of the CPU & the other PC components in general (eg. RAM, type of disk, etc). I won’t be so hasty to dismiss the possibility of significant system slowdowns on lower-end machines.

Reply | Quote

Ah MS!  What a total mess.  Begs the question, “Do they really know what they are doing?” Every month they continually shoot themselves in the foot whilst it is in their collective mouths.  I am looking for a suitable alternative that my old brain can easily live with. Of course update is turned off.

If MS was a jockey and Windows Update the jockeys daughter, one could well say, “She was only the jockeys daughter and all the HORSE MANURE!”

Reply | Quote

Thanks for the update. Any further late-breaking patch number soup?

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

Yes, don’t install that Geo.  I did once and regretted after it broke the machine.  Fortunately, I was able to roll it back.  I see Windows 7 as the current most stable operating system out there.  There are many businesses and consumers that use it as well as parts of the gov’t sector.  Anyway, I see Microsoft patches as so bad because Microsoft fired a bunch of patch testers a while back and my understanding is that they were replaced with less experienced H1-B Visa holders.  It makes one wonder the lengths a company will go to make a profit.  I still think if Microsoft was smart they would move Windows 7 unto a subscription basis end of life in January 2020 and after end of support of Windows 8.x they could just retire it because it has not proven to be very popular anyway.

Reply | Quote

Anyway, I see Microsoft patches as so bad because Microsoft fired a bunch of patch testers a while back and my understanding is that they were replaced with less experienced H1-B Visa holders.  It makes one wonder the lengths a company will go to make a profit.

My understanding of the situation is that it’s even worse than you said – Microsoft dismissed their professional testers and replaced them with unofficial, totally unpaid testers: Windows 10 customers. Some of them will be tech-oriented but the bulk are just regular people who have no interest in trying out a new operating system, and yet they are being used as guinea pigs.

It’s an unconscionable practice, if you ask me.

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

10 users thanked author for this post.

MrJimPhelps, Steve, David F, JDeC, HiFlyer, Charlie, lurks about, anita.yk, Sessh, AJNorth

Reply | Quote

True, but I was talking about even farther back.  Here let me pull up a link:

http://www.zdnet.com/article/microsoft-layoffs-operating-systems-group-chief-myersons-memo-to-the-troops/

This was back from July 2014.  In my opinion, Satya has been a chief who is only interested in profits and not at all interested in the masses of people that use Windows with perhaps the exception of the most profitable enterprises.  He would not want to lose those businesses.  I opposed the nomination of Satya with my paltry few hundred shares of Microsoft at the time and favored the former Ford chief instead but my voice did not count for much of course.  Now we are reaping the consequences of having Satya as Microsofts chief.

Reply | Quote

Hi @Danster, and welcome to our fold 🙂
Just a wee reminder, to please stay on topic – January’s patches, in this case, not 2014 Microsoft business decisions…

Also if I could, could eveyone [ p l e a s e ] remember to click “Comment on the AskWoody Lounge” before posting a comment on a blog post. Our devs still haven’t fixed the blog pages to remove the commenting (yes, it’s been a few months already) and the topic tags all vanish when commenting is done from the blog page – and they need to be manually re-added! If you can read the full article at the top of the page, it’s the blog page. If the top post is the truncated post that links back to the blog page, you’re in the right place! Thanks very much.

4 users thanked author for this post.

JDeC, HiFlyer, Danster, woody

Reply | Quote

I was probably mistaken about the H1B Visas in this case – now back on topic – Stay on Target!  🙂

1 user thanked author for this post.

HiFlyer

Reply | Quote

Danster wrote:

see Microsoft patches as so bad because Microsoft fired a bunch of patch testers a while back and my understanding is that they were replaced with less experienced H1-B Visa holders.

I’m sorry, but that’s pure drivel.

Microsoft cut back its internal testing staff for whatever reason, and they haven’t been replaced. Instead, the new layered rollout procedure is supposed to identify problems quickly.

I think that sucks. But it has nothing to do with visas.

4 users thanked author for this post.

HiFlyer, AJNorth, Elly, Danster

Reply | Quote

Thanks for the correction, Woody.  That is why you are here as our Fearless Leader to help prevent us from being led astray.  🙂

1 user thanked author for this post.

MrJimPhelps

Reply | Quote

Woody, I understand and agree with your opinion  In the face of this situation, I have upgraded to Windows 10 Pro.

Would Microsoft, when asked about this “reallocation of resources” answer that they are merely “crowd-sourcing their release testing?”

 

Reply | Quote

Not sure how Microsoft would characterise it, but clearly MS is using Win10 Home customers and Win10 Pro users who don’t “defer updates” as an extended testing bed.

Cannon fodder.

1 user thanked author for this post.

Danster

Reply | Quote

Exactly, Woody – I had a client’s system that had been updated from Windows 8.1 to Windows 10.  She did not tell me in time so I could not roll it back.  A few days ago Microsoft automatically without telling her updated her to the latest Fall Creator’s Edition for her home version.  That version totally destroyed her system and she lost 3 years of information because it was not backed up.  I know have to bring it to a techie friend that knows Linux really well and will be able to restore the system with his hardware.  The positive outcome of this is that it can be restored and I this gives me a chance to learn data recovery which I have not learned about at all.

Reply | Quote

Was the “Semantec Endpoint Protection conflict” heading misspelling purposeful?

1 user thanked author for this post.

HiFlyer

Reply | Quote

Nope. My bad….

3 users thanked author for this post.

Danster, ky41083, HiFlyer

Reply | Quote

The latest Windows 7 update just blue-screened my Dell/AMD entertainment box beyond the capability of automatic repair…

Reply | Quote

I am not a power user by any stretch of the imagination, and my head is spinning right now.

Would some kind soul be willing to tell me how to proceed?

I have a 4-year-old Intel Core i3 4330 Haswell processor with Win 7 64-bit SP1 and Microsoft Office 10. I have Windows Update set to notify me of updates, but not to install them automatically. I rely on Microsoft Security Essentials and am not currently using any other programs to protect against viruses etc.

Earlier this month I installed security updates KB4056568 (“Cumulative security update for Internet Explorer”) and KB4056897 (“Security-only update”). I have downloaded but NOT installed the Win7 Monthly Rollup patch KB4056894. I also confirmed that my ‘QualityCompat’ registry key was updated, and I’ve enabled site isolation in Google Chrome (which is the sole browser I use at the moment). So far so good.

I had a family crisis, was away for a few days, came back and am now wondering how to proceed with the latest glut of prompts from Windows Update.

I am currently being prompted to download and install the following “important” updates:

Office 2010:

• Security Update for Microsoft Excel 2010 (KB4011660)
• 32-Bit Edition Security Update for Microsoft Office 2010 (KB4011610) 32-Bit Edition
• Security Update for Microsoft Office 2010 (KB4011611) 32-Bit Edition
• Security Update for Microsoft Outlook 2010 (KB4011273) 32-Bit Edition
• Security Update for Microsoft Word 2010 (KB4011659) 32-Bit Edition

Windows 7:

• 2018-01 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055532)
• 2018-01 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4056894)
• Windows Malicious Software Removal Tool x64 – January 2018 (KB890830)

I’m also being prompted to install one optional update for Windows 7 (the second – the daily MSE definitions update – was installed manually earlier today via the MSE interface):

• 2018-01 Preview of Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4057270)

Which, if any, of these are safe to install? I’m specifically concerned about KB4055532 and KB4056894.

Sorry to throw this question up here – I really prefer to do my own due diligence – but I also suspect I’m well out of my depth at this point. Thanks very much.

2 users thanked author for this post.

cesmart4125, OscarCP

Reply | Quote

I have Office 2010 32 bit as well.  I have had no trouble with those Office 2010 updates.  The January Windows Software Malicious Tool is fine.  I will await guidance from Woody or someone else on what else if anything you should install.  Do Not Install This One –

2018-01 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055532)

In general Net Framework updates have been very dangerous in the past for me.  They should be the last thing to install once testing is done on them.  If they are released for you then just wait for Woody to give us the okay to proceed.

3 users thanked author for this post.

chamekke, OscarCP, rontpxz81

Reply | Quote

I have the same list of updates on offer, including the Office 2010 ones on my “work” machine but not on my “gaming” machine which doesn’t have Office installed. I haven’t downloaded or installed anything yet. Wait for further advice here when the DefCon rating moves to 3 or 4.

As a general principle, however, never install a Preview update (such as KB4057270). Previews are just that – not the finished thing, so wait until it is offered the next month as an Important rather than Optional update – unless you’re running a test environment.

As for .Net Framework updates generally, it’s always considered good practice to install them on their own rather than in a bundle with other stuff. As @Danster has said above, it’s a good idea on that basis to leave them until last (although I actually get all the Windows updates done first, and only then tackle the Office ones, and I always leave a couple of days between updating my two machines so I’m sure the first one is running normally before risking the second one).

For now, however, take the option that I always find the easiest in life generally – do nothing!

 

9 users thanked author for this post.

chamekke, JDeC, OscarCP, HiFlyer, SueW, Elly, dgreen, Danster, woody

Reply | Quote

Seff, I have found NetFrameWork 4.5.51209 to be stable on Windows 7 machines currently. NetFrameWork 4.6.x hosed my Windows machine.  I rolled back via safe mode.  NetFrameWork 4.7.x hosed my Dad’s computer and I rolled back via safe mode.  I am not currently aware of the safe Netframework’s for Windows 8.x and Windows 10.

Reply | Quote

We’re all out of our depth here. Except maybe abbodi, MrBrian and PKCano.

Best bet is to follow the MS-DEFCON system and stay put. There’s no immediate reason to install anything – unless you click “Enable edits” on unknown Word documents that contain spurious Equation Editor content. Don’t use IE or Edge, and you’ll be fine.

Stay calm.

12 users thanked author for this post.

walker, chamekke, JDeC, OscarCP, wdburt1, HiFlyer, SueW, AJNorth, Elly, dgreen, Danster

Reply | Quote

Best Advice from you Woody – “Stay Calm”  I work on many computers and people are always panicking.  My Website https://computerrepairdudeabq.com/ Okay, now back on target 🙂 and if this post needs to be removed since I mentioned my website then that is okay.  I did not see that in the rules.  Anyway, installing any patches at this point can be dangerous.  I would rather have my Office 2010 hosed than my os.

5 users thanked author for this post.

Microfix, JDeC, wdburt1, HiFlyer, AJNorth

Reply | Quote

No problem at all mentioning your web site.

1 user thanked author for this post.

Danster

Reply | Quote

As a Windows 10 Insider, Microsoft eliminated that post when I mentioned it because they said promoting anything other than Microsoft is not allowed on their site.  They mentioned that to me via email.  I had a good response for them which I will decline to elaborate on in an open forum.

Reply | Quote

@Danster I noticed you haven’t added a bio in your profile yet 😉

Reply | Quote

Danster wrote:

Anyway, installing any patches at this point can be dangerous. I would rather have my Office 2010 hosed than my os.

Agreed, there are too many variables that have the potential to ‘FIX’ the OS for time consuming trouble-shooting later. (Still on MS and OEM Firmware Defcon 1)

Edit: AV, Malwarebytes AE, Browsers, extensions and email shackled down for the next onslaught of malware prodders and exploits.

Win8.1/R2 Hybrid lives on..

Reply | Quote

Steve S. wrote:

Thanks. This is good info from what has been clearly a lot of testing time on your part. I’m thinking the final ‘tell’ will be whether slowdowns become real-world significant after the microcode is released & flashed to your system. Keep us posted.

I believe MicroSoft clearly stated right after the original release of the “Meltdown” patches, AND BEFORE Intel had released any Spectre microcode changes (even Beta) for testing, that THE PATCHES for Meltdown proper would cause higher performance degregation in Windows 7 than Windows 10 especially with older silicon.  That is proving to be outright self serving Buffalo Nuggets.

My I3-6100 Skylake system has updated Microcode and is now Meltdown and Spectre mitigated.  Minimal rechecking shows the Microcode change hasn’t made a difference with it but it is no fireball to begin with either.  If the past is any indication then more than likely future Microcode “tuning” will restore at least some of the lost performance.

Viper

5 users thanked author for this post.

Danster, GoneToPlaid, HiFlyer, SueW, Elly

Reply | Quote

ViperJohn wrote:

THE PATCHES for Meltdown proper would cause higher performance degregation in Windows 7 than Windows 10 especially with older silicon. That is proving to be outright self serving Buffalo Nuggets.

Indeed.  Red Hat, I think it was, had a before and after set of benchmarks on a Core 2 Duo Lenovo laptop, very obviously qualifying as “older hardware,” and across the board, the performance loss was negligible except for slowing of disk performance.  Hopefully, that will be improved in time.

I had been concerned about the possibility that MS might use security patches to poison previous versions of Windows while ostensibly complying with their obligation to keep them patched.  Given Microsoft’s previous unethical efforts to boost Windows 10, this would not be unthinkable.  It would be right in line with the rest of them.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, KDE Neon
Acer Swift Go 14, i5-1335U/16GB, KDE Neon (and Win 11)

7 users thanked author for this post.

Danster, GoneToPlaid, JDeC, OscarCP, Cybertooth, Cascadian, HiFlyer

Reply | Quote

Make sure you have a good backup available at all times, so that you can recover from a rogue security patch.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

Thanks for the news about the BSOD on your machine and I am sorry for your loss.  However,  anonymous by now everyone looking at this group should know not to deploy any released patches unless you have test machines that can see if they are stable and safe.  This is sadly the new normal at Microsoft.

2 users thanked author for this post.

HiFlyer, woody

Reply | Quote

Seriously, my head hurts with this months updates situations.
Please refresh my memory why you can’t be in group A and then update like group B for a month such as this fiasco so one doesn’t have their computer turn into a brick?
I’m thinking CanadianTech’s way  maybe a “good thing” at this point.
sheeeeeeesh!
Dell Inspiron 660 (purchased in 2013) just replaced hard drive in November 2017 and had Windows 7 reloaded.
Windows 7 Home Premium 64 bit SP 1
Server 2008 R2 x64
Processor: Intel i3-3240 (ivy bridge 3rd generation)
chipset Intel (R) 7 series/C216
chipset family SATA AHCI Controller -1 E02

After new hard drive installed went to
Group A

3 users thanked author for this post.

HiFlyer, AJNorth, Sessh

Reply | Quote

I don’t blame you. I usually don’t get confused with these things, but the NET stuff for this month got to me a little bit. Unfortunately, it’s true that CT’s “Group W” strategy is becoming more and more viable every month.

Personally, I download the SO, IE and NET updates and sort them all out months ahead of time as my machine is updated through June right now and might do July next month. I am never in any hurry to update as my (non-professional) experience with computers of about 25 years now has taught me that there is no reason to rush to do such things especially in today’s Windows Update climate which degrades a little bit more every month. It poses more of a threat than any exploit in existence by FAR and also causes more stress and worry than the exploits themselves which have a very, very, very low chance of ever coming in contact with the home user especially one with good habits.

So, for me, I am seven months behind and it’s quite comfortable back here. No rush and I get to survey all the carnage from a safe distance and download (or not download) patches and label them as needed. Of course, I have to install them manually using a DISM in a batch file which I just edit for every new file and save as a new batch, then place the msu files in a designated folder and run the batch file to install the patch(es) with a reboot on both ends of the process. The same goes for the NET updates.

I find it to be a very comfortable approach to all of this for me with no real drawbacks at all, but it may not be feasible for people who aren’t so technically oriented and that’s really the problem. I know people say that Group W is “no longer viable”, but I think it’s Group A that is losing it’s viability and that a Group W approach is looking better every day for those that don’t want to bother with Group B. With January’s debacle, even Group B may start to lose viability as well, but that is yet to be seen. All I know is I am glad to be using Windows 7 and I am glad to be behind seven months in updates. It gives me plenty of time to figure out what I want to do when I get to January 2018’s patches.

Hang in there! If you don’t know what to do, just stand pat and wait it out. No need to stress out about this stuff. 🙂

7 users thanked author for this post.

JDeC, wdburt1, HiFlyer, dgreen, The Surfing Pensioner, AJNorth, Cybertooth

Reply | Quote

I’m three months behind and will get around to catching up to December, but the craziness since then is off-limits until it’s sorted out.  And that may a long time.  I see no indication that the necessary preconditions for the January patches–the BIOS update, the browser update, choosing the correct M$ update, at risk of making my computers useless–will be in place.

Until then, it’s all just chatter.

 

 

1 user thanked author for this post.

Sessh

Reply | Quote

I know have over 50 Microsoft updates hidden because some keep reappearing and others are to do with telemetry and I want no chance of spying on my machine even if Microsoft claims it is anonymous.  With Microsoft Security Essentials on Windows 7 at least you can choose what to share and Will Dorman of us-cert.gov suggests EMET which I use and will be supported until July 31, 2018.  I also use Microsoft Security Essentials on a Windows 7 64 bit machine and some other stuff I will decline to share publicly.

Reply | Quote

“Please refresh my memory why you can’t be in group A and then update like group B for a month such as this fiasco so one doesn’t have their computer turn into a brick?”

As far as I know, from a security perspective, it’s ok to switch between them at will.

6 users thanked author for this post.

woody, JDeC, HiFlyer, Cascadian, dgreen, AJNorth

Reply | Quote

The only problem I can see with switching is that if you avoid Group A one month because the monthly rollup has a component in it you don’t want, and so you hand-pick what you do want that month from the Catalog under Group B, once you revert to Group A the monthly rollup will likely give you whichever component you missed previously.

This will become increasingly problematic the more MS make the single monthly rollup a totally cumulative catch-up on everything you’re missing back to the Year Dot which as I recall was their original intention under the new patching regime.

7 users thanked author for this post.

Danster, Cybertooth, JDeC, Sessh, HiFlyer, Cascadian, dgreen

Reply | Quote

Looks like the inmates are running the asylum I mean microsoft. They should change their name to Bedlam

3 users thanked author for this post.

Danster, BobbyB, HiFlyer

Reply | Quote

madhatter wrote:

Looks like the inmates are running the asylum I mean microsoft. They should change their name to Bedlam

I’m inclined to give MS a little leeway in this.  Everyone is scrambling to get patches out immediately, and rushing doesn’t tend to create good code.  The hysteria over this greatly outstrips the actual threat at this point… there is an article on The Register about how Apple is being sued for allegedly knowing about this threat for six months but waiting until now to patch it, even though there are zero infections that have resulted from that vulnerability on any platform.  It’s an absurd lawsuit, but it shows the level of hysteria out there (and maybe a little of the opportunism and greed).  In that environment, it’s not hard to see how “not ready for prime time” patches could be released.

That leeway has its limits, though.  If the final shakeout of all of this is with Windows 7 and 8 performing worse than Windows 10 as a result of the patches, that’s not going to fly.  If this cavalcade of instability we’ve been seeing doesn’t improve, that won’t fly either.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, KDE Neon
Acer Swift Go 14, i5-1335U/16GB, KDE Neon (and Win 11)

4 users thanked author for this post.

SueW, Jan K., HiFlyer, Cascadian

Reply | Quote

I appreciate your points in two comments only about a half-hour apart. They may seem to be contradictory, but they are not. I can be patient and understanding, but I will not accept abandoning ethical business practices in favor of new goals set more recently.

It remains possible that those goals may be changed in their own time, on a new whim. I hope I have inferred your points correctly.

Reply | Quote

The patches this month are a larf. Just got offered an office 2010 patch KB2825635 on a machine running XP pro and office 2007 More straight jackets are needed

1 user thanked author for this post.

Fred

Reply | Quote

MS is acknowledging a new known issue for KB4056895, the January monthly security and quality rollup for W8.1 and Server 2012 R2. It appears that system crashes may be experienced post installation on systems running bot PIC and APIC interrupt controllers. They do not appear to know the exact cause of the crashes at this time. Everyone just be cool and let the dust settle out on all of these patches. I would not install anything until some modicum of consistent documentation from MS becomes available. Unless you have a dedicated test platform, waiting to install is prudent IMHO. In the meantime, I am spending more time in my Linux virtual machine as that is where my future direction may take me.

4 users thanked author for this post.

Danster, HiFlyer, woody, Cybertooth

Reply | Quote

Yes, after January 2020, I am so done with using Microsoft Windows as my primary machine.  I am considering my options and will most likely go with a flavor of Linux but which one – Mint or Ubuntu or some other flavor.  I like Kali Linux but that is useful mainly for pen. testing.

Reply | Quote

I await with trepidation on how things will finally shake out with this months WU patch fiasco. I’m not tech oriented but maybe a notch above the average user. I’m running WIN7 on an older HP AMD Athlon machine that I have faithfully applied updates to. Group “A”. WIN7 on this has been rock solid for years. Never a BSOD. A few glitches over time as to be expected but nothing I couldn’t straighten out. I have a fresh system image on an external HD with a restore disc sitting by. And have printed out every recovery workaround, DISM commands etc., that have been presented on this and other forums. Registry  key is set. I plan on using my PC for another 2 years until support for WIN7 finally ends. By then I hope MS will have WIN10 to the stability level of  7.  If I continue to see reports of BSOD even with the newer patches I am seriously considering going Group “W”.   It has gotten to the point where MS update “Malware” definitely bricking me is a far greater threat than the odds of other future digital contagions. I also managed to dodge the underhanded forced WIN10  skullduggery. Had I not been following this site my machine would have been tanked already.  I wonder if it will ever get to the point where Woody cannot honestly recommend an all clear DEFCON 3 before the next month rollout. I can really relate to this November 2016 Woody post…….https://www.askwoody.com/2016/the-case-for-not-updating-windows-7-ever/

1 user thanked author for this post.

Jan K.

Reply | Quote

I doubt it.  Satya wants $$$’s for the shareholders.  I had a few hundred shares of Microsoft and I voted for the other guy in that election but my vote was too small to count.  Windows 7 is the last and best Windows operating system.  Windows 8.x(1) currently is okay.  Windows 10 is becoming SaaS (Software as a Service)  Office has mostly gone this way with Office 365.  I consider Windows 10 like Office 365 and in a sense not Windows 10 but Windows 365.  I mean this because of default advertising, telemetry that can only be turned down to basic level (compare that to Windows 7 if you have not installed the telemetry (patches updates ha)  Security Essentials on Windows 7 allows the user to choose the MAPS (Telemetry) Level of None, Basic or Advanced.  The lowest setting has zero info. going to Microsoft while advanced has a lot of info. going to Microsoft.  This is just food for thought for everyone.

Reply | Quote

Maybe someone here can help me with this question:

What is, at present, the IE 11 cumulative security only update KB number?

Thanks.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

According to AKB2000003, it’s KB 4056568. You’ll find links for Win7 & Win8.1 downloads there, for both -32 & -64 bitness. Sorry, I don’t know if you’re using Win10.

4 users thanked author for this post.

Elly, OscarCP, Fred, woody

Reply | Quote

Thank you so much, Kristy. My PC runs Windows 7; forgot to mention that, sorry.

Good to know the IE 11 Security update KB number has not changed since I downloaded the executables from the MS Catalogue some days ago.

It has been a bit overwhelming keeping up with the offers and retractions and additions to previous additions for each and every item in the list of January patches. Except, maybe, for Office 2010 – 16 and the MS Malware Removal Tool (MSMRT), that have remain stalwartly in the Windows Updates list offered to me by MS since the beginning, without any retractions (yet) that I’ve seen. (Yesterday, I installed the MS Office January updates in the Mac, and it is still in one piece, or seems to be.)

Maybe, once the dust (might) have finally settled, Woody could put up where we can’t miss it a list of the finalist numbers for: Office, the MSMRT, Windows 7 – 10 Security Only, E 11 Cumulative Security Only. And the last, last, last — and no kidding! — standing NET Security Only ? Just a suggestion.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

1 user thanked author for this post.

chamekke

Reply | Quote

madhatter wrote:

The patches this month are a larf. Just got offered an office 2010 patch KB2825635 on a machine running XP pro and office 2007 More straight jackets are needed

Rather confusing this world of (in)sanity, conclusive mesures and patches needed. Will there be a better future?

* _ the metaverse is poisonous _ *

Reply | Quote

I’ve tried to install one by one first 2018-01 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4056894) & then January 19, 2018—KB4057400 (Preview of Monthly Rollup) on 3pcs of win7sp1x64 intel based machines around – well, there were no fatal OS crashes and/or BSOD but 2 of 3 machines returned dwm.exe issues with nVidia driver. That was tested both with Spectre & Meltdown protection enabled & disabled in registry.

ErrorID9020 The Desktop Window Manager has encountered a fatal error (0x8898009b)

Actually I guess there is one idea on how to repair this error:

https://answers.microsoft.com/en-us/windows/forum/windows_7-performance/the-desktop-window-manager-has-encountered-a-fatal/ae44c9ea-3b52-451d-a371-91ae375ce353?auth=1

but didn’t try. Just removed these patches and put both to hidden list.

On the other hand both .NET patches for v4.7.1  2018-01 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055532) & 2018-01 Preview of Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4057270) have been installed sequentially without any odd stuff to mention.

p.s wish you all luck with handling of this d**n m$ mess!

 

 

1 user thanked author for this post.

woody

Reply | Quote

Thanks for the information, but can I ask why you installed the Preview updates? Do you operate a test environment? If not, they should be ignored until the final version is issued as an Important Update the next month.

8 users thanked author for this post.

Kirsty, Elly, BobbyB, Danster, SueW, HiFlyer, woody, Jan K.

Reply | Quote

Yes, Seff and ignored even longer after released with the track record Microsoft has been having recently.  I wonder if they had too much fun over the holidays and New Year to write decent updates recently but the trouble has been going on for a while now with patches for Windows and Office to a lesser extent.

Reply | Quote

well, the environment isn’t a test one at all but in my personal experience previews often work better than final releases. although there is no rule or system here. it’s pretty chaotic, you know, on a basic background of the complete mess with mS updating during the recent couple of years. so I can’t recommend my way to the public when you need to test each rollup upon its release if it’s good or bad for your personal hardware & software set environments. however it works for my 3 everyday use laptops & desktop all of win7sp1x64 ultimate but naturally various hardware.

rgds,

Reply | Quote

FYI, if your machine BSOD or has any trouble then please don’t seek sympathy from us in this group.  This is just a friendly warning from experience of trying something on a non test machine.  In fact, Windows 10 was so problematic from the start that it actually fried one of my hard drives on a test system.  I tried everything and it was non recoverable.  It BSOD so many times that I could not believe it.  I could not load Linux on it and there was not any software that could fix it because the hard drive was fried.  I ended up spending $50 of my own money to replace the hard drive and put a new operating system on that machine.  I have also been a beta tester for security only for Windows Vista and that never destroyed a hard drive.  I warned Microsoft Windows 10 was not ready for prime time but my advice as an Insider was ignored because nowadays Microsoft is sadly all about $$$’s for themselves and their shareholders.  I am sure they are concerned about their biggest clients and users of Windows 10 but the average person is being shafted especially if you are not using their Professional version or higher of Windows 10 because then you really have no way to hold back updates as far as I know.

Reply | Quote

Danster wrote:

if your machine BSOD or has any trouble then please don’t seek sympathy from us in this group.

I abound with sympathy. Unfortunately, what I don’t have is time.

I remember well how hard it was to get started. Lots of helping hands here. People should feel welcome to post their problems – and share their expertise….

5 users thanked author for this post.

MrJimPhelps, SueW, Elly, Danster, MrBrian

Reply | Quote

You are correct Woody.  I apologize for my tone.  I am just sleep deprived since January 3, 2018.  Meltdown and Spectre have not been good for my health because while Microsoft tolerates me as a Windows 10 Insider – I also do contract work for DHS us-cert.gov.  It is great but very tiring when big things like this happen.  That is why I have not gotten a chance to update my bio.  I am running on little sleep.  I have my re-certification of my Comptia Security+ exam happening in the middle of February and have not had enough time to study for it.  I just need to fix my priorities and start taking care of myself first again or I will get physically sick with not enough sleep.

Reply | Quote

Man, I sympathize! I was just complaining about sleep deprivation to @MrBrian. Between the Meltdown/Spectre stuff, requests for more articles, and a sweeping renovation of “Windows 10 All-In-One For Dummies” I sleep on alternate Wednesdays. My son’s started calling me “sir.” And my wife, who found me asleep behind the computer, freaked out.

Hang in there. It’ll get better. Unless it doesn’t. 🙂

6 users thanked author for this post.

SueW, Bill C., Sessh, Elly, Danster, MrBrian

Reply | Quote

I so appreciate all the work you do Woody.  I have found information on computerworld.com in your columns that does not seem to appear anywhere else on the general web.  Anyway, I hope you get lots of sleep and take care of your family.  I am still a single dude who hopes to get married and have a family.  Actually, I may have recently even met the right Christian woman.  We have stared into each other’s eyes all lovey dovey and I though she was the most beautiful woman on Earth, she is smart, has a great personality, similar interests, etc.  It is like a match made in Heaven.  Heck, if God (or higher power) came down and asked me to choose any available single woman on Planet Earth it would be her.  I cannot believe that this may even be possible because I thought love at first sight was fake.

Reply | Quote

The good news is that there is a cure for those illusions – marriage  😉

Windows 10 Home 22H2, Acer Aspire TC-1660 desktop + LibreOffice, non-techie

2 users thanked author for this post.

SueW, Danster

Reply | Quote

Very true.  Yup, also Group B with Windows 7 Professional with the caveat of not installing any updates linked with telemetry or with Windows 10.

Reply | Quote

Dan:

Congrats on the lady you have met!

Do a LOT of talking with her about EVERYTHING. Writing long emails to each other about EVERYTHING is a great way to do this. In this way, you will KNOW each other very well, something you need to do in order to know if she is the right girl for you (and for her to know if you are the right guy for her).

Good luck!

Jim

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

@Danster:   It’s reached the point that these discussions are so far over my head, that I’ll probably end up in “Group W”.    The “normal Joe” user just does not have the experience or capability to learn SO much in a compressed period of time.

We started out (how many years ago was that?) with our XP, Win 7, Win 8 and 8.1, the Win 10, and who knows what else.   If we could only return to the “old fashioned” NORMAL ways we had prior to this hornets nest!   The average user just does not possess  the ability to deal with all of these issues which they know naught about.  Very few know anything about how to work with the registry, and all of the advanced programs which are available.

Wish there were an easy answer, however I can’t see one on the horizon.   We are very fortunate to have so many who ARE able to deal with all of these issues.    I just can’t keep up with it much longer.    🙁

Reply | Quote

Do you want me to post all of my 50+ Windows Updates that I have hidden due to telemetry and Windows 10 update junk from my Windows 7 64 bit machine?

1 user thanked author for this post.

walker

Reply | Quote

@Danster:  Thank you, but “no thanks”.    I don’t have “anything Office”, and as little else as necessary, and I can’t even keep up with all of this because everything keeps changing.  Will just do the best I can, which I know isn’t good enough.    🙁

Reply | Quote

Why not try Libre Office.  It is free but you can offer a donation if you want to.

https://www.libreoffice.org/download/download/

Reply | Quote

Hello, Walker,
There has been a lot of discussion and checking things out (so a very large number of posts), while Microsoft and Intel have been putting out patches and patches for patches. I was getting quite anxious, but have been reassured… just because the more technically and adventuresome inclined have jumped in and tested them, so far the rest of us are just waiting for the smoke to clear. There is nothing to do, except wait for the Defcon level to change. I’ve been reassured several times about that… so sharing it with you. Notice that nothing is being reported as happening bad to those who are holding off from applying patches… and that is because the Spector and Meltdown vulnerabilities haven’t been exploited in the wild. Keep your browser updated, and enjoy reading about the exciting BSOD adventures of others…

 

Non-techy Win 10 Pro and Linux Mint experimenter

1 user thanked author for this post.

SueW

Reply | Quote

Danster wrote:

FYI, if your machine BSOD or has any trouble then please don’t seek sympathy from us in this group.

Dan, you’re welcome to be one of “us”, as long as you have sympathy for those hapless “regular folks” who are being stung royally by Microsoft (and others), and who don’t have anywhere near the expertise to adequately deal with it. Sometimes they don’t even know how badly they are being stung.

As Woody stated, remember how it was when you were a newbie on IT issues.

And welcome to Ask Woody.

Jim

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

Last year I posted tweets (another) from Microsoft’s Michael Niehaus regarding how the Windows monthly preview rollups should be regarded.

3 users thanked author for this post.

walker, Elly, abbodi86

Reply | Quote

yep, my personal attitude is like tweet#1 so I even more love tweet#2

thanx

Reply | Quote

Note that Symentec is reporting that various catalog re-patches (depending on OS version) fix the Symantec Endpoint Protection system tray icon issue.   See:
https://support.symantec.com/en_US/article.TECH248552.html

1 user thanked author for this post.

woody

Reply | Quote

Stipid question: If you have a “End of interactive support” CPU. So are you bottlenecking your computer with the MS updates while STILL being left out in the cold by due to Intel not caring enough to patch critical holes in still widely used products?

Reply | Quote

Intel has released (state uncertain atm., may be re-released…) microcode for their entire range of chips. All of them. Period.

Microsoft has decided not to take advantage of that offer. Motto: “Can’t move fast enough”.

If you want to have friendly and continuing OS support, go for a Linux distro.

…

Linux, the little OS that cares. 😀

1 user thanked author for this post.

Bill C.

Reply | Quote

Thank you very much, I shall commence updating my Bloomfield desktop too then :D. I do have Windows 10 on it so that’s a non issue.

And the funny part is that that old i7 from 2008 still in practice perform better at multitasking than many new CPUs with DELL etc. deciding to go with dual core processors in laptops instead of quad.

1 user thanked author for this post.

Bill C.

Reply | Quote

Do you have a link? I just checked and the last update I have found for any of the Bloomfield Chips is the Linux Microcode file of November 2017.

Amen to the Linux. My Mint updater is showing Intel Microcode dated 1/23/2018, as well a an update to teh UEFI support.

Reply | Quote

Jan K wrote:

Linux, the little OS that cares.

Yep, that’s right, love it, but seems a tad incomplete. Hmmm, maybe something like this…

Linux, the little OS that cares – and pretty much powers the Internet along with massive numbers of corporate servers all over the world, not to mention a majority of smart phones in use today, and embedded “IoT” devices, and these days an ever-growing number of pc desktops and laptops.

There, that’s better, ftfu 🙂

Reply | Quote

Actually Google Android powers a majority of smartphones and Apple’s IOS powers lots of smartphones but yes Linux does help power the computer world.

Reply | Quote

@Jan K

Jan K said: “Intel has released (state uncertain atm., may be re-released…) microcode for their entire range of chips. All of them. Period.”

What “entire range of chips…” do you mean?  How far back in the past?  Do you have a link to where Intel has a list of the “entire range of chips…'” that they might have microcode for?

I have several older systems with Intel CPU’s in them, and any lists I’ve see don’t go back to them.

Any more info will be appreciated.

1 user thanked author for this post.

Bill C.

Reply | Quote

See https://github.com/platomav/CPUMicrocodes.

Reply | Quote

Thanks for that link. For me, that reminds me of the scene in a movie where the hero has to decide which wire to cut to disarm the bomb.

It does show a lot of activity back to 1996, which is good for those of us flogging old reliable hardware (Bloomfield on X58), but I can wait. Given the number of experts here advising caution, with far more expertise and experience than I have or could get, I am listening.

It reminds me of the old t-shirts some EOD folks wore that said, “EOD – If you see me running try to keep up!”

1 user thanked author for this post.

Cascadian

Reply | Quote

Warning about Intel CPU Firmware – Unstable as of now – another reason to wait like Woody tells us – https://www.computerworld.com/article/3250250/malware-vulnerabilities/belay-that-order-intel-says-you-should-not-install-its-meltdown-firmware-fixes.html

Reply | Quote

@MrBrian:

Thanks for that link.

I’ve flashed a few BIOS’s in the past (back as far as the 80’s…I’m old) with what ever flashing utility the motherboard maker supplied. Back that far (if you are also old…), a DOS program was used, usually run from a floppy disk (!).

Since Windows took over the world, the OEM vendor usually supplies a Windows EXE file to do the flashing.  EG: I had to update the BIOS on 6 Dell systems last fall to ‘fix’ the last Intel security hole.

The list of CPU”s is organized by some obscure (to me anyway) codes, that I think involve a CPU “ID” code.

I’ve used “Speccy” and various versions of the CPU-Z utility, but none of them seem to show a “CPUID” number/code.

For Intel CPU’s, CPU-Z shows a “Code Name”, like “Conroe” or “Wolfdale”. (yes, I have some OLD systems kicking around)  On an AMD system, it shows “Propus” (another old system).

In CPU-Z, it shows that “Conroe” is a Core 2 Duo, E4600.  But when I look up an E4600 on Wikipedia, it shows it’s a “Allendale” CPU (a sub-member of the “Conroe” family?).  Trying to cross-reference any Intel CPU (and probably AMD’s) is like a scavenger hunt.

I can’t seem to make the next jump to a “CPUID”.

Then the next step would be flashing what ever BIOS file I might find, and where to get the flashing utility and how to flash it (yes, I still have 3.5″ floppy disk drives around, even some 5.25″!).

I’m in no rush to flash any BIOS, plus there’s a good chance that any of my OLD systems will never get a BIOS update.  Oh well.

So, any more information on how to relate any CPU (Intel, AMD) to a “CPUID” would be appreciated.

1 user thanked author for this post.

Microfix

Reply | Quote

Wow! that brings back near forgotten memories of creating multiple DOS floppy bootdisks with no TSR and then transferring bios file to the floppy to boot from and update the, then, replaceable BIOS chips.

Win8.1/R2 Hybrid lives on..

Reply | Quote

Wow, my big start with computers was Windows 98SE where I enjoyed tinkering with the manual driver settings and then using a program called Go-back to return to the previous state.  It worked out really well on 98SE and was like System Restore on Windows 7 but it worked even better.  I usually have to load safe mode and then use System Restore on Windows 7 but I remember Go-back would work right away.  I think it would need to restart your computer to start working.

Reply | Quote

Ok, as long as we’re venturing down memory lane… WinHacker95 anyone? Best s**t ever…

Also, the only real thing that’s changed, *as far as DOS based firmware updates go*, is that we are now using USB devices, booting what is essentially an image of those old DOS floppies, rather than floppies themselves… AKA all that’s really changed, is the physical device itself, to boot and apply the update(s) from.

Coincidentally, this is one of the best methods to open up and apply the firmware reversions discussed earlier in the thread. The DOS utilities typically have CLI switches, to enable things like skipping the version compare.

2 users thanked author for this post.

Elly, Danster

Reply | Quote

Eh? Floppies, you say? Why you little whipper-snapper! I my day we used iron tape. yep that’s right, good old magnetic audio tape. Don’t reuse your mixtape of do-wop, soda-pop, rock hits, that’s too dirty for the new signal. And make sure you fine tune the VOLUME knob on that standard tape player that you have your cute new Personal Computer plugged into the HEADPHONE jack. And keep that degaussing electromagnet in a separate room at least two doors down the hall.

Above was just for laughs. That sort of rewritable memory was way too unstable for this function. But a floppy was only one order of magnitude higher on the reliability scale.

1 user thanked author for this post.

Elly

Reply | Quote

Some of my best work used to be stored on floppies! I seem to remember having little stacks of them knocking around. It was tough having to throw them all out a while back, but I haven’t got a drive that will read them now. Those were the days, being able to boot a PC from a floppy – and trying to complete anything on a computer that kept telling you it had performed an illegal action and would have to shut down! (I never did find out what the ‘illegal action’ in question was!)

1 user thanked author for this post.

Elly

Reply | Quote

Whoops – I meant ‘an illegal operation‘, of course. The quaint terminology is just coming back to me!

Reply | Quote

“So, any more information on how to relate any CPU (Intel, AMD) to a “CPUID” would be appreciated.”

In my search to find the CPUID of my HP, this site was very helpful: http://www.cpu-world.com/CPUs/ .  You do have to dig through the options, going from one page, to the next page, etc.  Hopefully you will find your CPUID.

Win 7 SP1 Home Premium 64-bit; Office 2010; Group B (SaS); Former 'Tech Weenie'

Reply | Quote

You’re welcome :).

There is a CPUID database and also a program mentioned at post https://www.askwoody.com/forums/topic/intel-has-released-microcode-update-v20180108-with-meltdown-spectre-fixes/#post-158148.

1 user thanked author for this post.

SueW

Reply | Quote

Methinks I now remember where I found the link I posted (she says, embarrassed).  Thank you, MrBrian :)!

Win 7 SP1 Home Premium 64-bit; Office 2010; Group B (SaS); Former 'Tech Weenie'

1 user thanked author for this post.

MrBrian

Reply | Quote

For Intel, do these links help you?

https://software.intel.com/en-us/articles/intel-architecture-and-processor-identification-with-cpuid-model-and-family-numbers?page=1

https://www.intel.com/content/www/us/en/support/articles/000005651/processors.html

Reply | Quote

Danster wrote:

Actually Google Android powers a majority of smartphones

That’s funny.
Who wants to tell him that Google’s Android was and is based on Linux.

If unsure on this point, see https://en.wikipedia.org/wiki/Android_(operating_system)
where the first half of the first sentence rightly acknowledges: “Android is a mobile operating system developed by Google, based on a modified version of the Linux kernel”…

1 user thanked author for this post.

Danster

Reply | Quote

Aw, gee anonymous. Why don’t you go ahead and do it?

Sorry, guess that may have been an unnecessarily rhetorical and redundant question.

Reply | Quote

To Sue W, MrBrian, GoTheSaints:

Thanks for those links, I’ll check them out later, see if I can find CPUID’s for my ‘senior’ CPU’s. I’m too fried from other stuff this evening (USA-PST).

I have to LOL at the ‘trip down memory lane…’ I seemed to have started earlier.

To Paul:  Yes, I used ‘magnetic tape’ on my TI99-4A system, on a cassette recorder/player.  I still have 3 of them stashed, 2 brand new, still in the original boxes.  I even ‘upgraded’ that to an Expansion Chassis box with 2 DS/DD 5.25″ floppy drives in it.  Still have a bunch of TI program cartridges.

All that stuff came before I got ‘serious’ and started selling Kaypro CP/M ‘portable’ computers, still have one of those stashed, doubt it would boot up though (still have the 5.25″ floppies for it). Back then we all laughed at the 1st IBM-PC.

3 users thanked author for this post.

Cascadian, SueW, Elly

Reply | Quote

Yep, that’s the era / epoch / dusty old days I was thinking of. Kaypro I remember, and some of those other words are more vaguely recalled. I was on the RadioShack bandwagon in my more rural setting. For some reason I trusted their ability to receive and inspect goods before sale than ordering from unseen places myself.

So our TRS-80 model 1 used a standard audio cassette recorder for rewritable media. There was also an improvement used briefly that I cannot name, it was approximately the size of a mini-cassette, not micro-, and had an endless loop design like an 8track cartridge. So while it was still not random access, the highspeed advance allowed for faster access to the desired counter number. The next upgrade was to the 5¼” floppy, freestanding.

I did eventually get a luggable, in the version of the Model 4 [Model 4P, for portable]. I know it had an A and a B drive, but they might have still been 5¼”. Hard to recall. Hooked it up to a Brother daiseywheel typewriter for a true ‘letter quality’ printer using 25pin (?) ribbon. Had to turn up the music with headphones when printing out a paper.

Good times, thanks for the recall.

Reply | Quote

@SkipH:  What exactly does CPUID’s represent.?   I’ve probably asked this question previously (as well as many others I can’t recall).   Started out with Win 95, and wish I were “back in those days” now for sure!    🙂

Reply | Quote

Central Processor User Identification, I think?  My main tinkering with computers, Walker started out with 98 and I still have it in an older machine dual booted with XP Pro. on 2 physically separate hard drives.  I remember when one service I was using was hacked and they got right into my machine in XP Pro. but could not touch 98.  The most they could do was a denial of service against Mozilla Firefox at the time on the 98 side when using the service but could not use the compromised service to break into 98.  It was actually 2nd edition.  I am being deliberately vague – sorry goes with just who I am.  I did have scripting disabled as well as the remote assistance disabled.  I still think it would be difficult to remotely compromise that machine.  Now if someone had local access to the machine then it is easy to compromise.

1 user thanked author for this post.

walker

Reply | Quote

@Danster:  My apology for overlooking your message.    I appreciate all of the help and explanations I can get since I’m so “computer illiterate”.    You and Bob99 are both very advanced with y0ur knowledge of computers.   It’s frustrating when one does not comprehend the “jargon” that is passed around so frequently.   I try to learn as much as possible, and it has become so complex it’s more and more difficult.   Thank you for the information you sent.   It all helps!        🙂   🙂

Reply | Quote

Good Morning, Walker! Bob99 here using a shared computer, so I can’t sign on with username and password due to security concerns.

Anyway, CPUID stands for Central Processing Unit ID, which is a code that software reads from your CPU in order to positively identify your central processing unit and all of the features it supports. This, in turn, enables the software to “behave properly” on your computer. I could get really technical, but no need to here.

Hope you’re having a Great Day! 🙂

1 user thanked author for this post.

walker

Reply | Quote

@ anonymous  (Bob99):   Good morning, and glad you were able to leave this message.    Thank you for the explanation.    Not quite certain that I know specifically what it means, however I think I have the general idea.

You are very far advanced with your knowledge of computers, that is very evident.    All of your comments are very much appreciated!    Thank you very much for your help!   Hope you’re having a Great Day too!    🙂   🙂

Reply | Quote