Is it time to install Microsoft’s January updates? (Yes.)

Credit to Author: Susan Bradley| Date: Mon, 01 Feb 2021 06:32:00 -0800

Some people can’t wait for a new version of Windows 10. They sign up for insider editions and eagerly watch for the next release.

I’m exactly the opposite of that.

I wait and make sure the version of Windows 10 that I’m using is fully compatible with my applications and I have time to deal with any side effects. My philosophy with security updates is the same; I don’t install them right away. (Though I do install them every month without fail.) If you haven’t yet installed the January updates, do so as soon as possible.

The major update that I warned about last month was KB4535680, which was offered up to Windows Server 2012 x64-bit; Windows Server 2012 R2 x64-bit; Windows 8.1 x64-bit; Windows Server 2016 x64-bit; Windows Server 2019 x64-bit; Windows 10, version 1607 x64-bit; Windows 10; version 1803 x64-bit; Windows 10, version 1809 x64-bit; and Windows 10, version 1909 x64-bit systems.

To read this article in full, please click here

Read more

Decoding Microsoft Defender’s hidden settings

Credit to Author: Susan Bradley| Date: Mon, 25 Jan 2021 06:45:00 -0800

Ask someone what antivirus software they use and you’ll probably get a near-religious argument about which one they have installed. Antivirus choices are often about what we trust — or don’t — on our operating system. I’ve seen some Windows users indicate they would rather have a third-party vendor watch over and protect their systems. Others, like me, view antivirus software as less important these days; it matters more that your antivirus vendor can handle windows updating properly and won’t cause issues.

Still others rely on Microsoft Defender. It’s been around in one form or another since Windows XP.

To read this article in full, please click here

Read more

The end-of-the-year patching all-clear

Credit to Author: Susan Bradley| Date: Mon, 28 Dec 2020 05:26:00 -0800

It’s that time of the month to give the final 2020 all-clear for installing updates.

Microsoft has already fixed the issue with KB4592438 for Windows 10 20H2 and 2004, where if you were lucky, or rather, unlucky enough to perform a chkdsk c: /f on your system after installing the December updates you might have been forced to rebuild your system — not exactly the greatest holiday present from Microsoft.  As I noted last week, this issue was fixed with a cryptic behind-the-scenes update for those who get their updates from Windows update. 

To read this article in full, please click here

Read more

The patching conundrum: When is good enough good enough?

Credit to Author: Susan Bradley| Date: Wed, 23 Dec 2020 03:00:00 -0800

As Günter Born recently reported at Born’s Tech and Windows World, KB4592438 has a bug that triggers a blue screen of death when you run the chkdsk c: /f command, leaving the hardware unable to boot. Several others confirmed the issue independently in the various venues and forums. Still others graciously decided to risk their systems and install the update and when they ran the command had zero issues. I tested it myself and also didn’t see a blue screen of death.

To read this article in full, please click here

Read more

December Patch Tuesday round-up: Winding down for the year

Credit to Author: Susan Bradley| Date: Wed, 09 Dec 2020 10:10:00 -0800

At last, we have the final updates for 2020 from Microsoft. For anyone keeping count, we ended up with 1,250 CVEs (Common Vulnerabilities and Exposures) for the year. That’s almost 50% more than the 800 we had to deal with in 2019. Given the way we get updates delivered in a cumulative fashion, I don’t think of it as about the number of vulnerabilities; I think more about how many times I had to deal with post-release issues in 2020. I’ll recap the year’s major patching issues later this month. For now, I’ll summarize the issues to watch out for in December.

First, a reminder if you’re running Windows 10 1903: This is the last official release for that version. You must be on Windows 10 1909 (or later) to continue to receive security updates. In the past, I have recommended setting the deferral for feature updates for 365 days. Now, I recommend using the targetreleaseversion setting to specify the exact feature release version you want. So if you set the value at 1909, you’ll receive 1909; if you set it at 2004 — even if you are on 1903 — you’ll get offered 2004, not 1909. (For Windows 10 Home users, I continue to recommend you upgrade from Home to Professional to better control updates.) 

To read this article in full, please click here

Read more

It's December patch prep time

Credit to Author: Susan Bradley| Date: Tue, 01 Dec 2020 03:00:00 -0800

It’s the final patching month for 2020 — and what a year it’s been. Two more Windows 10 feature releases, numerous servicing stack updates, the end of Office 2010, the pandemic — this has been a year when technology has driven us slightly crazy, and kept us sane. 

The first Tuesday of the month is the start of my Patching month and serves as a reminder to make sure my machines have all of the mandatory patches installed for November — and I’m ready to pause updates for December. We will not see any optional updates at the end of the month; Microsoft has indicated it will not be releasing the optional preview updates for Windows 10 that they would normally arrive during the third week of December.

To read this article in full, please click here

Read more

A pre-Thanksgiving all-clear to install patches

Credit to Author: Susan Bradley| Date: Mon, 23 Nov 2020 10:43:00 -0800

In the U.S., we’re quickly coming up to the start of holiday season, meaning it’s time for, well, time off. I typically add technology maintenance jobs to the monthly mix of patching and maintaining servers and workstations. This month, I’m also taking time to better understand the impact of one specific security bulletin — I honestly can’t figure out exactly what I’m supposed to do to keep my network secure. 

The good news: for most readers, none of these concerns apply to you. I’m ready to give the all-clear to go ahead and install Microsoft’s November updates on laptops, desktops and workstations — especially if you are running the Windows 10 1909 feature release. That said, do your Thanksgiving Zoom get-together first and then install any updates. I’d hate to have you see nothing but the spinning wheel of Windows updates instead of your family and friends.

To read this article in full, please click here

Read more

Deciphering (and understanding) Microsoft’s patch management options

Credit to Author: Susan Bradley| Date: Thu, 19 Nov 2020 08:06:00 -0800

If you asked a normal user what they dislike most about Windows 10, the answer would likely be related to patching, rebooting and the generally confusing update process. Entire web sites have sections devoted to explaining the updating process and how to manage it — and I’ve written my fair share about the topic. 

In addition to writing about Microsoft patches here (and about Windows security for CSO), I’m also a moderator on the Patchmanagement.org listserve. We have many people who rely on various patching tools to deploy updates and maintain workstations.  There are a number of options, so it’s important to understand how they work (and how they vary) so you can get the most out of them.

To read this article in full, please click here

Read more