Posts Tagged ‘Windows updates’

KB2286198, released (out-of-cycle so to speak) on Monday, August 2, 2010, has to do with the possibility of maliciously crafted Windows SHORTCUTS being potentially used as a means of gaining access to a PC. I don’t have many shortcuts and I am very leery about installing them in the first place. If a shortcut is installed, I, invariably, delete it.

Here is Microsoft’s Security Bulletin, i.e., MS 10-046, about this vulnerability.

In case you haven’t noticed, there has been a marked slowdown in Windows 7 updates and even the Windows Defender Updates.

KB2286198 is the first non-Windows Defender update since July 16 — when we received KB2032276.

Well I uneventfully installed KB2286198 this morning … and did the requsite RESTART … and that was 4 hours ago. So far, so good. Obviously, as is my wont, I didn’t install this until I did some checking on the Internet to see if anybody had run into any problems with it. I didn’t see anything.

I also installed two outstanding Windows Defender Updates, i.e., KB915597s. These were for Definition Sets 1.87.1293.0 and 1.87.362.0

I did a FULL Windows Defender Scan after I restarted. That took some time. But, it found nothing.

Hope this helps. All the best.


Read Full Post »

I saw KB978542 appear as an update on Tuesday, i.e., few days ago. Since I have Windows Updates TURNED OFF, I only see updates if I manually check for them — and knowing Microsoft’s schedule I usually check every Tuesday night and then again towards the end of the week.

I didn’t check the details on KB978542 until today. Noticed that all the reported problems had to do with it clobbering Windows Mail and Outlook. So dug a bit deeper.

KB978542 is SPECIFIC to Outlook Express, Windows Mail, and Windows Live Mail. Here is the Microsoft Security Bulletin <click>.

I haven’t used Outlook or Outlook Express in over 3 years. I think Outlook is the anti-christ! I try to convince as many people that I know to stop using Outlook.

I use Web mail … but not from Microsoft. The GoDaddy version. It isn’t the greatest but it plods along, and that is good enough.

So I opted to skip (and now HIDE) KB978542.

If you are not using any of the three mail packages, I suggest you skip this update too. Appears that Windows Mail is not supposed to work with Windows 7. Those that have managed to get hacked versions to work on Windows 7 are discovering that KB978542 disables Windows Mail altogether. So be aware.

I did, however, install, per rote, the May 2010, KB890830, Windows Malicious Software Removal Tool. I do that just for the sport. I haven’t restarted the PC since … so I am keeping my ankles crossed.

That is it. Good luck.

Anura Guruge

Read Full Post »

Within a week of the last KB915597 Windows Defender Update (Definition set 1.79.1432.0) yet another one, this time for Definition set 1.79.1918.0.

That is the fourth (4th) KB915597 Windows Defender Updates this month; i.e., April 1, April 5,  April 8 and April 14.

You can see the list of threats addressed by this update and others at this Microsoft site … click <here>.

There seems to have been quite a few definition updates between 1.79.1432.0 and 1.79.1918.0 … so much so that 1.79.1432.0 has fallen off the end of the list!

Even 1.79.1918.0 has already been usurped by 1.79.1945.0. So we should get another KB915597 within days.

Good luck. I will try to keep you posted.

Anura Guruge

P.S., I successfully installed it … as well as the latest [i.e., April] Windows Malicious Software Removal Tool, KB890830.

Read Full Post »

KB978601, KB979309, KB981332, KB980232 & KB979683 were the five security Windows Updates for Windows 7 that were sent out on Tuesday, April 13, 2010.

I waited until today to see if there were any reports of folks having trouble with these. Didn’t see any reports, though I will confess I didn’t look that hard.

I took a risk. Bit the bullet. Installed all of them.

It required a restart. I am posting this, from my Windows 7 machine, after the restart. I am still alive … I think. << smile >>

It seems OK. So if you are vacillating, give it another 24 hours and then go ahead. I will keep you posted.

Good luck. All the best.

Anura Guruge

Read Full Post »

Just three days after the last KB915597 Windows Defender Update (Definition set 1.79.1220.0) yet another one: Definition set 1.79.1432.0.

That is 3 KB915597 Windows Defender Updates this month; i.e., April 1, April 5 and April 8.

You can see the list of threats addressed by this update and others at this Microsoft site … click <here>.

For a change we seem to be smack up to-date; i.e., there are no newer definitions listed.

But, have a look at the Definition history. It is sobering.

The April 1 update covered Definition 1.79.953.0.

1.79.1432.0 is 18 definitions hence. That is 18 in a week, 2.5 definition sets a day.

Now to be fair the likes of Avast and AVG send out new definition updates daily, if not more often. So if anything one can accuse Microsoft of being dilatory. But then again does anybody really believe that Windows Defender is an industrial strength antivirus/antimalware product? I hope not.

So, that is the state of play. This was the only update today. We will see a barrage next Tuesday, April 13 … the Sinhalese Old Year Day. New Year, logically, is the NEXT DAY, April 14. Happy New Year.

Good luck.

Anura Guruge

Read Full Post »

Since I now appear to be the arbitrator of Windows 7 updates, I checked too see if there were any … today … a Thursday.

There were TWO. I was surprised. One was a new Windows Defender Update. Qu’est-ce que c’est passe?

We had one yesterday, and another today. Is Windows 7, like Democrats, under attack? Don’t get it.

Also an OPTIONAL update for the Realtek PCIe GBE controller. That is what I have on my ASUS motherboard.

That also happens to be the second in 4 days. What is cooking? I guess the update is OK. My Ethernet is still working … otherwise I would not be typing this.

Not good. Just a heads up.

Good luck. All the best.

Anura Guruge

Read Full Post »

On March 9, 2010 we will see the first security-related Windows 7 update since early February.

It appears that we will get two updates, one for Windows 7 and one for Office 2007 (assuming you have it installed). Both will be marked IMPORTANT. Both fix security problems that could clobber your PC — if, and only if, you happen to OPEN a compromised, malicious file. In the case of Office 2007 it appears that the culprit, this time around is, Excel.

I have my Windows Updates turned off. Have had them turned off since February 13, 2010.

But, as I documented on February 28, I did go and ‘manually’ install the February 23 updates — which included KB977863 for the Windows 7 Media Player. But, on principle, I did not install the infamous KB971033 WAT update — for checking for pirated copies of Windows 7. In theory, I don’t have anything to worry about. I have a documented, legit OEM copy of Windows 7 Professional. But, I don’t trust Microsoft to get it right.

In preparation for tomorrow’s updates I just went and manually checked.

I had two IMPORTANT updates. One was KB971033. This time I clicked ‘Hide This Update.’ It went away. The other, supposedly important update, was KB915597 — the latest definitions for Windows Defender. These were first in two weeks. I accepted it and installed it. I haven’t run Defender yet. I don’t run it often. I have Avast 4.8 Professional and I take my chances with that.

So … right now … I have no more updates … KB971033 having been hidden.

So tomorrow I will check. I am UNLIKELY to install the updates tomorrow. I will check to see what happens. I will keep YOU posted.

My recommendation. WAIT. Hold your horses. Give it 72 hours. OK?

Good luck.

Anura Guruge

Read Full Post »

I had turned off Windows 7 updates on February 13, albeit after I installed the contentious batch of February 9 updates. I don’t get good vibes about what is happening on the Updates front, at present. Though WAT update, KB971033, hasn’t wreaked havoc, as yet, I don’t trust that one — and I have a bona fide, legit copy of Windows 7 Professional. I would not be surprised if KB971033 clobbers more users of valid copies of Windows 7 than it does those with pirated copies. That just seems to be the Microsoft way — just as, Ballmer looking best in drag.

Well, KB977863, specifically for the Windows 7 Media Player intrigued me. I have had problems with the Media Player from the start. It also appears that I am not alone and that Microsoft knew of these Media Player problems before Windows 7 was released. The bug fix list for KB977863 is rather esoteric — and didn’t list ‘FIXES the widely reported fails to start problem.’ But, I have a sneaking feeling that Microsoft might have snuck in some code to fix this basis problem — in much the same way that Ballmer likes to snuck about in drag. So, I went ahead and checked what updates were outstanding.

There were 8. Three were marked IMPORTANT, but one was the all too frequent update to Windows Defender. << This was actually the first Windows Defender update since Feb. 12. In the past we got these updates much more frequently, sometimes two in a week. >>

One was KB971033, which was marked optional. So I opted out of that.

I installed the other seven, successfully. They were: KB977863 [Media Player], KB976662, KB979306, KB915592 [Windows Defender], KB978637, KB979099 [Rights Management] & KB976264. Some of the ‘generic’ Windows 7 updates were for relatively innocuous issues such as incorrect daylight saving date calculation and sleep mode with some Intel processors. They didn’t look too scary.

With my book published and a 19-page technical White Paper on mainframe management I had to write, in a hurry, now done, I have some latitude with POTENTIAL system outages. On Thursday night we lost power for the whole night. High winds. We now have two generators. [As a mainframe guy I like redundant hardware.] I powered up the generators. Though I have UPSs, I decided not to power up this Windows 7 rig with its 720W power supply. Instead I cranked up one of XP machines. I could continue to work seamlessly on the White Paper (using copies backed up online and on an USB key). So I know I can go for a few days IF these updates screwed me up.

But, so far, so good. Yes, I had to do a restart.

I will keep you posted. Good luck.

Anura Guruge

Read Full Post »

Yes, I bit the bullet and did for YOU FOLKS.

I kept on checking last night and this morning … following yesterday’s report that someone using Windows 7 got clobbered once they installed the February 9 updates. But since then I could only find one other report of a problem. Though I am sure that MANY Windows 7 users have judiciously refrained from installing these updates, if there were innate problems related to Windows 7 we would have heard by now.

The Web is ablaze with reports that XP users really got clobbered with these updates. Microsoft even WITHDREW one of the XP updates! Nice move Microsoft. Real smooth. So they confirmed what I have always thought of them. No testing. Just throw the software over the wall. Joys of having no competition and having so much lobbying in D.C. that they know that the Feds will never look at them. Keep on saying to yourself, like a mantra, ‘Ballmer looks best in drag.’

OK. So far so good. That is not saying much.

I have a legit copy of 64-bit Windows 7 Professional installed from an OEM DVD that I got from newegg.com … on the day Windows 7 became available (Oct. 22, 2009). I had pre-ordered a few days earlier along with all the hardware to build a new system.

The updates require a restart. During the restart a screen comes up saying ‘Configuring the Updates.’ I was on tenterhooks. But, it said … ‘successful’ … and then restarted.

Since, being paranoid, I restarted again. SO FAR, SO GOOD.

It is up to YOU. YOU might want to hold out longer. I had to see if the updates would work with Windows 7. But, this was but one system. Doesn’t prove anything. So, if you are cool, MAYBE you should wait. All I can say is that it worked on this particular system.

Right now I have a few days ‘down time’ for the first time in 15 months. I finished my book, 322 pages, 150,000 words and send the PDFs to the printer Wednesday night. Had an email last night to say the proof copy is with FedEx. So, I would not have been totally out of my mind if this Windows 7 system got fried. I have two, maybe three, possibly four XP systems as backup … with all my files, backed up, up to date on them … as well as online (with GoDaddy). Did I tell you I am paranoid. So, I could have got by using XP until I got the Windows 7 system fixed.

IF you are interested here is a PREVIEW of the book. It is 11MB,so will take a few minutes to download.

No More Updates For ME Till April Fool’s

I have now TURNED OFF Windows Updates!

That is IT.

I do not want to be pestered with the February 16, 2010 WAT update for checking the validity of my Windows 7 copy. My copy is 100% legit, but I am not sure that Microsoft’s update will be legit. I just have a feeling that we might get another outcry.

I am fed up of the icons rotating on my Task Bar telling me I have updates. Leave me BE. I will check the Web to see what mayhem Microsoft is unleashing on us.

It now transpires that Microsoft ‘just’ discovered a major SSL/TLS bug on all versions of Windows. GREAT. SSL/TLS is what we all use when we ask for an encrypted session. So, Microsoft is now telling us that our encrypted sessions might be vulnerable.

‘Ballmer looks best in drag.’

On March 1 all the Release Candidate (RC) copies of Windows 7 will go into forced shutdowns. Many of the pirated copies of Windows 7 out there are based on RC code. Post March 1 we will have convulsions as the Windows 7 community gets bombarded with folks who will not understand why their systems are not working.

So it was time to batten down the hatches. I will of course keep you posted.

So, this was my strategy. Install the February 9 updates. Then turn off updates until at least April 1 and see what happens.

All the best. Good Luck.

Anura Guruge

Read Full Post »

I got 5 ‘important’ updates for Windows 7 Professional (64-bit) today — per the expected Windows Update blast. Four were security updates and the last was an update to the ‘Malicious Software Removal’ tool.

The updates numbers are: KB978262, KB971468, KB975560, KB978251, KB890830 — the latter being the ‘Malicious Software Removal’ tool update.

The first update, KB978262, has to do with ActiveX. It is ActiveX specific and MIGHT even just be applicable if you use Internet Explorer (IE). ‘Killbits’ is a Microsoft methodology for disabling the execution of ActiveX code.

KB971468 & KB978251 are both specific to ‘SMB’ (Server Message Block) an Internet file system protocol used for sharing files, printers and communications ports.

KB978251 has to do with AVI files.

From what I can see, there does not appear to be reports of these updates screwing up Windows 7.

But, it is possible that many have decided against installing them. It is still early days.

I am finding more and more outrage about KB977074. People are openly saying that KB977074 rather than enhancing Windows 7 stability actually made their systems more unstable. This is a shame.

I have not installed today’s updates. My recommendation is that YOU also postpone installation for a few days. I will update you again tomorrow. OK?

Good luck. All the best.


Anura Guruge

Read Full Post »

Older Posts »