|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
MS-DEFCON 4: Skip those Secure Boot scripts
ISSUE 20.21.1 • 2023-05-23 
By Susan Bradley
Deploy May updates — and nothing but the updates.
I’m lowering the MS-DEFCON level to 4 to encourage you to install the May updates now.
However, I do not recommend taking the optional steps recommended by Microsoft to revoke the vulnerable bootloader files, as I discussed in yesterday’s On Security column. I do not think these manual steps provide full protection for this vulnerability — or potential future ones.
Anyone can read the full MS-DEFCON Alert (20.21.1, 2023-05-23).
-
MS-DEFCON 4: Major April issue, but not from updates
ISSUE 20.17.1 • 2023-04-25 By Susan Bradley
I’m ready to approve the April updates.
Accordingly, I’ve lowered the MS-DEFCON level to 4. This is not to say there are not a few oddities out there, but they will not affect many users.
Most of the unusual behavior in updates this month is due to slow changes that will lead to future enforcement changes.
Microsoft has also pushed off the implementation of the mandatory, number-based, multifactor authentication for Microsoft 365 applications.
Anyone can read the full MS-DEFCON Alert (20.17.1, 2023-04-25).
-
MS-DEFCON 4: Win11 22H2 not ready for prime time
ISSUE 20.13.1 • 2023-03-28 By Susan Bradley
March updates are ready. Windows 11 22H2, not so much.
It’s time to install the updates for the March releases, and that’s why I’m lowering the MS-DEFCON level to 4. There are a few issues out there, but most appear to be plain old low-risk bugs — things that used to be caught in Microsoft’s beta testing. As usual, it seems we’re the beta testers.
I have several Windows 11 22H2 deployments in active use. If you are not an advanced user, are relatively new to the Windows platform, or are really into rounded corners and having to click several times to build shortcuts on your desktop, you might be tempted to forgive Microsoft for some of these cosmetic bugs.
Anyone can read the full MS-DEFCON Alert (20.13.1, 2023-03-28).
-
MS-DEFCON 4: Wrapping up a short month
ISSUE 20.09.1 • 2023-02-28 By Susan Bradley
February’s patches affected you either severely, or not at all.
The good news: If you are a consumer, home user, or business that does not use Windows Server 2022 or any version of on-premises Exchange server, you will be just fine installing the updates at this time. Therefore, I am very comfortable with lowering the MS-DEFCON level to 4.
However, if you are a business patcher with Windows Server 2022 hosted in VMware, you may have been significantly impacted. In addition, patch administrators are still dealing with the side effects of the Exchange updates.
Anyone can read the full MS-DEFCON Alert (20.09.1, 2023-02-28).
-
MS-DEFCON 4: Patching weather is clearing
ISSUE 20.04.1 • 2023-01-24 By Susan Bradley
In general, the January updates have been well behaved.
So far, I’m not seeing any trending issues with them; accordingly, I’m lowering the MS-DEFCON level to 4. But that’s not to say we haven’t seen some other issues related to other types of updates. In addition to describing those, I’ll discuss a vulnerability in a part of your computer you may never think about.
Two issues recently impacted Start menus and shortcuts but were unrelated to one another.
Anyone can read the full MS-DEFCON Alert (20.04.1, 2023-01-24).
-
MS-DEFCON 4: Install or defer updates? Your choice.
ISSUE 19.43.1 • 2022-10-25 By Susan Bradley
I’ve got a slightly mixed message about the latest round of updates.
In the most general terms, updates this month have proven safe and unlikely to cause many problems. It is for that reason I am lowering the MS-DEFCON level to 4. But there’s a grain of salt to go along with that recommendation.
I continue to recommend that you not install the feature-release updates for Windows 10 or Windows 11 version 22H2. But I do recommend that you allow the rest of the updates to install. That’s the mixed message.
Anyone can read the full MS-DEFCON Alert (19.43.1, 2022-10-25).
-
MS-DEFCON 4: A well-behaved September
ISSUE 19.39.1 • 2022-09-27 By Susan Bradley
September updates have few side effects.
It’s always nice when the monthly update process is calm, with no storms. But due to a few snags, the best I can do is lower the MS-DEFCON level to 4.
These side effects are limited to issues seen in businesses; we ordinary, consumer mortals are not much affected.
Anyone can read the full MS-DEFCON Alert (19.39.1, 2022-09-27).
-
MS-DEFCON 4: July updates make some hot and bothered
ISSUE 19.30.1 • 2022-07-26 By Susan Bradley
Access bugs ruin a quiet July, but we can still lower MS-DEFCON to 4.
To any reader of this alert who is sweltering in a heat wave, my sincere condolences. I can slightly relate, as I’m having the normal July heat wave in my neck of the woods.
The big difference is that my area of the country is used to this weather. Thus I’m inside an air-conditioned home, remotely accessing office workstations and servers to perform the monthly maintenance tasks while some of you are … well … just really hot and really uncomfortable. Fortunately for us, this month’s Windows and Office updates were mostly well behaved.
Anyone can read the full MS-DEFCON Alert (19.30.1, 2022-07-25).
-
MS-DEFCON 4: A mixed bag for May
ISSUE 19.21.1 • 2022-05-24 By Susan Bradley
Good news! Most consumer and home users should be just fine after installing this month’s updates.
I’m not seeing any major, trending issues with patches for the bulk of users, so I’m lowering the MS-DEFCON level to 4.
But there’s a “but”: I’m still seeing some corner-case oddities and just can’t quite put my finger on the root cause. For example, reader Ray G reports:
… after the updates are installed, I still have a black screen and have to wait for about 5 minutes for the desktop to appear.
Anyone can read the full MS-DEFCON Alert (19.21.1, 2022-05-24).
-
MS-DEFCON 4: Protect yourself with patches
ISSUE 19.17.1 • 2022-04-26 By Susan Bradley
I’ve been holding my breath.
For the past few weeks, I’ve been watching for attacks that researchers indicated would be coming due to a vulnerability in all versions of Windows. All I’m seeing so far are theoretical attacks, not actual attacks.
CVE-2022-26809, the headline vulnerability of the April updates that impacts Windows 7 through Windows 10 — as well as Windows Server versions — sounded like it had the potential of being a worm inside a network. Microsoft complicated the matter when it first indicated that this vulnerability was triggered by SMB file sharing. Then it clarified that the original researcher had provided a proof of concept that used SMB file sharing, but that additional methodologies could be used in attacks.
Anyone can read the full MS-DEFCON Alert (19.17.1, 2022-04-26).
-
MS-DEFCON 4: March madness? Mostly quiet
ISSUE 19.12.1 • 2022-03-22 By Susan Bradley
For the majority of computer users, it’s time to get the updates rolled out.
I’m tracking some issues this month, but not so many as for a typical March. Thus I’m lowering the MS-DEFCON level to 4.
An unusual occurrence is a problem with a Windows 8.1 update.
Anyone can read the full AskWoody Plus Alert 19.12.1 (2022-03-22).
-
Closing out January
It’s nearly the end of the month and it’s time to recap and review our computer systems for the month. Updates have been disruptive this month to say the least.For those of you that are not Plus members, one of the key items I work on and update several times during the month is the “Master patch list”. In it I recap the updates released during the month and track if you should – or should not – install the updates. I place the listing on an Excel spreadsheet and also save it in csv, pdf and html formats. For those of you that would like a sneak peak, you can see it here. Note I’ve opened it up for a sneak peek at the end of the month for your use and review for anyone – plus member or not – given that this has been a rough month.
For those of you that are Plus members, remember that I update the spreadsheet on a regular basis and post additional notes on this page. (Plus members only)
Currently we also send out an alert that gets emailed when we change the MS-DEFCON and alert you to patching issues. In addition, there is a twitter account you can follow as well as sign up for text alerts.
Question for those that follow the twitter account and the blog? Would you want me to post a new post when I update the Master Patch Listing? I don’t want to send out an email or an alert as we reserve those actions for the newsletters and the MS-DEFCON alerts, but I can certainly put a note here so that you know when it’s updated. Please let me know in the comment section as to your preferences!
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Windows 11 Insider Preview Build 22621.1835 and 22624.1835 released to BETA
by 3 hours, 14 minutes ago
-
Unexpected HP Install Request anfter removal of Norton AV
by 5 hours, 10 minutes ago
-
Will Incontrol stop Windows 11 22H2 update, if used after update is paused?
by 4 hours, 54 minutes ago
-
Restoring a Bitlockered System Image with Macrium Reflect Free
by 8 hours, 17 minutes ago
-
Prevent emails from ever being seen in Outlook 2013
by 3 hours, 47 minutes ago
-
Windows Update
by 4 hours, 55 minutes ago
-
Vivaldi 6.1 with Bing chat , browsers mimic
by 11 hours, 50 minutes ago
-
MS-DEFCON 2: Are you still on Windows 10 21H2?
by 1 hour, 20 minutes ago
-
Word 2021 – Print View problems
by 9 hours, 16 minutes ago
-
Windows 11 Insider Preview build 25387 released to Canary
by 1 day, 2 hours ago
-
Windows 11 Insider Preview build 23475 released to DEV
by 1 day, 2 hours ago
-
WordPress added AI – Jetpack
by 1 day, 1 hour ago
-
PXE Boot and Hyper-V virtual machines and other strange things
by 1 day, 5 hours ago
-
Testing for adding table to post
by 1 day, 3 hours ago
-
I honestly can’t tell if this is a scam or not
by 25 minutes ago
-
New Life For Ten Year Old DIY NAS Hardware
by 17 hours, 41 minutes ago
-
June 2023 Office non-Security updates have been released
by 2 days, 1 hour ago
-
Web Apps from Brave Browser
by 23 hours, 52 minutes ago
-
Firefox 114 offering Secure DNS Options – does AT&T ISP Support?
by 1 day, 3 hours ago
-
macOS 14 Sonoma
by 1 day, 5 hours ago
-
Just a fyi – I think I’ll skip on an Apple Vision Pro hardware section
by 2 days, 4 hours ago
-
What’s wrong with Windows 11?
by 11 minutes ago
-
Streaming an iPad to a standard TV
by 1 day, 20 hours ago
-
clone to make backup laptop
by 8 hours, 9 minutes ago
-
Problems with sound and USB ports
by 2 days, 10 hours ago
-
Can you use WUShowHide on Windows 11 version 21H2?
by 2 days, 17 hours ago
-
Can we control the changes to our operating systems?
by 1 hour, 37 minutes ago
-
Watch out for fake ‘Windows Defender’ scare
by 3 hours, 31 minutes ago
-
Diagnostics and testing? Get it all done in a flash.
by 3 hours, 11 minutes ago
-
Dip your toe into Visio Online
by 3 days, 3 hours ago
