Monday, April 29, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld Independent 

Win7/8.1/Server patch conflicts abated, somewhat, but it’s still too early to install the April crop

admin , ,

Credit to Author: Woody Leonhard| Date: Tue, 16 Apr 2019 08:02:00 -0700

A week ago, Microsoft released six patches that brought many machines to their knees. As I explained last Friday, when the dust cleared, it was apparent that all six of these April patches:

would trigger blue screens on reboot on most systems running Sophos antivirus products, and many systems running AV products from Avast and Avira.

We now have updates from two of the three AV companies:

Microsoft says that it’s still blocking the six bad actors from installing on computers with Sophos Endpoint installed. There’s no similar advice for Avast.

Oddly, the advisory page for Avira now comes up with a “page not found.” Yet Microsoft continues to contend, “Microsoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing this update.”

You may recall that Avira, alone among the three, also claimed that installing this month’s first cumulative update for Win10 version 1809, KB 4493509, slowed machines down to the point they’re unusable. No official word on that claim at this point.

Speaking of slowdowns, a small Polish AV company called ArcaBit has seen the error of its ways. Microsoft has modified its KB articles for the Win7 and 8.1 Monthly Rollups, and for the Win10 1809 first April cumulative update to say:

Microsoft and ArcaBit have identified an issue on devices with ArcaBit antivirus software installed that may cause the system to become unresponsive upon restart after installing this update. ArcaBit has released an update to address this issue.

Although the linked ArcaBit article has been pulled. Oddly (there’s that word again), there’s no analogous warning for the Win7 or 8.1 Security-only patches, or for the Server patches.

Where does that leave us, a week later?

I’m still astounded by the indifference. Any way you slice it, whoever made the decision to release this month’s six Win7, 8.1, and Server patches either:

I have a hard time deciding which is worse.

I continue to recommend that you hold off on the April patches.

We’re following the situation intently on AskWoody.

http://www.computerworld.com/category/security/index.rss