• MS-DEFCON System

    I have a rating system that lets individual Microsoft consumers know when it’s safe to install patches. I call it the Microsoft Patch Defense Condition Level, or MS-DEFCON for short. It’s modeled after the US armed forces DEFCON system and uses the same colors as the US Homeland Security alert levels.

    The smaller the number, the higher the risk.

    Current Microsoft patches are causing havoc. Don’t patch.
    Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
    There are widespread problems with current patches. It is prudent to patch but check your results carefully.
    There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.
    All’s clear. Patch while it’s safe.

    The MS-DEFCON system assumes that you have your Windows 7, 8, 8.1, 10 or 11 firewall turned on, that you’re using an up-to-date antivirus program (I use Windows Defender/Microsoft Security Essentials, although there are good alternatives) and some form of hardware protection, like almost any router.

    The MS-DEFCON level also assumes that you’re using (new) Edge, Firefox, Brave, Opera or Chrome, or any browser other than Internet Explorer. If you use Internet Explorer, you need to be more cautious about installing those massive IE updates.

    Security updates come out on the Second Tuesday (North America-ish time zones) or Second Wednesday (European-ish time zones).  People will install updates and issues start to bubble up on the forums usually around Friday of that week.  By the following week we will have enough evidence to know if issues are “one-offs” or if many of us are seeing the issue and thus Microsoft will need to fix the issue.

    I don’t recommend that you install updates immediately unless there is a real and clear risk of an attack.  I’ll let you know when I run screaming to my computers and tell everyone I’m going to be rebooting NOW.  I can count on two fingers the times I’ve done that in my life.  Most of the time I feel that it’s wise to hold back and see what issues arise.  If you have a spare computer – or are a consultant that patches for others – you can participate in “early beta testing” better known as Patch Tuesday installation of updates and report back if you see issues in your experience.

    In general, I apply Windows Defender updates as soon as they’re available. Why? Microsoft hasn’t screwed up any of them too badly. You’re better off applying those updates than letting them slide for a week or two.

    Many of you have written asking about non-critical updates or driver that are offered by Windows Update, Office Update, and/or Microsoft Update. I’m still not a fan of driver updates offered up via the Microsoft update process with one exception – Microsoft Surface devices.  For those devices you have no other option than to install driver updates from Microsoft.  For everyone else, use the offering of drivers to your system as a sign that you need to go to the hardware vendor’s page and see what updated drivers they offer.   Don’t trust Microsoft to deliver hardware updates; go to the hardware manufacturer’s site and review what they have there. If your computer stops working, you only have yourself to blame!

    MS-DEFCON Automated Alert System

    You can be alerted automatically when the MS-DEFCON level changes, in one of two ways.

    Twitter:  Sign up for Twitter and follow the defconpatch account. Then set up notifications in your Twitter app so that you get alerted when the account tweets a change.

    Cell phone notifications via text: If you are a Plus Member, you can sign up for our SMS text alert service. To cover the extra costs associated with the hosting and SMS service for this exclusive benefit, we ask for a small fee of your choosing. One you have signed up you’ll get a text message whenever the MS-DEFCON level changes. For those that are Plus members that donate more than $50, you get the SMS text service as a bonus. You’ll receive an email with a coupon code to sign up.


    The MS-DEFCON system is based on Woody’s original idea.