Blog Archives

• MS-DEFCON 3: Time to get the June patches installed

  Posted on July 8th, 2020 at 08:19 woody Comment on the AskWoody Lounge

  Looks like the patching scene has stabilized sufficiently to go ahead with the June patches.

  Some of the bugs have been ironed out. Others can be fixed if you know what happened, and how to get the antidotes installed.

  I’m moving to MS-DEFCON 3: Get Windows and Office patches installed, but watch out for the bugs.

  (No, that doesn’t include yesterday’s Office non-security patches. Nobody needs those. They’ll come back around soon enough.)

  Step-by-step details in Computerworld Woody on Windows.

  Windows Patches/Security June 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Time to get Windows and Office patches up-to-date

  Posted on May 7th, 2020 at 08:56 woody Comment on the AskWoody Lounge

  For those of you new to this particular piece of AskWoody arcana…

  Every month, I recommend that people pause Windows updating long enough to make sure there aren’t any real stinkers in the Patch Tuesday bunch. That sets up an ongoing tug-of-war. On the one hand, there are inevitable problems with all of the patches. Every month. On the other hand, there’s an ongoing threat that some miscreant will use the patched security holes to make new malware.

  I watch both sides incessantly and try to come up with solid patching recommendations. Been doing it for 14 years.

  You can read about my general approach in a Computerworld article, The case against knee-jerk installation of Windows patches. The AskWoody site has details about the MS-DEFCON system, which I’ve used for years to give normal Windows users a red-light/green-light signal about installing patches. (Very advanced Windows users and admins in charge of many systems are better off following Susan Bradley’s Master Patch List.) Whenever there’s a change in the MS-DEFCON level, I publish detailed, step-by-step instructions in Computerworld.

  Every month, there comes a time when – in my opinion – it’s better to install the (possibly modified) patches than leave the month’s round of patches uninstalled. We’ve just reached such a point. I figure we know enough about the problems at hand to help people who get socked by this month’s patches — and the malware cretins are close enough that it’s time to put the shields up.

  We’re now at MS-DEFCON 3: Go ahead and patch, but watch out for potential problems.

  Details in Computerworld Woody on Windows.

  (Yes, it’s true, my main machines are all on Win10 version 1909. Test machines run other versions and, of course, the Seven Semper Fi machine runs bone-stock Win7. See the Computerworld article.)

  Windows Patches/Security April 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Get the March 2020 patches installed

  Posted on April 1st, 2020 at 09:32 woody Comment on the AskWoody Lounge

  It’s been a strange patching month, with a Patch Tuesday, a Patch Thursday, the usual buggy “optional, non-security C/D Week” patch, a bonus fix for a bug introduced in late February’s patch, and a warning (with no patch) about yet another bad-font fallibility.

  There are several known bugs, but they all have reasonably well-known workarounds.

  Anyway, now’s a good time to make sure you have the March patches installed. Full instructions in Computerworld Woody on Windows.

  Windows Patches/Security March 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Get the February patches installed

  Posted on February 28th, 2020 at 13:49 woody Comment on the AskWoody Lounge

  The “disappearing desktop” temporary profile bug is still in the February cumulative update for Win10 version 1903 and 1909. Looks like the bug’s in the “optional, non-security, C/D Week” update, too. Nonetheless, we’ve seen a lot of reports of problems, and they all appear to be solvable.

  So it’s with some trepidation that I’m moving us to MS-DEFCON 3. You should get the Feb patches installed. (NOT the “optional, non-security, C/D Week patch, of course.)

  As an added surprise… I’m moving my production machines to Win10 version 1909. It looks like the File Explorer Search bug was fixed in the regular Cumulative Update — and I don’t see any persistent bugs in 1909 that aren’t also in 1903.

  Details in Computerworld Woody on Windows.

  Windows Patches/Security February 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: No rush, but you should get the January Patch Tuesday patches installed

  Posted on January 24th, 2020 at 14:55 woody Comment on the AskWoody Lounge

  Usually I wait until near the end of the month before giving the all-clear to install Microsoft’s Patch Tuesday patches.

  This month’s different.

  On the one hand, this month’s patches look pretty darn clean. Part of the reason for our good fortune, I’m convinced, is that we haven’t had any non-security patches since October.

  On the other hand, there’s the looming threat of CurveBall — the CVE-2020-0601 security hole advertised by the NSA. I don’t think CurveBall will hit the mainstream any time soon, but ya never know.

  Putting those together, and I figure now’s a good time for normal folks to get their machines patched.

  I’m only moving to MS-DEFCON 3 this month because it’s still very early in the crowdsourced bug catching phase. If you hit a problem with a patch, let us know loud and clear! But get patched.

  Full step-by-step details in Computerworld Woody on Windows.

  UPDATE: If you’re having installation problems with the Win10 1903 and 1909 cumulative updates, it may be caused by a missing Connect app. See Günter Born’s post.

  Windows Patches/Security January 2020 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Get your September patches installed — but stick to the mainstream patches

  Posted on October 2nd, 2019 at 11:28 woody Comment on the AskWoody Lounge

  Lots of people will tell you that you need to install strange (very strange!) patches to protect yourself from the “Exploited: Yes” zero day patch for CVE-2019-1367. I say meh. Stick to this month’s normally distributed patches and you’ll be OK.

  Details and step-by-step instructions in Computerworld Woody on Windows.

  Windows Patches/Security MS-DEFCON 3, September 2019 Black Tuesday

• MS-DEFCON 3: Time to get the August 2019 patches installed

  Posted on September 6th, 2019 at 07:34 woody Comment on the AskWoody Lounge

  Lingering bugs await the unwary. Make sure you understand them before you take the August patching leap.

  Details in Computerworld Woody on Windows.

  For those of you new to the MS-DEFCON system… every month I send out warnings to block updates, and then an all-clear (possibly with assorted caveats) when things appear safe. We just hit the “sorta safe” mark, and we’ll descend back to the “block updates” part on Monday. Details on how to handle both transitions appear in Computerworld.

  Windows Patches/Security August 2019 Black Tuesday, MS-DEFCON 3

• MS-DEFCON 3: Get Windows XP, Win7 and associated Servers patched

  Posted on May 15th, 2019 at 07:59 woody Comment on the AskWoody Lounge

  If you’re running Win8, 8.1, 10 or related Server versions, stay on MS-DEFCON 2. Don’t install this month’s patches just yet.

  But if you have:

  • Windows XP (including Embedded)
  • Windows Server 2003, Server 2003 Datacenter Edition
  • Windows 7
  • Windows Server 2008, Server 2008 R2

  you need to get patched right away. The sky isn’t falling — there’s no worm making the rounds just yet — but at this point it looks like the benefits of patching outweigh the risks.

  If you’re running Vista, hang tight. Looks like Microsoft forgot to document that one.

  For XP and 7 users, I’m moving to MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.

  Details in Computerworld Woody on Windows. And I’ll have an AskWoody Alert out soon.

  Windows Patches/Security May 2019 Black Tuesday, MS-DEFCON 3
• « Older Entries