Replies

PKCANO…

I guessed correctly for once! Thanks again for all of your patience& help!

Regards, ardvark

(posted thank you twice…not sure the first one made it!)

One more question… does Kb4490628  require removal of the old Stacking Kb3177467 or will the ne one just replace it?

Regards, ardvark

Dear PKCANO….

Will do! Thanks again!

ardvark

Dear PKCANO…

Do I need to uninstall Kb4474419 before installing Kb 4490628 and then reinstall Kb4474419?

Regards,

ardvark

Dear PKCANO…I usually check the Group B update listing for KB’s on Woody’s site  & then manually download from the MS Update Catalog for Windows & IE 11 Security Update only as posted on Woody’s list… and I update my Outlook thru the File/Office Account method… All I use the Windows Update for is to be notified/reminded that there are Updates available… so, I will download it just so I get a reminder to check the Group B listing each month… I have never downloaded the “Rollups” they provide… thanks for the feedback!

Ardvark

Article from lates Tom’s Hardware article:

With Microsoft ending Windows 7 support and security updates on January 14, 2020, it is strongly recommended to users get the SHA-2 Security Update. If this update is not installed, users will not be offered Windows updates after July 16, 2019, which could lead to security vulnerabilities.

SHA-2 Security Update info regarding W7 Users provided in above SHA-2 link:
2019 SHA-2 Code Signing Support requirement for Windows and WSUS
Content provided by Microsoft

Applies to:  Windows 7 Service Pack 1 Windows Server 2008 R2 Service Pack 1 Windows Server 2008 Service Pack 2 Windows 10, version 1607 Windows 10, version 1703 Windows 10, version 1709 Windows 10, version 1803 Windows 10, version 1809 Windows 10 Windows Server 2012 Standard Windows Server 2012 R2  Windows 8.1 Windows Server 2019, all versions Windows Server Update Services 3.0 Service Pack 2  More

Interesting info…
To protect your security, Windows operating system updates are dual-signed using both the SHA-1 and SHA-2 hash algorithms to authenticate that updates come directly from Microsoft and were not tampered with during delivery. Due to weaknesses in the SHA-1 algorithm and to align to industry standards Microsoft will only sign Windows updates using the more secure SHA-2 algorithm exclusively.
Customers running legacy OS versions (Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2) will be required to have SHA-2 code signing support installed on their devices by July 2019. Any devices without SHA-2 support will not be offered Windows updates after July 2019. To help prepare you for this change, we will release support for SHA-2 signing in 2019. Windows Server Update Services (WSUS) 3.0 SP2 will receive SHA-2 support to properly deliver SHA-2 signed updates. Refer to the Product Updates section for the migration timeline.

Looks like we should load Kb4474419?

Regards,

Ardvark

Edit to remove HTML. Please use the “Text” tab in the post entry box when you copy/paste.

 

Thanks Elly…will do… Ardvark

1 user thanked author for this post.

Elly

The updates I got were for Oct 2018 and the Patch Lady said W7 Security Patch kb 4462915, W7 IE11 patch kb 4462849 for Group B (W7 maintainers) were ok… planned on using those two, so hid everything else…. them new on mentioned in my last post, kb 3177467, popped up ii nthe Important Section…what gives? …Ardvark

Hi there…thought I had received all the Important Updates for W7, but Microsoft just posted another Important Update, KB 3177467 (just popped up without warning)… several users are expressing concern …does anyone know if this one is safe to download or not… trying desperately  to keep only Security Updates on my W7 Pro Desktop & W7 Home Laptop…no W10 & no Telemetry junk & avoiding massive ‘Rollups’…please help….Ardvark

Thanks PKCano… assumed that was the case but hate to assume things! Will download the latest IE update as directed…Best regards, and thank you again!

Ardvark her again…Thanks PKCano! One question…I have installed all of the individual Security Only Patches each month as they were released, in order. Since the IE 11 Patch is Cumulative, do I need to install each of those that are listed at AKB200003 individually also like the Security Patches, or just the latest one? Best regards & thank you for your patience & help!

Ardvark here… Total novice at this… checked virus scan list & found my virus SW (Avast) was designated as fixed… So, I installed kb 4056897, which is the Security Update only (from MS Catalog) on my W7 64bit Asus PC… assume/hope it included update for IE 11… understand it only has a possible Meltdown fix (I never install the complete ‘Rollups’ like kb4056894 – don’t trust them) – assume I will need to contact Asus at some point for Firmware & BIOS update…no issues & no BSOD with PC so far – no issues with IE 11 either… wonder when we will see W7 update to handle Spectre? Can anyone confirm same process/results?