Newsletter Archives

  • MS-DEFCON 3: Get patched, but watch out for KB 3038314

    April was a horrible month for patches. Even by Microsoft’s standards, which have fallen below the whales in recent months.

    Anyway, it’s time to get your system patched. Several important notes:

    > KB 3035583 is only for those who intend to upgrade to Win10. Everybody else should ignore it or hide it (right-click, choose Hide). I talked about this one in last month’s Black Tuesday roundup, and it’s still a stinker.

    > KB 2990214, on the other hand, is a worthwhile update, even if it sounds a lot like KB 3035583.

    > DON’T install any optional patches. Both KB 3022345 and KB 3048043, which have caused a lot of grief, are optional patches. Far as I can tell, 3022345 is just a snooping patch, designed to help smooth the upgrade to Windows 10. Bogdan Popa reported about an hour ago in Softpedia that “In a statement sent to us this morning, Microsoft confirms the re-release of KB3022345 and KB3048043, explaining that an issue in both of them prevented computers where they were already installed from getting additional updates in the future.” Somehow, Microsoft didn’t send me a copy of the message, but I’ve reached out to Bogdan.

    > If you use Kaspersky Antivirus, make sure it’s up to date before you install KB 3013769.

    > Assuming you don’t use IE (and you shouldn’t!), KB 3038314 won’t hurt, but if you do use IE, make sure you’ve set your default search provider before you install the patch. Don’t worry, IE is so buggy that Microsoft’s getting rid of it soon — if you upgrade to Windows 10.

    >As best I can tell, Microsoft still hasn’t fixed the table-crashing problem in KB 3032359, which I talked about last month. If you use IE, avoid the patch. If you use Chrome or Firefox, go ahead and patch.

    With those caveats I’m moving us to MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems. 

    The usual admonition applies: Use Windows Update, DON’T CHECK ANY BOXES THAT AREN’T CHECKED, reboot after you patch, and then run Windows Update one more time to see if there’s anything lurking. When you’re done, make sure you have Automatic Update turned off. I always install Windows Defender/Microsoft Security Essentials updates as soon as they’re available – same with spam filter updates. I never install drivers from Windows Update (in the rare case where I can actually see a problem with a driver, I go to the manufacturer’s web site and download it from the original source).


  • Windows 10 nagware patch KB 3035583 now marked ‘important’ on some PCs

    Things are changing very quickly. I hope to have a new MS-DEFCON status for you later today or tomorrow. But the ground is shifting. Hold on. We’re still at MS-DEFCON 2.

    InfoWorld Tech Watch

  • Microsoft releases mystery Windows patch KB 3035583

    What we (don’t) know about it.

    InfoWorld Tech Watch