Are Updates dangerous!
joe
I lived in a remote area without internet access so never did any updates
other than the service packs, no internet no threats :-)
I now have broadband and am fully up to date with all Microsoft updates.
However this latest problem with KB977165 has really scared me. I am not too
happy about using the recovery tool and how would I have found out the
solution anyway without a pc to access the Internet? ( I am still in a
remote area with no other pc's around )
So I have a couple of questions for the experts here.
Firstly, why did my update install perfectly when so many others had this
huge problem? Was I just lucky?
Has this kind of thing happened before with bad updates?
Can I feel safe in downloading these updates automatically.
I would feel much better if you guys could give me the benefit of your
experience.
TIA
S K
Yes, there are problems with updates from time to time. For testing
purposes, some organizations will update non-critical machines to see
if there are any ill effects before flooding all the company's
computers with the update. I usually wait a week or three before
installing updates, waiting to see if my favorite newsletter mentions
any horror stories. It's free and dependable.
Shenan Stanley
First - because your computer did not have whatever problem the other people
have. The source of the problem (at this time) has not been identified with
any certainty. Yes, the patch may expose the issue on some systems - but if
the problem was the patch PURELY - you'd think it'd affected all systems,
wouldn't you?
Definitely - bad things happen. Most of the time the problem has been
something on the computer having a reaction to the update, not necessarily a
bad update. Recall this is a Windows Update - fixing something in Windows.
It cannot know what has been done to your machine in every possible way or
know how every possible program you could have would react when whatever it
is fixing is changed. This has happened with things like ZoneAlarm and some
antivirus applications in the last few years.
Can you? Yes - millions of people do. Should you? Depends on what your
other maintenance tasks are. Do you perform consistent and full backups of
your important data on external media? Do you have all the installation
media and product keys for everything you have installed stored in a safe
place away from the computer itself?
My experience is this:
Lightning can and will strike. It may/may not affect your computer, but if
you are prepared, it won't matter as much.
You're on high-speed now - likely on all the time - what protection do you
have in place keeping someone from hopping on your computer and doing
whatever they want?
How's your door locks? Someone/something always watching the computer?
Outlets well grounded and computer connected to an AVR capable Universal
Power Supply with battery backup?
All that media and product key stuff I spoke of earlier - is it in a
fire-resistant/water-resistant safe of some sort?
There are plenty of things to worry about out there - whether or not a patch
might mess up a computer that you should be backing up and protecting the
important stuff on anyway seems... minor. ;-)
--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html
Daave
joe wrote:
> I have win xp pro sp3
>
> I lived in a remote area without internet access so never did any
> updates other than the service packs, no internet no threats :-)
> I now have broadband and am fully up to date with all Microsoft
> updates.
> However this latest problem with KB977165 has really scared me.
As long as you take the proper precautions, there is no need to be
scared. More on this below.
> I am
> not too happy about using the recovery tool and how would I have
> found out the solution anyway without a pc to access the Internet? (
> I am still in a remote area with no other pc's around )
>
> So I have a couple of questions for the experts here.
>
> Firstly, why did my update install perfectly when so many others had
> this huge problem? Was I just lucky?
Luck is relative. It appears that only a small percentage of unlucky
people had this problem. People are still trying to figure out what
caused this issue; it's probably some third-party program (that most
people don't run) interacting in a negative way with this particular
update.
> Has this kind of thing happened before with bad updates?
Yes, these problems do occasionally occur.
> Can I feel safe in downloading these updates automatically.
As long as you regularly image your hard drive (and validate theses
images), you can always feel 99.99% safe (remember: nothing in life is
100%). This way if a problem occurs and you can't fix it, you can simply
restore the most recent image. It's kind of like using a time machine.
:-)
> I would feel much better if you guys could give me the benefit of your
> experience.
Although there is a smal risk in automatically downloading these
updates, there is a larger security risk in *not* downloading and
installing them. Furthermore, you can choose to be notified and download
and install them whenever *you* want to do this. See:
http://www.iaps.com/gifs/automatic-updates-notify.png
Or you can even disable Automatic Updates as long as you *religiously*
manually update by visiting the Windows Update Web site. This way you
can wait a few days until after Patch Tuesday to see if there any issues
like the one with KB977165. And occasionally there are critical updates
released other days. If you monitor the Windows Update newsgroup, you
will be on top of things. Then again, doing this automatically *is* less
work than manually!
As mentioned above, as long as you regularly image your drive, you're
covered with regard to disaster recovery. If you don't do this
currently, you really should consider doing it!
Also, I would recommend that you only download and install the critical
security updates. And stay far away from drivers offered by Microsoft
for non-Microsoft hardware!
Daave
> I have win xp pro sp3
>
> I lived in a remote area without internet access so never did any
> updates other than the service packs, no internet no threats :-)
> I now have broadband and am fully up to date with all Microsoft
> updates.
> However this latest problem with KB977165 has really scared me.
<snipped>
Once more, Microsoft's filtering is acting up. :-(
My response to you, Joe, may be found here:
http://groups.google.com/group/microsoft.public.windowsxp.general/msg/d7a7bbf38fdf9694?hl=en
Daave
joe
intend to follow all the advice given here, especially waiting a couple of
days before installing the updates. A very good idea :-)
"Daave" <da...@example.com> wrote in message
news:Oaoqso$qKHA...@TK2MSFTNGP05.phx.gbl...
C
> Thank you Daave,SK and Shenan for a very detailed and informative answer. I
> intend to follow all the advice given here, especially waiting a couple of
> days before installing the updates. A very good idea :-)
No, it's a very bad idea. They don't call it Exploit Wednesday for nothing.
--
C
S K
And definitely don't install updates in the middle of a busy work day
when the computer absolutely MUST keep running. Sometimes what
Microsoft thinks is funny turns out to not be very funny at all.
joe
Don't see what you're getting at.
"C" <nospa...@please.com.invalid> wrote in message
news:hl41mi$ps3$1...@speranza.aioe.org...
C
After patches are released on the second Tuesday of the month, the
hackers get to work the next day on the computers of n00bs who haven't
updated yet. Ergo, Exploit Wednesday immediately follows Update Tuesday.
Do you understand now?
--
C
Daave
I would imagine the hackers don't even wait.
To OP:
In order to be as safe as possible, you need to do the following:
1. Regularly image your hard drive so you have something to fall back on
if the need arises.
2. Install the Microsoft critical security updates as soon as they come
out. Chances are you won't run into any problems. And if you do, all you
need to do is restore the most recent image you have.
If you decide to manually update (and wait a few days), arguably you
will be slightly less safe. Then again, if you have your firewall
running and you avoid dodgy Web sites and don't click on spurious e-mail
attachments and if your AV defintions are up-to-date, you should be fine
for all intents and purposes. And again, if you run into any problems,
you can still restore the most recent image of your hard drive. :-)
MowGreen
Speaking of "funny", get a load of this -
Windows Activation Technologies Update for Windows 7
http://windowsteamblog.com/blogs/genuinewindows/archive/2010/02/11/windows-activation-technologies-update-for-windows-7.aspx?PageIndex=2
" In the coming days, we�ll be deploying a new update for Windows
Activation Technologies, the set of built-in activation and validation
components built into Windows 7. Called Windows Activation Technologies
Update for Windows 7, this update will detect more than 70 known and
potentially dangerous activation exploits. Activation exploits are
sometimes called �hacks�, and attempt to bypass or compromise Windows�
activation technologies. This new update is further evidence of
Microsoft�s commitment to keeping customers and partners secure. "
But wait ... it's get's even *funnier* -
" Media Surveillance, an anti-piracy solutions company based in Germany,
recently downloaded more than five hundred pirated copies of Windows 7
(and Windows activation exploits) and found that 32% contained malicious
code. "
Yeah, the 'malicious code' is DRM and WGA. Doesn't this sound like an
Abbott and Costello routine ?
" DRM's on first, WGA's on second, but who's on third "
" WAT's on third "
" Who ? "
" No, WAT's on third, Who's at my door ? "
But wait, there's more ! -
" The Update is designed to run on all editions of Windows 7, although
we will distribute first to the Home Premium, Professional, Ultimate and
Enterprise editions. It will be available online at
www.microsoft.com/genuine beginning February 16 and on the Microsoft
Download Center beginning February 17. Later this month, the update will
also be offered through Windows Update as an �Important� update.
<snip>
I�d like to stress that the Update is voluntary, which means that you
can choose not to install it when you see it appear on Windows Update.
<snip>
How does it work? Once installed, the Update protects customers by
identifying known activation exploits that may affect their PC
experience. If any activation exploits are found, Windows will alert the
customer and offer options for resolving the issue � in many cases, with
just a few clicks."
Yeah, right, " just a few clicks ". That's hystericaly NOT funny for
anyone who's had to go through the False Positive Activation/Validation
Dance and had to call in to get their OS Activated or Validated.
And now for the final guffaw -
" The Update will run periodic validations (initially every 90 days).
During validation, Windows will download the latest �signatures� that
are used to identify new activation exploits � much like an anti-virus
service.. "
No thanks. My Windows 7 system has been Activated/Validated/Genuined and
I *highly* doubt that this update will protect it " by making sure that
the integrity of key licensing components remains intact. "
No fish, try again.
MowGreen
================
*- 343 -* FDNY
Never Forgotten
================
banthecheck.com
"Security updates should *never* have *non-security content* prechecked
MowGreen
================
* -343-* FDNY
Never Forgotten
================
banthecheck.com
"Security updates should *never* have *non-security content* prechecked
(PeteCresswell)
>Yes, there are problems with updates from time to time. For testing
>purposes, some organizations will update non-critical machines to see
>if there are any ill effects before flooding all the company's
>computers with the update. I usually wait a week or three
Flipping it around: would anybody care to comment on the
hazard(s) of never applying updates? Let's say "SP2" and call
it a day?
--
PeteCresswell
Shenan Stanley
(PeteCresswell) wrote:
> Flipping it around: would anybody care to comment on the
> hazard(s) of never applying updates? Let's say "SP2" and call
> it a day?
What's the situation? Where is this computer, what is it used for?
Saucy
An unpatched rtm Windows XP will be infected within minutes if connected
directly to the Internet:
http://www.securityfocus.com/columnists/262
"(PeteCresswell)" <x...@y.Invalid> wrote in message
news:ikjbn5t985qth3s7k...@4ax.com...
![PA Bear [MS MVP]'s profile photo](http://lh3.googleusercontent.com/a-/ALV-UjXsf05hH-R8XChS3fXPPzfoO8FYYxAKhT86KfPnIELr3QJ9tQ=s40-c)
PA Bear [MS MVP]
joe
"PA Bear [MS MVP]" <PABe...@gmail.com> wrote in message
news:OLyRxLFr...@TK2MSFTNGP05.phx.gbl...
Unknown
PA Bear [MS MVP]
BSOD/KB977165 issues here.
>>> Firstly, why did my update install perfectly when so many others had
>>> this
>>> huge problem? Was I just lucky?
Luck had nothing to do with it. Practicing 'Safe Hex' did: It's beginning
to look like the vast majority of these BSODs were caused by hijackware
infections, primarily W32/Alureon-variants.
>>> Has this kind of thing happened before with bad updates?
If your computer's security was compromised, yes.
>>> Can I feel safe in downloading these updates automatically.
Very generally speaking, yes. Should you ever need assistance...
For home users, no-charge support is available by calling 1-866-PCSAFETY
(and/or 1-866-234-6020 and/or 1-800-936-5700) in the United States and in
Canada or by contacting your local Microsoft subsidiary. There is no-charge
for support calls that are associated with security updates. When you call,
clearly state that your problem is related to a Security Update and cite the
update's KB number (e.g., KB999999).
Or you can...
Start a free Windows Update support incident request:
https://support.microsoft.com/oas/default.aspx?gprid=6527
Consumer Security Support home page & Microsoft Update Solution Center also
offer support options
https://consumersecuritysupport.microsoft.com/
http://support.microsoft.com/ph/6527#tab3
For more information about how to contact your local Microsoft subsidiary
for security update support issues, visit the International Support Web
site: http://support.microsoft.com/common/international.aspx
--
~PA Bear
joe wrote:
> What kind of response is that?
>
joe
"Unknown" <unk...@unknown.kom> wrote in message
news:Od$p4fMrK...@TK2MSFTNGP02.phx.gbl...
PA Bear [MS MVP]
joe
This is more of what I would have expected from you PA. I kmow you are
heavily involved with update queries and apreciate you taking the time to
respond. I still feel nervous about the whole update issue after this little
hicup.
"PA Bear [MS MVP]" <PABe...@gmail.com> wrote in message
news:%23$%230XoMr...@TK2MSFTNGP04.phx.gbl...
joe
respect your input PA bear and have done so for several years. Thank you.
"PA Bear [MS MVP]" <PABe...@gmail.com> wrote in message
news:uz7d2$NrKHA...@TK2MSFTNGP02.phx.gbl...
(PeteCresswell)
>An unpatched rtm Windows XP will be infected within minutes if connected
>directly to the Internet:
>
>http://www.securityfocus.com/columnists/262
But that's an "unprotected PC" - which I take to mean one with no
anti-virus software installed and not running behind whatever
kind of router offers some protection.... or did I read it wrong?
--
PeteCresswell
(PeteCresswell)
>What's the situation? Where is this computer, what is it used for?
Mostly home use: email, word processing. Some VBA development,
but most of the time I Remote into a box at the client's site to
do development.
I posed the question because after applying SP3, I had problems
Remote Desktopping over a VPN to a client site. Called their
support desk and they said they found SP3 tb problematic in that
area. Didn't turn out tb the cause (I was using the wrong
router and that was the cause)... but their comment got me
thinking that there seems tb negative exposure in applying MS
fixes... and I was wondering if anybody had actually had a
problem because they did *not* apply a fix.
--
PeteCresswell
Unknown
PA Bear [MS MVP]
20100214
time. They are an added extra and are optional.
If you have Windows XP with SP3 installed then you would be completely
protected if you follow the following:
1) In Windows firewall settings, In the General Tab, make sure ON is ticked
and also "Don't allow exceptions" is ticked
2) On exceptions tab, remove tabs against everything; You don't need to
allow any exceptions;
3) On Advanced tab, click on Restore default button.
Ideally you should start with 3, then 2 and then 1. Although in 1 you have
disallowed all exceptions, I wouldn't trust it because I have come across
circumstances where M$ software failed horribly.
I have not installed any updates post SP3 and have no intentions of
installing any of them.
hth
"joe" <j...@ebox.com> wrote in message
news:%23xpodq%23qKH...@TK2MSFTNGP04.phx.gbl...
PA Bear [MS MVP]
FUD
Sanford Aranoff
>
> Yes I can confidently say that M$ updates are a complete and utter waste of
> time. They are an added extra and are optional.
>
> If you have Windows XP with SP3 installed then you would be completely
> protected if you follow the following:
>
> 1) In Windows firewall settings, In the General Tab, make sure ON is ticked
> and also "Don't allow exceptions" is ticked
>
> 2) On exceptions tab, remove tabs against everything; You don't need to
> allow any exceptions;
>
> 3) On Advanced tab, click on Restore default button.
>
> Ideally you should start with 3, then 2 and then 1. Although in 1 you have
> disallowed all exceptions, I wouldn't trust it because I have come across
> circumstances where M$ software failed horribly.
>
> I have not installed any updates post SP3 and have no intentions of
> installing any of them.
Makes sense. I did as you suggested. Any comments? Do we
need security updates if we have good AV and anti-Spy? What
are the drawbacks that you can think of? How do you respond
to the comment FUD?
20100215
"Sanford Aranoff" <ara...@analysis-knowledge.com> wrote in message
news:4B78ADCA...@analysis-knowledge.com...
> 20100214 wrote:
>>
>
> Makes sense. I did as you suggested. Any comments? Do we
> need security updates if we have good AV and anti-Spy? What
> are the drawbacks that you can think of? How do you respond
> to the comment FUD?
No. If you have updated Anti-Virus (AVG, AVAST or MSE) and Windows Defender
you are well protected. AVG and Windows Defender doesn't work in tandem so
avoid AVG. I have MSE, Windows Defender and Avast on my system.
I have stopped all updates (Turn off Automatic Updates) coming to my system.
Only the Anti-Virus and Windows defender gets through my firewall
protection.
I have replied to FUD comment separately to pig-bear directly. Pig-Bear and
me are not completely compatible so just ignore him.
hth
20100215
> FUD
Are you seriously looking for: female urination device?
This would certainly enable you to urinate while standing upright.
Variations include basic funnel shapes to more obscure and comedic designs.
Have you changed your gender already? Join Mow Green and you can have
lesbian relationship!
Unknown
"20100215" <2010...@discussions.microsoft.com> wrote in message
news:uR%23rgtir...@TK2MSFTNGP02.phx.gbl...
Sanford Aranoff
I have BitDefender AV and Webroot Anti-Spyware.
Kevin John Panzke
Kevin John Panzke
joe
"Unknown" <unk...@unknown.kom> wrote in message
news:%23Nk57XP...@TK2MSFTNGP04.phx.gbl...
20100217
> And you are exactly what everone says about you.
>
Unknown's <unk...@unknown.kom> mummy is impressed with my size!! She just
can't let it go! It is " absolutely amazing" that his biological father
produced a midget like him with no personality or brains.
I wouldn't get involved with that nutter.
Unknown
Kevin John Panzke
> Thank you very much for the kind comment."joe" <j...@ebox.com> wrote in message
>
> news:ezul9N$rKHA...@TK2MSFTNGP06.phx.gbl...
>
> > And you are exactly what everone says about you.
>
> >news:%23Nk57XP...@TK2MSFTNGP04.phx.gbl...
> >> He was correct-------you are paranoid.
> >> "joe" <j...@ebox.com> wrote in message
> >>news:uYc7ZBO...@TK2MSFTNGP06.phx.gbl...
> >>> This is more of what I would have expected from you PA. I kmow you are
> >>> heavily involved with update queries and apreciate you taking the time
> >>> to respond. I still feel nervous about the whole update issue after this
> >>> little hicup.
>
EVERYONE: FAILED UPDATES ARE A RESULT OF MALWARE ON YOUR COMPUTER'S AS
WAS SPECIFICALLY MENTIONED BY PA BEAR THE THE WINDOWS UPDATE NEWS
GROUPS, AND AS PA BEAR SAID, YOU SHOULD STAY AWAY FROM AVG, MCAFEE,
AND NORTON, AND USE MICROSOFT SECURITY ESSENTIALS INSTEAD! IF YOU ARE
HAVING TROUBLE WITH THE GENUINE SOFTWARE CHECK DUE 2 MALWARE THAT IS
ALREADY ON YOUR SYSTEM, I RECOMMEND TRYING AVAST 5.0 FREE EDITION,
WITCH UNLIKE AVG, AVAST HAS WON AWARDS 4 BEING ONE OF THE BEST ANTI-
VIRUS SOFTWARE ENGINES 4 DETECTING MALWARE AND UNKOWN MALWARE 4
SEVERAL YEARS IN A ROW NOW, JUST FYI! THIS THREAD SHOULD CLOSE RIGHT
NOW, WITH NO FURTHER COMMENTS! THREAD CLOSED!