Newsletter Archives

• The ides of March

  Posted on March 29th, 2021 at 06:09 Susan Bradley Comment on the AskWoody Lounge

  To patch or not to patch this month…. that is the question I attempt to answer this week in ComputerWorld.

  Printers side effects were the big issue (and still are) this month.

  (note that I’m going to have to reach out to the ComputerWorld editors… they missed part of the post I sent them…)

  It’s supposed to read:

  So for Windows 10 2004 or 20H2 you need to skip the updates released on March 9^th and instead jump over to the March 18^th update of KB5001649. It should be offered up to you as an optional update, or you can download it from the Catalog site. Because Windows 10 updates are cumulative you only need the one update (the third and final update Microsoft released this month).

  For Windows 10 1909, you need KB5001648. Once again it should be offered up to you as an optional update if you go to the Windows update interface or you can download it from the Catalog site like 2004/20H2 handles it’s updating, 1909 is cumulative.

  For Windows 8.1 the process is slightly different as the fixing patches are not cumulative. This time the updates are not documented on the Windows 8.1 history page but can be found if you dig into the 8.1 health release dashboard. On Windows 8.1 you need to install both the original update from March 9^th of KB5000848 AND the fix up patch of KB5001640. These are not offered up as optional updates and you must download KB5001640 from the catalog site.

  Windows 7 is similar to Windows 8.1 in not having a cumulative update patch to fix it’s printing issues. After you install the original security only update of KB5000851 or the monthly rollup of KB5000841 (which includes security updates) is fixed by KB5001639 which is only available from the Catalog site.  So for these platforms you need to install two updates just like 8.1.

  Windows Patches/Security March 2021 Black Tuesday, MS-DEFCON 3, Patch Lady Posts

• MS-DEFCON 3: Patching is unclear

  Posted on March 26th, 2021 at 01:00 Susan Bradley Comment on the AskWoody Lounge

  ISSUE 18.11.1 • 2021-03-26

  

  By Susan Bradley

  Proceed with caution.

  I’m separating my patching guidance into two categories: one for business users and one for consumer or home users. And I’m lowering our MS-DEFCON level to 3. We’re not out of the March woods yet, but things are a bit better.

  Read the full story in the AskWoody Plus Alert 18.11.1 (2021-03-26).

  AskWoody Plus Newsletter, MS-DEFCON AskWoody Plus Newsletter, MS-DEFCON, MS-DEFCON 3, Patch Lady Posts

• MS-DEFCON 3: Get the October patches installed

  Posted on October 29th, 2020 at 23:49 woody Comment on the AskWoody Lounge

  We’re seeing some funny business with the ancillary patches this month, but the mainstream Windows cumulative updates and Office patches look good to go.

  Big question is whether you want to upgrade from Win10 version 1909 to version 2004. I have a few observations. Bottom line: Susan Bradley has upgraded her 1909 machines to 2004. I’m still sitting on a fence. Really, there’s exactly nothing in 2004 that most people will want.

  Step-by-step details in Computerworld Woody on Windows.

  Windows Patches/Security MS-DEFCON 3, October 2020 Black Tuesday

• MS-DEFCON 3: There are some oddities, but it’s time to install the July 2020 patches

  Posted on July 31st, 2020 at 10:23 woody Comment on the AskWoody Lounge

  Looks like Microsoft’s fixed the bugs that it introduced this month. It’s time to get the July patches installed.

  There’s one potential oddity — you may get the .NET Framework Preview installed on Windows 10 version 1903 or 1909 — but I don’t see any reported bugs in that (unwanted!) patch.

  Step-by-step details in Computerworld Woody on Windows.

  Windows Patches/Security July 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Time to get the June patches installed

  Posted on July 8th, 2020 at 08:19 woody Comment on the AskWoody Lounge

  Looks like the patching scene has stabilized sufficiently to go ahead with the June patches.

  Some of the bugs have been ironed out. Others can be fixed if you know what happened, and how to get the antidotes installed.

  I’m moving to MS-DEFCON 3: Get Windows and Office patches installed, but watch out for the bugs.

  (No, that doesn’t include yesterday’s Office non-security patches. Nobody needs those. They’ll come back around soon enough.)

  Step-by-step details in Computerworld Woody on Windows.

  Windows Patches/Security June 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Time to get Windows and Office patches up-to-date

  Posted on May 7th, 2020 at 08:56 woody Comment on the AskWoody Lounge

  For those of you new to this particular piece of AskWoody arcana…

  Every month, I recommend that people pause Windows updating long enough to make sure there aren’t any real stinkers in the Patch Tuesday bunch. That sets up an ongoing tug-of-war. On the one hand, there are inevitable problems with all of the patches. Every month. On the other hand, there’s an ongoing threat that some miscreant will use the patched security holes to make new malware.

  I watch both sides incessantly and try to come up with solid patching recommendations. Been doing it for 14 years.

  You can read about my general approach in a Computerworld article, The case against knee-jerk installation of Windows patches. The AskWoody site has details about the MS-DEFCON system, which I’ve used for years to give normal Windows users a red-light/green-light signal about installing patches. (Very advanced Windows users and admins in charge of many systems are better off following Susan Bradley’s Master Patch List.) Whenever there’s a change in the MS-DEFCON level, I publish detailed, step-by-step instructions in Computerworld.

  Every month, there comes a time when – in my opinion – it’s better to install the (possibly modified) patches than leave the month’s round of patches uninstalled. We’ve just reached such a point. I figure we know enough about the problems at hand to help people who get socked by this month’s patches — and the malware cretins are close enough that it’s time to put the shields up.

  We’re now at MS-DEFCON 3: Go ahead and patch, but watch out for potential problems.

  Details in Computerworld Woody on Windows.

  (Yes, it’s true, my main machines are all on Win10 version 1909. Test machines run other versions and, of course, the Seven Semper Fi machine runs bone-stock Win7. See the Computerworld article.)

  Windows Patches/Security April 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Get the March 2020 patches installed

  Posted on April 1st, 2020 at 09:32 woody Comment on the AskWoody Lounge

  It’s been a strange patching month, with a Patch Tuesday, a Patch Thursday, the usual buggy “optional, non-security C/D Week” patch, a bonus fix for a bug introduced in late February’s patch, and a warning (with no patch) about yet another bad-font fallibility.

  There are several known bugs, but they all have reasonably well-known workarounds.

  Anyway, now’s a good time to make sure you have the March patches installed. Full instructions in Computerworld Woody on Windows.

  Windows Patches/Security March 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Get the February patches installed

  Posted on February 28th, 2020 at 13:49 woody Comment on the AskWoody Lounge

  The “disappearing desktop” temporary profile bug is still in the February cumulative update for Win10 version 1903 and 1909. Looks like the bug’s in the “optional, non-security, C/D Week” update, too. Nonetheless, we’ve seen a lot of reports of problems, and they all appear to be solvable.

  So it’s with some trepidation that I’m moving us to MS-DEFCON 3. You should get the Feb patches installed. (NOT the “optional, non-security, C/D Week patch, of course.)

  As an added surprise… I’m moving my production machines to Win10 version 1909. It looks like the File Explorer Search bug was fixed in the regular Cumulative Update — and I don’t see any persistent bugs in 1909 that aren’t also in 1903.

  Details in Computerworld Woody on Windows.

  Windows Patches/Security February 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: No rush, but you should get the January Patch Tuesday patches installed

  Posted on January 24th, 2020 at 14:55 woody Comment on the AskWoody Lounge

  Usually I wait until near the end of the month before giving the all-clear to install Microsoft’s Patch Tuesday patches.

  This month’s different.

  On the one hand, this month’s patches look pretty darn clean. Part of the reason for our good fortune, I’m convinced, is that we haven’t had any non-security patches since October.

  On the other hand, there’s the looming threat of CurveBall — the CVE-2020-0601 security hole advertised by the NSA. I don’t think CurveBall will hit the mainstream any time soon, but ya never know.

  Putting those together, and I figure now’s a good time for normal folks to get their machines patched.

  I’m only moving to MS-DEFCON 3 this month because it’s still very early in the crowdsourced bug catching phase. If you hit a problem with a patch, let us know loud and clear! But get patched.

  Full step-by-step details in Computerworld Woody on Windows.

  UPDATE: If you’re having installation problems with the Win10 1903 and 1909 cumulative updates, it may be caused by a missing Connect app. See Günter Born’s post.

  Windows Patches/Security January 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Get your September patches installed — but stick to the mainstream patches

  Posted on October 2nd, 2019 at 11:28 woody Comment on the AskWoody Lounge

  Lots of people will tell you that you need to install strange (very strange!) patches to protect yourself from the “Exploited: Yes” zero day patch for CVE-2019-1367. I say meh. Stick to this month’s normally distributed patches and you’ll be OK.

  Details and step-by-step instructions in Computerworld Woody on Windows.

  Windows Patches/Security MS-DEFCON 3, September 2019 Black Tuesday

• MS-DEFCON 3: Time to get the August 2019 patches installed

  Posted on September 6th, 2019 at 07:34 woody Comment on the AskWoody Lounge

  Lingering bugs await the unwary. Make sure you understand them before you take the August patching leap.

  Details in Computerworld Woody on Windows.

  For those of you new to the MS-DEFCON system… every month I send out warnings to block updates, and then an all-clear (possibly with assorted caveats) when things appear safe. We just hit the “sorta safe” mark, and we’ll descend back to the “block updates” part on Monday. Details on how to handle both transitions appear in Computerworld.

  Windows Patches/Security August 2019 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Get Windows XP, Win7 and associated Servers patched

  Posted on May 15th, 2019 at 07:59 woody Comment on the AskWoody Lounge

  If you’re running Win8, 8.1, 10 or related Server versions, stay on MS-DEFCON 2. Don’t install this month’s patches just yet.

  But if you have:

  • Windows XP (including Embedded)
  • Windows Server 2003, Server 2003 Datacenter Edition
  • Windows 7
  • Windows Server 2008, Server 2008 R2

  you need to get patched right away. The sky isn’t falling — there’s no worm making the rounds just yet — but at this point it looks like the benefits of patching outweigh the risks.

  If you’re running Vista, hang tight. Looks like Microsoft forgot to document that one.

  For XP and 7 users, I’m moving to MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.

  Details in Computerworld Woody on Windows. And I’ll have an AskWoody Alert out soon.

  Windows Patches/Security May 2019 Black Tuesday, MS-DEFCON 3
• « Older Entries