{"id":12714,"date":"2018-07-02T06:30:13","date_gmt":"2018-07-02T14:30:13","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/07\/02\/news-6482\/"},"modified":"2018-07-02T06:30:13","modified_gmt":"2018-07-02T14:30:13","slug":"news-6482","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2018\/07\/02\/news-6482\/","title":{"rendered":"Get the Microsoft June patches applied, but watch out for Win7 NICs and old antivirus"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Mon, 02 Jul 2018 07:05:00 -0700<\/strong><\/p>\n

Windows 7 customers should be on the lookout for a couple of, uh, challenges this month, as the Win10 1803 trail of tears continues and Win10 1709 finally looks pretty solid.<\/span><\/p>\n

First, the good news. If you installed last month\u2019s Win7\/Server 2008R2 patches and your network connections didn\u2019t go kablooey, you\u2019re almost undoubtedly OK to proceed with this month\u2019s patches.<\/span><\/p>\n

On the other hand, if you\u2019ve been waiting to install patches on your Win7 or Server 2008R2 machine, you need to be aware of a bug that Microsoft has acknowledged. It was introduced by a patch back in March, according to the KB articles, and hasn\u2019t been fixed yet:<\/span><\/p>\n

Symptom<\/strong>: There is an issue with Windows and third-party software that is related to a missing file (<\/span>oem<number>.inf<\/span><\/i>). Because of this issue, after you apply this update, the network interface controller will stop working.<\/span><\/p>\n

Workaround<\/strong>: 1.To locate the network device, launch devmgmt.msc; it may appear under Other Devices. <\/span><\/p>\n

2. To automatically rediscover the NIC and install drivers, select <\/span>Scan for Hardware Changes<\/strong> from the Action menu. <\/span><\/p>\n

a. Alternatively, install the drivers for the network device by right-clicking the device and selecting <\/span>Update<\/strong>.<\/span> Then select <\/span>Search automatically for updated driver software<\/strong> or <\/span>Browse my computer for driver software<\/strong>.<\/span><\/p>\n

That\u2019s a bizarre, convoluted series of steps. Microsoft still hasn\u2019t confirmed which third-party software is at fault. <\/span><\/p>\n

If you\u2019re worried that installing this month\u2019s updates will clobber your network interface card, make sure you take a full backup before installing the updates. You can also take <\/span>@GoneToPlaid\u2019s advice<\/a> and edit certain registry entries in advance.<\/span><\/p>\n

Older Win7 machines don\u2019t get no respect.<\/span><\/p>\n

First, we had Microsoft\u2019s decision to <\/span>end support for Pentium III processors<\/span><\/a>\u00a0\u2014 an undocumented change accompanied by doctored KB articles that hide the promises that were made. The Microsoft blogosphere responded with a yawn: Even though Microsoft repeatedly promised to support the processors, they\u2019re really old (vintage 2002). You shouldn\u2019t be running Windows on old processors anyway. <\/span><\/p>\n

Now there\u2019s strong evidence that Windows Defender updates aren\u2019t getting out. G\u00fcnter Born has the details on his <\/span>Born City blog<\/span><\/a>, and Vess Bontchev confirms on Twitter:<\/span><\/p>\n

Windows Update no longer updates Windows Defender on Windows 7 machines, yo. Last such update was on June 18. Nothing changed at my end firewall- or installation-wise. It’s Microsoft’s doing.<\/span><\/p>\n

Just like the Pentium III, Windows Defender is ancient technology, baked into the original Windows 7, and long since superseded by the (free!) <\/span>Microsoft Security Essentials<\/span><\/a>, which does much more than Defender. Many older Win7 machines <\/span>still run Windows Defender<\/span><\/a>, though, and even though updates are being released by Microsoft, they somehow aren\u2019t getting through. Speculation has it that Microsoft\u2019s servers are broken.<\/span><\/p>\n

When you apply Win7 updates this month, check to see if you have Windows Defender enabled and, if so, get Microsoft Security Essentials.<\/span><\/p>\n

If you\u2019re stuck in Win10 April 2018 Update \u2014 the <\/span>notoriously buggy<\/span><\/a> version 1803 \u2014 you need to get last week\u2019s latest cumulative update, <\/span>KB 4284848<\/span><\/a>. It arrives with a servicing stack update, KB 4132650, which you only need to jiggle if you manually install updates.<\/span><\/p>\n

Here\u2019s what gets me about 1803. Microsoft declared it to be <\/span>ready for business deployment<\/span><\/a> six weeks ago. But if you listen to people who work with Windows all the time, it ain\u2019t necessarily so. The same experts who tout the benefits of 1803 (of which there are few, if any) also come up with statements like \u201cAfter I installed this month\u2019s Surface firmware patches, 1803 is suddenly usable\u201d and \u201cThe latest 1803 patches finally fixed so-and-so.\u201d<\/span><\/p>\n

1803 isn\u2019t ready for prime time<\/a><\/strong>.<\/strong> If you want to beta-test 1803, go right ahead, but remember that you can <\/span>roll it back<\/span><\/a>, if you do so within 10 days of installing it. It appears as if the only way to avoid having your Win10 machine pushed to Win10 version 1803, is to use the metered connection kludge with wushowhide, which I discuss in<\/span> How to block the Windows 10 April 2018 Update, version 1803, from installing<\/span><\/a>. In addition, Pro\/Enterprise users should set the feature update deferral (Step 3 in that discussion) to 365 days.<\/span><\/p>\n

I don\u2019t believe for a moment the Ad Duplex claim that 78% of all Windows 10 PCs are <\/span>running version 1803<\/span><\/a>. But the squeeze is on. 1703 and 1709 are both relatively stable. Win 8.1 remains the most stable Windows of all \u2014 most likely because Microsoft isn\u2019t trying to \u201cfix\u201d it as much as the others.<\/span><\/p>\n

Susan Bradley\u2019s <\/span>Master Patchlist<\/span><\/a> shows that the June patches look clean, although the official <\/span>Fixes or workarounds articles <\/span><\/a>for Office include many specific problems and a few possible solutions.<\/span><\/p>\n

Ready to take a chance on messing up your NIC? Here\u2019s how to proceed. The patching pattern should be familiar to many of you.<\/span><\/p>\n

There\u2019s a non-zero chance that the patches \u2014 even the latest, greatest patches of patches of patches \u2014 will hose your machine. Best to have a backup that you can reinstall even if your machine refuses to boot. This, in addition to the usual need for System Restore points.<\/span><\/p>\n

There are plenty of full-image backup products, including at least two good free ones:<\/span> Macrium Reflect Free<\/span><\/a> and<\/span> EaseUS Todo Backup<\/span><\/a>. For Win 7 users, If you aren\u2019t making backups regularly, take a look at this <\/span>thread started by Cybertooth<\/span><\/a> for details. You have good options, both free and not-so-free.<\/span><\/p>\n

Microsoft is blocking updates to Windows 7 and 8.1 on recent computers. If you are running Windows 7 or 8.1 on a PC that\u2019s a year old or less, follow the instructions in<\/span> AKB 2000006<\/span><\/a> or<\/span> @MrBrian\u2019s summary of @radosuaf\u2019s method<\/span><\/a> to make sure you can use Windows Update to get updates applied.<\/span><\/p>\n

If you\u2019ve already installed any March, April or May updates, your network interface card should be immune to the latest slings and arrows. But if you haven\u2019t been keeping up on patches, see the discussion in the “<\/span>Win7\/Server 2008R2 network card bugs continue” section above to protect yourself.<\/span><\/p>\n

If you\u2019re very concerned about Microsoft\u2019s snooping on you and want to install just security patches, realize that the privacy path\u2019s getting more difficult. The old \u201cGroup B\u201d \u2014 security patches only \u2014 isn\u2019t dead, but it\u2019s no longer within the grasp of typical Windows customers. If you insist on manually installing security patches only, follow the instructions in @PKCano\u2019s<\/span> AKB 2000003<\/span><\/a> and be aware of<\/span> @MrBrian\u2019s recommendations<\/span><\/a> for hiding any unwanted patches.<\/span><\/p>\n

For most Windows 7 and 8.1 users, I recommend following<\/span> AKB 2000004: How to apply the Win7 and 8.1 Monthly Rollups<\/span><\/a>. Realize that some or all of the expected patches for June may not show up or, if they do show up, may not be checked. DON’T CHECK any unchecked patches. Unless you’re very sure of yourself, DON’T GO LOOKING for additional patches. That way thar be tygers. If you’re going to install the June patches, accept your lot in life, and don’t mess with Mother Microsoft.<\/span><\/p>\n

If you want to minimize Microsoft\u2019s snooping but still install all of the offered patches, turn off the Customer Experience Improvement Program (Step 1 of<\/span> AKB 2000007: Turning off the worst Windows 7 and 8.1 snooping<\/span><\/a>) before you install any patches. (Thx, @MrBrian.) If you see KB 2952664 (for Win7) or \u00a0its Win8.1 cohort, KB 2976978 \u2014 the patches that so helpfully make it easier to upgrade to Win10 \u2014 uncheck them and spread your machine with garlic. Watch out for driver updates \u2014 you\u2019re far better off getting them from a manufacturer\u2019s website.<\/span><\/p>\n

After you\u2019ve installed the latest Monthly Rollup, if you\u2019re intent on minimizing Microsoft\u2019s snooping, run through the steps in<\/span> AKB 2000007: Turning off the worst Win7 and 8.1 snooping<\/span><\/a>. Realize that <\/span>we don\u2019t know <\/i><\/strong>what information Microsoft collects on Window 7 and 8.1 machines. But I\u2019m starting to believe that information pushed to Microsoft\u2019s servers for Win7 owners is nearing equal to that pushed in Win10.<\/span><\/p>\n

If you\u2019re running Win10 Creators Update, <\/span>version 1703<\/strong> or <\/span>version 1709 <\/strong>(my current preference), and you want to stay on 1703 or 1709 and not get sucked into the 1803 pre-release vortex, follow the<\/span> instructions here<\/span><\/a> to ward off the upgrade. Of course, all bets are off if Microsoft, uh, <\/span>forgets to honor<\/span><\/a> its own settings. <\/span><\/p>\n

Remember: If you want to avoid 1803, don\u2019t click \u201cCheck for Updates\u201d until you\u2019ve gone through all the precautions <\/span>listed in this article<\/span><\/a>, including running wushowhide. If you forget, you may be <\/span>tossed in the seeker heap<\/span><\/a> and shuffled off to 1803 land.<\/span><\/p>\n

If you\u2019re running an earlier version of Win10, you\u2019re basically on your own. Microsoft doesn’t support you anymore.<\/span><\/p>\n

If you have trouble getting the latest cumulative update installed, make sure you\u2019ve checked your antivirus settings and, if all is well, run the<\/span> newly refurbished<\/span><\/a> Windows Update Troubleshooter<\/span><\/a> before inventing new epithets.<\/span><\/p>\n

To get Windows 10 patched, go through the steps in “<\/span>8 steps to install Windows 10 patches like a pro<\/span><\/a>.”<\/span><\/p>\n

Thanks to the dozens of volunteers on AskWoody who contribute mightily, especially @sb, @PKCano, @gborn, @GoneToPlaid, @Cybertooth and @MrBrian.<\/span><\/i><\/p>\n

We\u2019ve moved to MS-DEFCON 3 on the<\/span><\/i> AskWoody Lounge<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Mon, 02 Jul 2018 07:05:00 -0700<\/strong><\/p>\n

\n
\n

Windows 7 customers should be on the lookout for a couple of, uh, challenges this month, as the Win10 1803 trail of tears continues and Win10 1709 finally looks pretty solid.<\/span><\/p>\n

The Win7\/Server 2008R2 network card bugs continue<\/strong><\/h2>\n

First, the good news. If you installed last month\u2019s Win7\/Server 2008R2 patches and your network connections didn\u2019t go kablooey, you\u2019re almost undoubtedly OK to proceed with this month\u2019s patches.<\/span><\/p>\n

On the other hand, if you\u2019ve been waiting to install patches on your Win7 or Server 2008R2 machine, you need to be aware of a bug that Microsoft has acknowledged. It was introduced by a patch back in March, according to the KB articles, and hasn\u2019t been fixed yet:<\/span><\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714,10525],"class_list":["post-12714","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security","tag-windows"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12714","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12714"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12714\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12714"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12714"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12714"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}