If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#16
|
|||
|
|||
Should I install KB4056894
On 07/02/2018 15:23, Paul wrote:
Brian Gregory wrote: On 07/02/2018 03:40, Maurice Helwig wrote: On 7/02/2018 11:28 AM, Brian Gregory wrote: On 05/02/2018 23:17, Maurice Helwig wrote: Well it is now February 6 th. Should I install KB4056894. What is everyone doing other than waiting. If I hide the update will it be presented again or included in the February update rollup. I look after 6 computers besides my own and I do not need problems. Any suggestions would be appreciated. Why are you expecting problems?? Distinct possibility -- read https://www.askwoody.com/category/mi...ches-security/ I do mot Trust MS updates anymore. I do not trust Woody. You don't have to trust Woody. What you do have to trust, is the evidence trail. When "Cameo" here got bricked on an update to his AMD system, what words of condolence would you offer "Cameo" ? "MS is always right" ? Well, obviously not. Â*Â* Paul But the OP never mentioned AMD. If he was expecting trouble because he had an ancient AMD processor he should have said so. Woody isn't going to tell me what processor the OP has and a lot of what he writes doesn't really read to me like he's really that knowledgable. -- Brian Gregory (in England). |
Ads |
#17
|
|||
|
|||
Should I install KB4056894
Brian Gregory wrote:
On 07/02/2018 15:23, Paul wrote: Brian Gregory wrote: On 07/02/2018 03:40, Maurice Helwig wrote: On 7/02/2018 11:28 AM, Brian Gregory wrote: On 05/02/2018 23:17, Maurice Helwig wrote: Well it is now February 6 th. Should I install KB4056894. What is everyone doing other than waiting. If I hide the update will it be presented again or included in the February update rollup. I look after 6 computers besides my own and I do not need problems. Any suggestions would be appreciated. Why are you expecting problems?? Distinct possibility -- read https://www.askwoody.com/category/mi...ches-security/ I do mot Trust MS updates anymore. I do not trust Woody. You don't have to trust Woody. What you do have to trust, is the evidence trail. When "Cameo" here got bricked on an update to his AMD system, what words of condolence would you offer "Cameo" ? "MS is always right" ? Well, obviously not. Paul But the OP never mentioned AMD. If he was expecting trouble because he had an ancient AMD processor he should have said so. Woody isn't going to tell me what processor the OP has and a lot of what he writes doesn't really read to me like he's really that knowledgable. At the time that the update bricked that system, the "word" was not out yet. There weren't enough systems bricked at that point, to shout a warning. I only caught wind of the issue, later in the day, when I could see a thread on the web full of tales of woe. This is why *you can't be in a rush to get updates*. Let them cool off. Wait a few half-lives until the radioactivity level drops. Then eat one :-) Paul |
#18
|
|||
|
|||
Should I install KB4056894
On 08/02/2018 01:34, Paul wrote:
Brian Gregory wrote: On 07/02/2018 15:23, Paul wrote: Brian Gregory wrote: On 07/02/2018 03:40, Maurice Helwig wrote: On 7/02/2018 11:28 AM, Brian Gregory wrote: On 05/02/2018 23:17, Maurice Helwig wrote: Well it is now February 6 th. Should I install KB4056894. What is everyone doing other than waiting. If I hide the update will it be presented again or included in the February update rollup. I look after 6 computers besides my own and I do not need problems. Any suggestions would be appreciated. Why are you expecting problems?? Distinct possibility -- read https://www.askwoody.com/category/mi...ches-security/ I do mot Trust MS updates anymore. I do not trust Woody. You don't have to trust Woody. What you do have to trust, is the evidence trail. When "Cameo" here got bricked on an update to his AMD system, what words of condolence would you offer "Cameo" ? "MS is always right" ? Well, obviously not. Â*Â*Â* Paul But the OP never mentioned AMD. If he was expecting trouble because he had an ancient AMD processor he should have said so. Woody isn't going to tell me what processor the OP has and a lot of what he writes doesn't really read to me like he's really that knowledgable. At the time that the update bricked that system, the "word" was not out yet. There weren't enough systems bricked at that point, to shout a warning. I only caught wind of the issue, later in the day, when I could see a thread on the web full of tales of woe. This is why *you can't be in a rush to get updates*. Let them cool off. Wait a few half-lives until the radioactivity level drops. Then eat one :-) Â*Â* Paul But KB4056894 was issued around 4 weeks ago. -- Brian Gregory (in England). |
#19
|
|||
|
|||
Should I install KB4056894
Brian Gregory wrote:
On 08/02/2018 01:34, Paul wrote: Brian Gregory wrote: On 07/02/2018 15:23, Paul wrote: Brian Gregory wrote: On 07/02/2018 03:40, Maurice Helwig wrote: On 7/02/2018 11:28 AM, Brian Gregory wrote: On 05/02/2018 23:17, Maurice Helwig wrote: Well it is now February 6 th. Should I install KB4056894. What is everyone doing other than waiting. If I hide the update will it be presented again or included in the February update rollup. I look after 6 computers besides my own and I do not need problems. Any suggestions would be appreciated. Why are you expecting problems?? Distinct possibility -- read https://www.askwoody.com/category/mi...ches-security/ I do mot Trust MS updates anymore. I do not trust Woody. You don't have to trust Woody. What you do have to trust, is the evidence trail. When "Cameo" here got bricked on an update to his AMD system, what words of condolence would you offer "Cameo" ? "MS is always right" ? Well, obviously not. Paul But the OP never mentioned AMD. If he was expecting trouble because he had an ancient AMD processor he should have said so. Woody isn't going to tell me what processor the OP has and a lot of what he writes doesn't really read to me like he's really that knowledgable. At the time that the update bricked that system, the "word" was not out yet. There weren't enough systems bricked at that point, to shout a warning. I only caught wind of the issue, later in the day, when I could see a thread on the web full of tales of woe. This is why *you can't be in a rush to get updates*. Let them cool off. Wait a few half-lives until the radioactivity level drops. Then eat one :-) Paul But KB4056894 was issued around 4 weeks ago. Well sure. And additional updates have been issued to counteract the bad one. Rather than just pulling the bad one and renumbering it. Why did they do it that way ? And at the moment, it appears that at least some of the Meltdown/Spectre patching has been switched off. I think the browser mitigations (removal of Javascript timing attack), those are safe to leave in place. But it's not at all clear, what other ones are still present. I supposed I could run the Powershell script that reports which ones are active and see. That's if I cared... I've wasted enough time trying to keep up with this issue, and it's just not worth it. The only people who really need to watch this one, are cloud providers who rent computer time (Amazon EC2). As they have to be ready for anything, and they get sued if there is trouble. There's no reason to panic (yet) on the home front. And I agree with the "issued around 4 weeks ago" comment - that's sufficient time for the suckers to test a patch, brick a machine, Microsoft responds, pulls patches or issues new patches. And then it's OK for others to partake. Until the next Cumulative comes in, and the shell game starts all over again. As long as the QA is being done on the backs of actual users, we have to *watch watch watch what we're doing*. For a Windows 7 user (the topic of this group), I do not recommend leaving Windows Update in Auto mode. It should be switched off, and you click the "Check for Updates" button when the coast is clear. And you've taken whatever precautions are deemed prudent for that month. (If you see "brickage", do a backup!) Paul |
#20
|
|||
|
|||
Should I install KB4056894
"Brian Gregory" wrote
| This is why *you can't be in a rush to get updates*. | Let them cool off. Wait a few half-lives until the | radioactivity level drops. Then eat one :-) | | But KB4056894 was issued around 4 weeks ago. | You keep making it sound like the OP is somehow daffy for being cautious. If you want to trust Microsoft's dripfeed that's your choice, but you have no rational basis for doing so. Buggy patches are common. People have been trained to think that they're about to be attacked if they go one day without the dripfeed. That's a gross distortion. In fact, the dripfeed is a destabilizing, high-risk way to manage software. (I don't enable Windows Update on any of my computers. I installed the "SP2" rollup only long after it came out. I also haven't had any malware problems.) Vulnerabilities are constant. Yet most people enable javascript in the browser and shop online with credit cards. They think Microsoft and/or Dr. Norton are protecting them. They're not. And what's the rush? Exploits of Meltdown and Spectre are just now being developed. As they do, even on Intel they'll still require the running of local software in order to read data from other running software. So we're really talking about script exploits in browsers, trying to steal credit card input or passwords from other pages you have open. A very longshot risk that's easily avoided. There are easier ways to hack your computer, starting with Flash, Java, Acrobat Reader, Silverlight, and any other programming code that can run through the browser. (Hopefully you don't have those installed.) But people tend to not look at the actual facts. Instantly, Meltdown and Spectre become looming monsters and Microsoft's next patch is the white knight.... A handy way to view things, allowing us to pretend that we don't *really* have to think about security. We just have to follow official guidance and we'll be safe. So we keep allowing script and shopping online. We can't imagine accepting the hassle of curtailing those risks. But in that scenario the Windows patches are like penicillin boosters allowing us to return to the whorehouse with abandon: It's not the right prophylactic for the problem. I have a favorite example of that issue of false security. In a 2005 interview Bill Gates was asked about IE security problems. He talked like a kindly grandfather.... You should just trust us.... https://www.cnet.com/news/gates-taki...t-in-your-den/ "Well, no one invests more in security of their browser than what we do on IE. The key message we have for people is they should turn on auto update because if you turn on auto update....you can know that there are hundreds of very smart people who are constantly improving your browser and making sure that you're safe. And so with auto update and IE, you're getting the top security team and the quickest response team that there is anywhere." At that very moment there was a crisis of people being attacked through IE via bugs in XP SP2: https://www.techworld.com/news/secur...ploit-3577152/ Where were Gates's hundreds of "super quick responding, super smart" people? The sad fact is that people listen to the likes of Gates. They dutifully do things like continuing to use IE while allowing the dripfeed, because Gandpa Billy told them to. |
#21
|
|||
|
|||
Should I install KB4056894
On 6/02/2018 9:17 AM, Maurice Helwig wrote:
Well it is now February 6 th. Should I install KB4056894. What is everyone doing other than waiting. If I hide the update will it be presented again or included in the February update rollup. I look after 6 computers besides my own and I do not need problems. Any suggestions would be appreciated. Thank you all for your replies and suggestions. Today (Saturday 2018-02-10) I decided to bite the bullet and install KB4056894 on my main computer -- image backups all in place first. All went well and the computer is behaving itself normally. No slowdown is detectable with ordinary usage. Next I tried my wife's Dell Inspiron 15R with the AMD HD7670M video card. I installed KB4073578 (Downloaded from the MS catalogue) first, and rebooted. KB4056894 was offered so I installed it and rebooted it a couple of times. All appears ok. This gives me some confidence to update the other six computers I look after where I do voluntary work twice a week. I will let you all know how they updated as well. I think as Paul said, it is prudent to wait and be careful -- and make image backups before you start. the days of automatic updates are over as far as I am concerned. -- ~~~~~~~~~~~~ Maurice Helwig ~~~~~~~~~~~~ |
#22
|
|||
|
|||
Should I install KB4056894
On 6/02/2018 9:17 AM, Maurice Helwig wrote:
Well it is now February 6 th. Should I install KB4056894. What is everyone doing other than waiting. If I hide the update will it be presented again or included in the February update rollup. I look after 6 computers besides my own and I do not need problems. Any suggestions would be appreciated. Just an update on the install of MS update KB 4056894 -- Following the apparently successful install on my two home computers I proceeded to install it on the six computers where I do voluntary work. After installing it on the third computer I discovered that "Start" -- "Shutdown" -- "Restart" would not work. the computer appeared to shut down but would not restart as it was supposed to do. A forced shutdown / restart was necessary. On checking the other two computers that I had updated I found the same thing happening. So I uninstalled the update on the three computers and hid the update on all six computers. When I got home I uninstalled the update on my two computers as well. Once hidden the update is not re-presented for update when a new search for updates is done. I will live with Meltdown / Spectre until MS and intel fix the problem properly. Hope this helps someone else. Thank you all for your input. |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|