{"id":17543,"date":"2020-01-24T14:30:07","date_gmt":"2020-01-24T22:30:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2020\/01\/24\/news-11278\/"},"modified":"2020-01-24T14:30:07","modified_gmt":"2020-01-24T22:30:07","slug":"news-11278","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2020\/01\/24\/news-11278\/","title":{"rendered":"Get the January 2020 Patch Tuesday patches installed"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Fri, 24 Jan 2020 13:27:00 -0800<\/strong><\/p>\n

This month has seen a whole lotta hand waving and sky-is-falling-caliber rhetoric, but the reality is much more prosaic. If you aren\u2019t running a major network (and thus aren\u2019t susceptible to the <\/span>imminent problems<\/span><\/a> with <\/span>Remote Desktop Gateway<\/span><\/a>, the <\/span>Citrix network bugs<\/span><\/a>\u00a0or the whopping <\/span>334 patches in Oracle<\/span><\/a>), there\u2019s been little reason to install this month\u2019s updates.\u00a0<\/span><\/p>\n

Still, work on cracking the CurveBall <\/span>CVE-2020-0601 security hole<\/span><\/a> continues at a furious pace. Some security companies are using CurveBall to sell more product, but the free Microsoft Defender catches at least some afflicted programs; Firefox, Chrome and Edge won\u2019t fall for it; and pre-Win10 versions of Windows (Seven Semper Fi!) have never been exposed.<\/span><\/p>\n

With several working proof-of-concept routines readily available\u00a0\u2014 but no attacks, and indeed no sign that a general attack is imminent \u2014 patching for CurveBall falls in the \u201cabundance of caution\u201d bucket. Since we\u2019ve seen few weird problems with the January patches, now seems like a good time to get patched up.<\/span><\/p>\n

As usual, Patch Lady Susan Bradley has a detailed analysis in her <\/span>Patch Watch column<\/span><\/a> with a full patch-by-patch reckoning in her <\/span>Master Patch List<\/span><\/a> (paywall; donation requested).<\/span><\/p>\n

Here\u2019s how to get your system updated the (relatively) safe way.<\/span><\/p>\n

Make a full system image backup before you install the latest patches.<\/span><\/p>\n

There\u2019s a non-zero chance that the patches \u2014 even the latest, greatest patches of patches of patches \u2014 will hose your machine. Best to have a backup that you can reinstall even if your machine refuses to boot. This, in addition to the usual need for System Restore points.<\/span><\/p>\n

There are plenty of full-image backup products, including at least two good free ones:<\/span> Macrium Reflect Free<\/span><\/a> and<\/span> EaseUS Todo Backup<\/span><\/a>.\u00a0<\/span><\/p>\n

This is the last month we\u2019ll see free Win7 patches\u00a0\u2014 or so we\u2019ve been promised. (I find it hard to believe that Microsoft won\u2019t patch the Win7 Internet Explorer JScript <\/span>security hole CVE-2020-0674<\/span><\/a>, but Microsoft, eh?) <\/span><\/p>\n

As for those of you Win7 holdouts worried about sprouting a black wallpaper due to the Win7 January “Stretch” bug<\/a>, Microsoft <\/span>now advises<\/span><\/a>:<\/span><\/p>\n

We are working on a resolution and will provide an update in an upcoming release for organizations who have purchased Windows 7<\/span> Extended Security Updates (ESU)<\/span><\/a>.<\/span><\/p>\n

Nice guys.\u00a0<\/span><\/p>\n

Bottom line, for you Win7 folks: Do yourself a favor and change your wallpaper so it isn\u2019t Stretched, before installing the buggy January patch. Follow Lawrence Abrams\u2019s<\/span> instructions on BleepingComputer<\/span><\/a>.<\/span><\/p>\n

Microsoft is blocking updates to Windows 7 and 8.1 on recent computers. If you are running Windows 7 or 8.1 on a PC that\u2019s 24 months old or newer, follow the instructions in<\/span> AKB 2000006<\/span><\/a> or<\/span> @MrBrian\u2019s summary of @radosuaf\u2019s method<\/span><\/a> to make sure you can use Windows Update to get updates applied.<\/span><\/p>\n

For most Windows 7 and 8.1 users, I recommend following<\/span> AKB 2000004: How to apply the Win7 and 8.1 Monthly Rollups<\/span><\/a>. You should have one Windows patch, dated Jan. 14 (the Patch Tuesday patch). If you see a Monthly Rollup Preview, ignore it.<\/span><\/p>\n

If you insist on manually installing Security-only patches for Win7 and Server 2008 (I call that the \u201cGroup B\u201d approach on AskWoody), get the full list from @PKCano <\/span>on the AskWoody site<\/span><\/a>. If in doubt, ask questions on the site! It\u2019s easy and free.<\/span><\/p>\n

Realize that some or all of the expected patches for January may not show up or, if they do show up, may not be checked. DON’T CHECK any unchecked patches. Unless you’re very sure of yourself, DON’T GO LOOKING for additional patches. In particular, if you install the January Monthly Rollup, you won\u2019t need (and probably won\u2019t see) the concomitant patches for December. Don’t mess with Mother Microsoft.<\/span><\/p>\n

If you see<\/span> KB 4493132<\/span><\/a>, the \u201cGet Windows 10\u201d nag patch, make sure it\u2019s unchecked.<\/span><\/p>\n

Watch out for driver updates \u2014 you\u2019re far better off getting them from a manufacturer\u2019s website.<\/span><\/p>\n

After you\u2019ve installed the latest Monthly Rollup, if you\u2019re intent on minimizing Microsoft\u2019s snooping, run through the steps in<\/span> AKB 2000007: Turning off the worst Win7 and 8.1 snooping<\/span><\/a>. If you want to thoroughly cut out the telemetry, see @abbodi86\u2019s detailed instructions in<\/span> AKB 2000012: How To Neutralize Telemetry and Sustain Windows 7 and 8.1 Monthly Rollup Model<\/span><\/a>.<\/span><\/p>\n

If you\u2019re worried about Windows 7 hitting end-of-support, don\u2019t be alarmed. The first missed security patch isn’t until next month. Besides, you have lots of alternatives, and not all of them involve Windows. We watch your options intently in the <\/span>Seven Semper Fi series<\/span><\/a> on AskWoody.<\/span><\/p>\n

If you\u2019re running Win10 version 1803, 1809, Server 1809, Server 2019, or any earlier version of Windows 10, I urge you to upgrade to Win10 version 1903. (You can find your version by typing <\/span>winver <\/span><\/i>in the Search box in the lower left corner and pressing Enter.) There are detailed instructions in the article <\/span>Why \u2014 and how \u2014 I\u2019m moving Win10 production machines to version 1903<\/span><\/a>.<\/span><\/p>\n

Win10 1903 is far from perfect, but it seems to be relatively stable at this point. The one huge advantage to version 1903: It lets everybody pause updates with a few simple clicks. That feature has my vote for the most important (perhaps <\/span>the only<\/i><\/strong> important) upgrade to Win10 in the past four years.<\/span><\/p>\n

If you insist on using Win10 version 1809, go through the steps in <\/span>All\u2019s clear to install Microsoft\u2019s November patches<\/span><\/a> to get 1809 updated. If you\u2019re on Win10 1909, I figure you\u2019ve jumped the gun, but the following instructions will work.<\/span><\/p>\n

If you\u2019ve been following <\/span>my usual advice<\/span><\/a>\u00a0\u2014 to click \u201cPause updates for 7 days\u201d three times\u00a0\u2014 your machine is probably waiting further instructions, displaying an \u201cUpdates paused\u201d notice in the Windows Update pane (Start > Settings (the gear icon) > Update & Security > Windows Update). If you see that updates have been paused, click “Resume updates.” Windows will go out and install the January cumulative update, plus any other ancillary patches (for example, for .Net) that you require.<\/span><\/p>\n

I\u2019m very happy to say that clicking \u201cResume updates\u201d will not automatically move you to Win10 version 1909. In order to move to the next version\u00a0\u2014 which continues to <\/span>suffer from bugs<\/span><\/a>, most notably the File Explorer Search bug\u00a0\u2014 you need to click a link that says, “Download and install now.” Don\u2019t click it.<\/span><\/p>\n

Once you\u2019re updated and rebooted, pause updates for 28 days: Click Start > Settings > Update & Security. Click Windows Update on the left side, then click \u201cPause updates for 7 days.\u201d Next, click on the newly revealed link, which says \u201cPause updates for 7 more days,\u201d and click it again, and one last time, for a total of four clicks. That pauses all updates for 28 days, until Feb. 21. With a little luck that\u2019ll be long enough for Microsoft to fix any bugs it introduces in February.<\/span><\/p>\n

If you see an offer of an Optional update (screenshot), don\u2019t click Download and install now. There\u2019s a reason why Microsoft deems such patches \u201coptional.\u201d<\/span><\/p>\n

February\u2019s Patch Tuesday is on the 11th. That\u2019ll be the first day Win7 users will miss a security update (unless they pay for it). Expect much hand wringing and clucking, but not many fireworks.<\/span><\/p>\n

Thanks to the dozens of volunteers on AskWoody who contribute mightily, especially @sb, @PKCano, @abbodi86 and many others.<\/span><\/i><\/p>\n

We\u2019ve moved to MS-DEFCON 3 on the<\/span><\/i> AskWoody Lounge<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Fri, 24 Jan 2020 13:27:00 -0800<\/strong><\/p>\n

\n
\n

This month has seen a whole lotta hand waving and sky-is-falling-caliber rhetoric, but the reality is much more prosaic. If you aren\u2019t running a major network (and thus aren\u2019t susceptible to the <\/span>imminent problems<\/span><\/a> with <\/span>Remote Desktop Gateway<\/span><\/a>, the <\/span>Citrix network bugs<\/span><\/a>\u00a0or the whopping <\/span>334 patches in Oracle<\/span><\/a>), there\u2019s been little reason to install this month\u2019s updates.\u00a0<\/span><\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[10516,714,10525],"class_list":["post-17543","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-microsoft","tag-security","tag-windows"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17543","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17543"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17543\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17543"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17543"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17543"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}