alert banner

ISSUE 19.27.1 • 2022-07-07

MS-DEFCON 2: Pause to review


By Susan Bradley

We’re halfway through the patching year.

It seems like just yesterday when I lowered the MS-DEFCON level to allow a cautious breather so we could apply critical patches. Oh, wait — that’s right, it was just last week.

In June, Patch Tuesday fell on the latest day of the month possible: the 14th. It takes all of us patch watchers a little bit of time to assess the safety of the last round of updates — and before you know it, the next Tuesday is upon us. So after little more than a week, it’s time to pause updates again. Accordingly, I am raising the MS-DEFCON level to 2.

If you are a consumer patcher, put your pause process in place to ensure that you won’t get updates next Tuesday. At a minimum, check your backup processes to be certain they are running as they should.

The other day, I read an interesting post that strongly suggested having at least three backups at all times. These backups should be on two different storage types, and at least one backup should be off-site. As much as we deride the security of the cloud, having an additional backup in a secure cloud repository is not a bad thing. Also, utilize different types of backups — think in terms of what you will need to quickly restore your computer (local backup) versus the core files you need to keep yourself in working condition (off-site backup).

Faced with a primary computer that completely died, and thus forced to use another device with different apps (such as email clients or word processors), most people would be severely inconvenienced. You’d probably grumble constantly about how much you missed your nice, comfortable PC that you were so accustomed to. But you’d manage — as long as you had all your critical data.

Don’t turn your back on the cloud, especially as an additional backup location for core files. Conversely, don’t put everything into the cloud and expect it will be there 100% of the time. Every computer needs a maintenance window, even all those cloud servers. That’s why I have a central tenet in my philosophy about patching: you shouldn’t be at the mercy of Microsoft’s or Apple’s or Google’s view of when your maintenance window is. Patching your devices should be on your terms.

It’s always difficult to know how long a patching pause should last. As always, I’ll issue MS-DEFCON alerts at the appropriate time. Meanwhile, keep an eye on the Master Patch List for my current projections. I keep that page updated with the timeliest information available to me.

Consumer and home users

We close the mid-year patching regime with no major issues found in June’s updates for consumers. The big issue, sharing an Internet connection by making one PC a Wi-Fi “hotspot,” was fixed in the optional updates released at the end of the month. Although the hotspot feature is handy in a jam, the truth is that it’s not in everyday use by most people, and thus the inconvenience was minimal. It was a corner case — using a primary PC as a hotspot is rare. Usually, one uses a cell phone as the hotspot to provide a primary PC (usually a laptop) with an Internet connection.

If you are a Windows 11 user, brace yourself. From the Windows Update Twitter account, we note a tweet announcing that those Search Highlights will be rolling out “over the next several weeks.” You’ve heard me say this before: I have no idea what a DNA helix or a sheep has to do with a user’s desktop actions, and I repeat my plea to Microsoft that it should adjust its priorities to address more pressing needs. If I took a poll, I’d no doubt find users split between “it’s cute” and “that’s annoying.” I’m in the annoyed camp.

Search Highlights
Figure 1. Huh? What? Color me annoyed.

So now we’ve been “officially” notified that Search Highlights will be dribbling out. Although I can’t be sure when you will see these cartoons in your search box, just know that they are coming. When they do, and if they annoy you as they annoy me, you can disable them in Settings, Privacy and Security, Search Permissions, and Show search highlights.

Business users

For business patchers hit with the Routing and Remote Access Service bug, whereby RRAS servers can lose connectivity if NAT is enabled on the public interface, you can opt to wait for the July updates and install the fixed patch then — or install the optional June updates. Microsoft acknowledged the bug and fixed it at the end of June.

For those of you with Microsoft 365, you may have been hit with an Excel bug that manifested itself with white or missing text boxes in Excel spreadsheets. Microsoft fixed the bug around July 3, but it showcases that if you stay on the slower patching cadence of Microsoft 365 and thus stay away from the faster releases, you can read these reports, then think, “Huh, never saw that,” and smile to yourself. Using the slower cadence doesn’t mean you won’t receive security updates; it just keeps you from these bleeding-edge bugs that Microsoft often introduces.

Keep in mind that in May, Microsoft wanted to push everyone to the faster channel (see our friend Peter Deegan’s Office Watch report). My recommendation is to check your settings and ensure your workstations are still on the patching channel you think you put them on. You may find that you are on the current channel, when that’s not what you deployed months ago.

Updates are always important and need to be installed, just not necessarily when Microsoft wants us to install them.



Talk Bubbles Join the conversation! Your questions, comments, and feedback
about this topic are always welcome in our forums!

Susan Bradley is the publisher of the AskWoody newsletters.

The AskWoody Newsletters are published by AskWoody Tech LLC, Fresno, CA USA.

Your subscription:

Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody,, Windows Secrets Newsletter,, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody Tech LLC. All other marks are the trademarks or service marks of their respective owners.

Copyright ©2022 AskWoody Tech LLC. All rights reserved.