Replies

This .Net issue is way too complicated. I’m just going to hold off patching .net until the controversy ceases or I get error messages saying I need a later version.

Win 7: I have NOT PATCHED SINCE JUNE 2017 because there hasn’t been a “hair on fire” risk that was greater than the risk of patching…especially since I was traveling part of that time with no back up PC. I will next patch when we hit Defcon 3 using a modified Group A strategy – selective roll-ups. I will 1st update 2 win 7 PC’s that I don’t use. I will update all non-WU aspects: AVs, browser, etc. and make multiple restore points. Then I will do the main roll-up on one, test it. If ok, Create another restore pt then I will do the .net and office roll-ups. If ok I will create 2 more restore pts and repeat the same process with the next non-used box. If nothing blows up I will repeat the process on each of the 6 win 7 PC’s I do regularly use until all are patched. After the updates I will run spybot anti-beacon to turn off the most important windows spyware.

Microsoft truly sucks for making such a cautious process necessary.

To keep safe between Win updates, I have Avast, Malwarebytes AM, Malwarebytes anti-exploit, Mcafee WebAdvisor, 3 anti-ransomware, super-antispyware and various browser protecting add-ons. I never use IE and don’t go places where demons lurk or click links without checking them.

Microsoft truly sucks for making it necessary to employ multiple levels of protection as described above…but that’s the way it is.

Patches for July and August such a hot mess, I’m waiting till Sept. Defcon 3. This really sux.

I skipped July and will skip August. As long as the patches represent a significantly greater threat than attacks in a reasonably well-protected PC [Anti-virus, anti-malware, anti-spyware, anti-exploit, anti-ransomeware] I’m in hide-and-watch mode. [Windows 7, No 10’s current or contemplated].

Since Woody linked the strategy, I went ahead and implemented it…setting notepad as default for all scripts. If I have problems, I’ll report them here. Having read the comments, I’m having second thoughts. Any suggestions on reversing the process if there are problems?

Installing Linux to read email is a total non-starter for me. Way too much hassle.

FWIW, I applied the June patches to 4 PC’s 2 Win7-64 Pro desktops and 2 Win7-64HomePrem laptops with no adverse impacts seen.

I never use IE, but I tested printing pages from firefox on 2 pc’s and had no problem. I don’t use Outlook…so no impact there.

This article  http://windowsreport.com/kb4022719-bugs/ mentioned Install  problems – error codes..I never saw that.

I used lot’s restore points and the 2 desktops are primarily used to test for problems.

YMMV.

1 user thanked author for this post.

JDeC

I haven’t seen it to be intrusive..because I just use the default settings. It’s concerning that they found it ineffective.  Brinkman @ghacks was kinder https://www.ghacks.net/2017/01/09/cryptoprevent-8-windows-malware-prevention-software/  but stressed it should be supplemental.

The combination of Cryptopervent Ransomfree data backup and safe patching seems a better way to go than relying on any single measure.

Because I share your concern about ransomware and doubt Microsoft is capable of providing reliable protection, I’ve installed CryptoPrevent to lock the doors and either Ransomfree or Malwarebytes anti-ransomeware each of which provides honeypot behavioral protection. Cryptoprevent for over a year and Ransonfree & MB-AR for a month..since W-cry. Only problem is that sometimes 5-10% Ransomfree won’t start with the PC and I either restart or run without it.

I’m running these on 8 windows 7 64 PC’s, so if you’re running Win10 YMMV.

1 user thanked author for this post.

Since I use Firefox or Chrome and never IE, would I then be at very low risk for this issue?

IOW, How common is the use IE construction in web pages?

I’m getting ready to travel and am weighing the risk of an update vs the security risk of delaying patching. I won’t be doing much printing while traveling.

Has Woody permanently shifted from Infoworld to Computerworld? I see nothing on the June patch on Infoworld patch management.

Microsoft would probably like move to Software as a service SAAS model, [annual fees] and away from versioning as a way to solve the need for revenue and keep OS up to date. Users who have bought versions will resist this. Microsoft can’t just say, ‘s**ew em’ because of the ecosystem vulnerability.

Edit for content

anonymous wrote:

f Firefox wants to make a comeback, they need to fix the memory leak problems, the bloat problems, the insane versioning scheme, make the UI look like it was meant for a computer and not a Comp Sci. UX University project, the constant breaking of extensions and themes,

I switched to Firefox ESR…which offers a stable UI..and is updated for security rather than cosmetic purposes…rarely breaks extensions, but might not be compatible with the latest versions of some extensions. Bottom line..it works the same over time and I don’t have to mess with it much.

2 users thanked author for this post.

Elly, SueW

JohnW wrote:

Why leave Chrome for the new Opera?

I primarily use Firefox…customizable and intuitive, but on battery it uses significant resources.
I had Opera on laptops for battery saving features and was looking forward to their free built-in VPN…until the Chinese bought Opera. Uninstalled on all devices. The company that bought Opera may be the most user friendly and have the best intentions, but if the government tells them to do something contrary to the users interest…they will do it, or else, methinks.

1 user thanked author for this post.

AlexEiffel

FWIW I installed Rollup for .NET KB4019112 on 8 Win7 64 boxes and saw CPU use rise substantially. It was almost certainly attributable to that patch, since I install roll-ups one at a time with a restart and manual restore point in between and the .NET patches are last ones installed. Prior to the May 2017 patches, my approach to win updates as  “let me know and I’ll decide” which was not causing excess CPU usage. When the .Net patch ran up CPU use, I switched to the more conservative, “Don’t check” strategy Woody recommended and the CPU overrun stopped.

1 user thanked author for this post.

Cascadian

Prior to the May patches…or more specifically the May .net patch, I wasn’t experiencing system drag, but after that .Net patch CPU cycles went way high…40-50% on several Win7-64 pc’s.

The primary culprit seems to be trusteninstaller.exe I stopped it and then switched to “Never check..” and that seems to have halted the CPU overrun.