|
There are isolated problems with current patches, but they are well-known and documented on this site. |
Newsletter Archives
-
MS-DEFCON 4: Win11 22H2 not ready for prime time
ISSUE 20.13.1 • 2023-03-28 
By Susan Bradley
March updates are ready. Windows 11 22H2, not so much.
It’s time to install the updates for the March releases, and that’s why I’m lowering the MS-DEFCON level to 4. There are a few issues out there, but most appear to be plain old low-risk bugs — things that used to be caught in Microsoft’s beta testing. As usual, it seems we’re the beta testers.
I have several Windows 11 22H2 deployments in active use. If you are not an advanced user, are relatively new to the Windows platform, or are really into rounded corners and having to click several times to build shortcuts on your desktop, you might be tempted to forgive Microsoft for some of these cosmetic bugs.
Anyone can read the full MS-DEFCON Alert (20.13.1, 2023-03-28).
-
MS-DEFCON 2: March Madness begins
ISSUE 20.10.1 • 2023-03-09 
By Susan Bradley
Ready for Windows 11 dribbles?
In addition to waiting for side effects of security patches to manifest themselves, sometimes you need to wait to see the impact of changes from the prior month’s preview updates. This month more than ever, you should to delay or defer to see the impact of the March changes for Windows 11 22H2.
Accordingly, I am raising the MS-DEFCON level to 2.
Anyone can read the full MS-DEFCON Alert (20.10.1, 2023-03-09).
-
MS-DEFCON 4: Wrapping up a short month
ISSUE 20.09.1 • 2023-02-28 By Susan Bradley
February’s patches affected you either severely, or not at all.
The good news: If you are a consumer, home user, or business that does not use Windows Server 2022 or any version of on-premises Exchange server, you will be just fine installing the updates at this time. Therefore, I am very comfortable with lowering the MS-DEFCON level to 4.
However, if you are a business patcher with Windows Server 2022 hosted in VMware, you may have been significantly impacted. In addition, patch administrators are still dealing with the side effects of the Exchange updates.
Anyone can read the full MS-DEFCON Alert (20.09.1, 2023-02-28).
-
MS-DEFCON 2: .NET and Remote Desktop
ISSUE 20.06.1 • 2023-02-09 By Susan Bradley
Defer until the February updates are fully understood.
Even though I don’t anticipate any specific problem with February’s updates, it’s always hard to know for sure. For that reason, the MS-DEFCON level is raised to 2. Don’t be surprised by a Microsoft update before you’re prepared to deal with it!
Anyone can read the full MS-DEFCON Alert (20.06.1, 2023-02-09).
-
MS-DEFCON 4: Patching weather is clearing
ISSUE 20.04.1 • 2023-01-24 By Susan Bradley
In general, the January updates have been well behaved.
So far, I’m not seeing any trending issues with them; accordingly, I’m lowering the MS-DEFCON level to 4. But that’s not to say we haven’t seen some other issues related to other types of updates. In addition to describing those, I’ll discuss a vulnerability in a part of your computer you may never think about.
Two issues recently impacted Start menus and shortcuts but were unrelated to one another.
Anyone can read the full MS-DEFCON Alert (20.04.1, 2023-01-24).
-
MS-DEFCON 2: Getting ready for 2023
ISSUE 20.01.1 • 2023-01-05 By Susan Bradley
Once again, we are preparing for another year of patching.
And to start out the year auspiciously, I must raise the MS-DEFCON level to 2. That’s because I’m recommending that updates to Windows be deferred until later in the month. Although Microsoft takes a long Christmas vacation, and the resulting January is usually limited to just security updates, it’s best to be very cautious until the issues that cropped up in December are resolved.
Anyone can read the full MS-DEFCON Alert (20.01.1, 2023-01-05).
-
MS-DEFCON 3: Windows 10 22H2 may leave you blue
ISSUE 19.52.1 • 2022-12-27 
By Susan Bradley
I have a favorite Christmas song titled “We need a little Christmas,” from the Broadway musical “Mame.”
The uplifting tone of the song expresses the pleasure and happiness we experience during the holiday. We don’t usually associate “blue” feelings with the season (except Elvis).
Windows 10 could use a little of that holiday spirit. Unfortunately, two different patches for 22H2 appear to be throwing off blue screens of death for some — but not all — users. As much as I’d like to lower the MS-DEFCON level to the more serene level 4, so you can enjoy the holiday while applying updates, out of caution I am dropping it only one notch.
Anyone can read the full MS-DEFCON Alert (19.52.1, 2022-12-27).
-
MS-DEFCON 2: The maintenance window for Windows closes
ISSUE 19.49.1 • 2022-12-08 By Susan Bradley
This is your last call to install updates.
Businesses typically have a concept in their information technology divisions about maintenance windows. It’s a period of time set aside to install updates, review computer systems, and in general ensure that everything is working as it should.
Consumers and home users should follow a similar concept. Devote a period of time, no matter the platform, to ensure that your devices are working as they should. Then let your maintenance window close. That’s why I’m raising the MS-DEFCON level to 2 — with fresh updates due next week, get the current updates installed now.
Everyone can read the full MS-DEFCON Alert (19.49.1, 2022-12-08).
-
MS-DEFCON 3: Side effect with Domain patch
Special alert By Susan Bradley
November Domain controller update leads to memory leak
Business patchers only: Microsoft has posted up a known side effect introduced by the November updates applied to domain controllers.
As they note in their health release: (with my slight edits for clarification)
After installing November or later updates on Domain Controllers (DCs), you might experience a memory leak with Local Security Authority Subsystem Service (LSASS,exe). Depending on the workload of your DCs and the amount of time since the last restart of the server, LSASS might continually increase memory usage with the up time of your server and the server might become unresponsive or automatically restart. Note: The out-of-band updates for DCs released November 17, 2022 and November 18, 2022 do not fix the issue and are also affected by this issue.
Workaround one if you can remove the patch: Uninstall the November 8th updates and out of band updates that are listed here.
Workaround two if you are mandated to keep the patch installed: To mitigate this issue, open Command Prompt as Administrator and use the following command to set the registry key KrbtgtFullPacSignature to 0:
- reg add “HKLM\System\CurrentControlSet\services\KDC” -v “KrbtgtFullPacSignature” -d 0 -t REG_DWORD
Note that this ONLY impacts business patchers and does NOT impact consumers.
-
MS-DEFCON 3: Issues with domains
ISSUE 19.47.1 • 2022-11-22 By Susan Bradley
November updates lead to side effects
My usual advice regarding updates with known side effects is to wait until the problems are resolved. But every so often, the risk of waiting is greater than the risks associated with the side effects.
That’s the way I see the situation now. The November updates require you to slog through the issues and deal with the side effects. For that reason, I’m lowering the MS-DEFCON level to 3. I’d really like to go to 4, but I think greater caution is required.
Anyone can read the full MS-DEFCON Alert (19.47.1, 2022-11-22).
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Italy bans chatGPT over privacy.
by 1 hour, 15 minutes ago
-
Windows 11 Insider Preview build 25330 released to Canary
by 2 hours, 29 minutes ago
-
Windows 11 Insider Preview build 23424 released to DEV
by 2 hours, 32 minutes ago
-
Betterbird updates
by 6 hours ago
-
Windows 2000 – Windows 11 Not Responding Prompts!
by 12 hours, 44 minutes ago
-
40+ macOS Keyboard Shortcuts you NEED to know
by 12 hours, 34 minutes ago
-
backup web hotmail to local drive.
by 11 hours, 50 minutes ago
-
Vinyl nostalgia
by 8 hours, 9 minutes ago
-
March 31st is world backup day.
by 12 hours, 12 minutes ago
-
Using an iPad and replying with a selected quote
by 18 hours, 4 minutes ago
-
Plex Media Server support ending for older versions of…
by 1 day ago
-
BingBang: The AAD misconfiguration in Azure Active Directory
by 1 day, 1 hour ago
-
May I add another HD to my tower?
by 1 day, 1 hour ago
-
Pwn2Own: Tesla 3 infotainment hacked in 2 minutes
by 1 day, 9 hours ago
-
Another Windows media creation tool? Sure, why not.
by 2 days ago
-
Microsoft Defender : Legit URLs marked as malicious
by 23 hours, 2 minutes ago
-
Refurbished HP ProBook
by 10 minutes ago
-
Microsoft PC Manager (beta) updates
by 1 day, 6 hours ago
-
Ubuntu Cinnamon becomes an official flavor, making Linux Mint obsolete
by 3 hours, 43 minutes ago
-
HDMI KVM switch for DP
by 2 days, 15 hours ago
-
My Experience with Win 11 ver 22H2
by 2 days, 21 hours ago
-
Email from Mail on my iPhone to Gmail address failed
by 19 hours, 53 minutes ago
-
Can’t Update Win 10 past 21H2
by 2 days, 23 hours ago
-
Revo Uninstaller (freeware) Updates
by 6 hours, 21 minutes ago
-
The Third deployment phase for CVE-2022-37967 starts April 11, 2023
by 3 days ago
-
Firefox to support Windows 7 and 8 systems well into 2024 at least
by 2 days, 8 hours ago
-
Microsoft 365 Personal – Repeated Free Two Month Extensions
by 1 day, 23 hours ago
-
KB5023702 for Server 2019 – Defer as of MPL March 27
by 2 days, 7 hours ago
-
eSIM out, iSIM in?
by 3 days, 9 hours ago
-
MS-DEFCON 4: Win11 22H2 not ready for prime time
by 24 minutes ago
