Newsletter Archives
-
A bumpy road for January
PATCH WATCH
By Susan Bradley
I’m always conservative, but this month you must delay applying updates to avoid side effects. Business patchers — you face tough choices.
We are seeing reports of various issues with this month’s updates, some of which are so extreme that patching administrators in businesses have had to remove or roll back updates. Even for consumer and home users, I suggest holding off; it’s way too soon for me to feel comfortable recommending updates.
Read the full story in the AskWoody Plus Newsletter 19.03.0 (2022-01-17).
-
MS-DEFCON 1: Business patchers be on alert
ISSUE 19.02.1 • 2022-01-12 By Susan Bradley
For those running a network with a domain controller, the side effects this month are extreme. Don’t patch.
MS-DEFCON 1 is a very rare occurrence. When I raise the level that high, it’s because I’m seeing critical issues with patches.
Microsoft has a technology called Active Directory that allows workstations to authenticate with a “domain controller.” This month’s updates are causing such drastic issues with domain controllers that they can become stuck in a boot loop. That is definitely an MS-DEFCON 1 condition. You should not release patches.
Anyone can read the full AskWoody Plus Alert 19.02.1 (2022-01-12).
-
MS-DEFCON 1 – Blue screens of death triggered by patches
ISSUE 18.9.2 • 2021-03-10
PATCH WATCH
By Susan Bradley
Don’t patch!I’ve moved the patching alert status to DEFCON 1.
I don’t do this lightly but we are seeing issues with printing after the March updates are installed. Ghacks reports blue screens of death (BSOD) are being triggered after printing. At the moment, it is unclear whether this is the result of the March operating system updates or just the Windows 10 versions, but for sure the Windows 10 releases are triggering these blue screens of death.
Read the full story in the AskWoody Plus Alert 18.9.2 (2021-03-10).
Learn more about MS-DEFCON! -
MS-DEFCON 1: Don’t patch, don’t use Internet Explorer, and set up an alternate default browser
Microsoft (finally!) divulged some details about that CVE-2019-1367 patch (actually, three bumbling, successive patches, for all versions of Windows). But they stuck it behind a $690 paywall.
Details in Computerworld Woody on Windows.
-
We have a real out-of-band update now, but very little information – and what appear to be a LOT of bugs.
I’m still sitting on a fence. I’m moving to MS-DEFCON 1 temporarily, until we have a better understanding of what’s going on. But be prepared to get yesterday’s patches installed quickly, should the need arise.
More details in Computerworld Woody on Windows: Microsoft releases even more patches for the CVE-2019-1367 IE zero-day, and the bugs are having a field day.
-
MS-DEFCON 1: There’s no reason to stick your finger in the pencil sharpener – DON’T UPDATE
We have confirmed reports of six bad patches this month – Monthly Rollups and Security-only patches for Win7, 8.1, Server 2008 R2, 2012, 2012 R2 – and troubling reports of a slowdown with the Win10 version 1809 cumulative update.
Who should be testing this stuff? The answer’s not as straightforward as you may think.
Details in Computerworld Woody on Windows.
I’m moving us to MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.
-
MS-DEFCON 1: There’s no reason in the world to leave Automatic Update turned on
Time to turn off Automatic Update again.
If you survived the brutal barrage of bad patches in July, and avoided the 1809 carnage last week, you should understand why.
Details in Computerworld: Woody on Windows.
-
MS-DEFCON 1: If you didn’t get the September updates installed, fuhgeddaboutit
My previous MS-DEFCON 3 setting didn’t apply to clicking “Check for updates,” of course. But this is getting stupid.
There’s no good reason to update anything right now.
Nothing.
MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.
-
We continue at MS-DEFCON 1: Don’t install any of the July patches
With August patches just around the corner, you’d be well advised to give up on the July patches. Yes, some folks dodged the (many!) bullets and managed to get some of the July patches installed without hosing their systems.
But for almost everybody, in almost every situation, the risk of installing the July patches is far, far greater than the risk of skipping them.
Computerworld Woody on Windows.
-
July patches are all messed up — but a good hint appears in Japanese
I’ve given up on the July patches. Which is why we’re on MS-DEFCON 1.
There’s a little bit of light, though — coming from a Japanese language explanation from a Microsoft employee.
Computerworld Woody on Windows.
-
MS-DEFCON 1: Patches failing at a phenomenal rate
Blue screens, bungled releases, stealthy NET upgrades, CRM blocks and complex manual fixes. It’s shaping up to be one hell of a patch-encumbered month, with KB 4041676 and KB 4041691 and the error INACCESSIBLE BOOT DEVICE leading the downward spiral.
Computerworld Woody on Windows.
Oh, and I switched over to MS-DEFCON 1. You’d have to be a certified masochist to install this month’s patches.
-
MS-DEFCON 1: Office security patches are all screwed up and IE patches aren’t much better. Don’t patch.
Kirsty caught the initial whiff, based on a Günter Born post about problems with Outlook. PKCano raised the alarm about Office patches in general on June 19. Now, it seems Outlook is under attack by Microsoft’s own security patches — and IE still doesn’t print properly.
The situation’s so bad, Microsoft itself has documented the problems with Outlook, after installing the June 2017 Office patches.
There are seven separately identified, potentially show-stopping bugs in Outlook that appear after you install this month’s Office security patches: Can’t open attachments, VBScript doesn’t run, Outlook search doesn’t work, and the previously described IE failure to print mis-fires from inside Outlook.
The workarounds? Forward the mail to yourself and then open the attachments in the forwarded email. Save the attachments to your computer and open them manually. Use something other than IE. Or, it would seem, anything but Outlook.
Microsoft really screwed up this month’s patches — both for Office and for Windows. Unless you want to use your machine as a Windows/Office beta test environment, I strongly suggest you refrain from applying any of this month’s updates.
Accordingly, I’m moving us to MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.
I’m seeing “secret” reports all over the web that Microsoft will be fixing some or all of its malicious patches next Tuesday, June 27. You would be well advised to wait until we see the fallout from the fixes to the fixes before installing anything.
As MrBrian notes, Microsoft now has official acknowledgments posted for 16 known-bad June 2017 patches.