![](\"https:\/\/images.techhive.com\/images\/article\/2016\/11\/windows-bug-100692311-large.3x2.jpg\"\/)
<\/p>\n
Credit to Author: Woody Leonhard| Date: Thu, 25 Jan 2018 10:00:00 -0800<\/strong><\/p>\n On the heels of a relatively benevolent December Patch Tuesday, the stream of patches pouring out of Microsoft (and Intel!) in January reached epic proportions. To be fair, it looks as if Microsoft got drawn into releasing its Meltdown\/Spectre barrage<\/a> early \u2013 on Jan. 3 \u2013 but they were so buggy they were withdrawn for AMD processors on Jan. 8<\/a>, and gradually re-released in phases over the next two weeks.<\/p>\n If you had Automatic Update turned on, and you\u2019re running an AMD machine that\u2019s more than a couple of years old, chances are good that you woke up to a blue screen, and restoring your system took two magic incantations and an Act of Congress. Tens of thousands \u2013 possibly hundreds of thousands \u2013 of AMD machines may have been bricked by this month\u2019s patches. But be of good cheer. Microsoft released\u00a0 KB 4073578<\/a> (\u201cUnbootable state for AMD devices in Windows 7 SP1 and Windows Server 2008 R2 SP1\u201d) and KB 4073576<\/a> (same for Win8.1 and Server 2012 R2) to fix your problem. Of course, you have to be able to boot your computer to install the updates.<\/p>\n Never mind.<\/p>\n Then there\u2019s .NET.<\/p>\n So far this month, we\u2019ve seen patches roll out like this:<\/p>\n That is an enormous pile of patches; even the folks who are paid to watch patches full time are confused.<\/p>\n Not to be outdone by Microsoft, Intel created mayhem by releasing, then yanking<\/a>, its Meltdown\/Spectre BIOS and UEFI firmware patches for almost every Intel computer<\/a> released in the past five years. Intel\u2019s documentation rivals that of Microsoft for ambiguity, hyperbole, and obfuscation.<\/p>\n Here are the latest links to BIOS\/UEFI Meltdown\/Spectre recall advice from the major hardware manufacturers:<\/p>\n If you have new information about any of those vendors, please let me know on the AskWoody Lounge<\/a>.<\/p>\n No matter which version of Windows you patch, you need to get your antivirus program<\/a> to signal to Windows that it\u2019s compatible with this month\u2019s updates.<\/p>\n The Win10 Fall Creators Update patch on Jan. 18<\/a> seems to have shaken out the major problems with Win10 1709<\/strong>.<\/p>\n The Win10 Creators Update patch on Jan. 17<\/a>, similarly, seems to fix the outstanding problems with this month\u2019s changes to Win10 1703<\/strong>. That patch, KB 4057144, has to be downloaded and installed manually.<\/p>\n The Win10 Anniversary Update patch on Jan. 17<\/a> \u2013 again, manual install only \u2013 fixes a bunch of bugs in Win10 1607<\/strong>, but it also clobbers Windows Defender Credential Guard (which you probably don\u2019t use<\/a>).<\/p>\n With the release of KB 4077561<\/a> on Jan. 24, Microsoft has fixed many of the acknowledged problems with this month\u2019s Monthly Rollup and Security-Only (manual installation) patches for Win7<\/strong> and Win8.1<\/strong>. That said, there\u2019s still a great deal of debate<\/a> about the proper installation sequence of patches, re-patches and old patches. As usual, Microsoft hasn\u2019t said anything.<\/p>\n This looks like a mess. You can get the details in my Jan. 19 column<\/a>, but the basic idea is that the original .NET patches for .NET 4.6\/4.6.1\/4.6.2\/4.7\/4.7.1 were all bad, and have to be augmented by additional patches. The font problems<\/a> in the original patches have been fixed in general, but only if you install these latest patches<\/a>.<\/p>\n Then there\u2019s the Fixit tool KB 4074906<\/a> that fixes \u201cWindows Presentation Foundation (WPF) applications that request a fallback font or a character that is not included in the currently selected font.\u201d<\/p>\n It appears as if the Office 2016 patch KB 3178662 throws an installation error<\/a> 0x8007006e. The Office folks, who are usually good about acknowledging problems, haven\u2019t picked this one up yet. Solution? Uninstall “Microsoft Office Proofing Tools Kit Compilation 2016.\u201d<\/p>\n There\u2019s a laundry list<\/a> of acknowledged problems with Outlook: To-Do Bar and Task List view not displaying events; Unable to “Save All Attachments” to a shared network drive; No Search results found when using All Mailboxes; Find Related option does not show results; Outlook 2010 will not start on WinXP after January updates. The bug that prevented Outlook 2016 from forwarding files attached to text messages was fixed on Jan. 24.<\/p>\n Wait.<\/p>\n If you have an irresistible urge to click \u201cEnable Edits\u201d on bogus Word documents, you can disable Equation Editor<\/a> with a quick registry hack. Other than that, as long as you don\u2019t use IE or Edge, there\u2019s absolutely no reason to dive into the roiling mess of January updates.<\/p>\n In spite of the \u201cSky is falling\u201d screams online, there\u2019s no sign a single PC has been compromised by the Meltdown or Spectre vulnerabilities. Contrast that to the multitudes of machines that\u2019ve been bricked by bad patches, and the untold users wondering why they have to unwind this month\u2019s firmware updates.<\/p>\n The long and short of it: If you installed any of this month\u2019s patches from Microsoft or your PC manufacturer, you joined the swelling ranks of unpaid beta testers. If your machine\u2019s still working, thank your lucky stars.<\/p>\n There\u2019s a reason why I recommend you turn off Automatic Update and wait<\/a> for carnage to clear before installing the latest missives.<\/p>\n Group therapy for patchers continues on the <\/em>AskWoody Lounge<\/em><\/a>.<\/em><\/p>\n http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" Credit to Author: Woody Leonhard| Date: Thu, 25 Jan 2018 10:00:00 -0800<\/strong><\/p>\n On the heels of a relatively benevolent December Patch Tuesday, the stream of patches pouring out of Microsoft (and Intel!) in January reached epic proportions. To be fair, it looks as if Microsoft got drawn into releasing its Meltdown\/Spectre barrage<\/a> early \u2013 on Jan. 3 \u2013 but they were so buggy they were withdrawn for AMD processors on Jan. 8<\/a>, and gradually re-released in phases over the next two weeks.<\/p>\n<\/p>\n