OT maybe

I read here regularly and have learned a lot and hope maybe to learn a
bit more. I have Win 7 Home Premium version 64 bit. I barely speak
"computer" when it comes to software and O/S intricacies. Since all the
Win 10 brew ha ha in the last year or so, I just shut off all updates to
Win 7 last July. But, I probably really should install some of them. Is
there anywhere that lists all the Win 7 updates and describes what they
are for, in plain English. We're not heavy involved users and I know I'm
not updating Word and Excel and all those. What we've got works fine.
Beyond that, I want absolutely nothing to do with Win 10 so anything
that might slip in anything there I want to skip. My wife would go
ballistic if anything to do with Win 10 showed up. I hate being tracked
in any way, but realize some is going to be inevitable and I don't go
anywhere nefarious or to far out of bounds anyhow, so not a real big
deal. But I know what's left is probably a lot of genuine security fixes
that would be good to be installed. I'm just finding it difficult to
sort through all the chafe to find the few good kernels. Any help or
guidance would be greatly appreciated. Thanks much.

On 08/10/2016 22:35, Doug Chadduck wrote:
I read here regularly and have learned a lot and hope maybe to learn a
bit more. I have Win 7 Home Premium version 64 bit. I barely speak
"computer" when it comes to software and O/S intricacies. Since all
the Win 10 brew ha ha in the last year or so, I just shut off all
updates to Win 7 last July. But, I probably really should install some
of them. Is there anywhere that lists all the Win 7 updates and
describes what they are for, in plain English. We're not heavy
involved users and I know I'm not updating Word and Excel and all
those. What we've got works fine. Beyond that, I want absolutely
nothing to do with Win 10 so anything that might slip in anything
there I want to skip. My wife would go ballistic if anything to do
with Win 10 showed up. I hate being tracked in any way, but realize
some is going to be inevitable and I don't go anywhere nefarious or to
far out of bounds anyhow, so not a real big deal. But I know what's
left is probably a lot of genuine security fixes that would be good to
be installed. I'm just finding it difficult to sort through all the
chafe to find the few good kernels. Any help or guidance would be
greatly appreciated. Thanks much.


Just cut the crap and switch on your windows update again as there is no
free Windows 10. You don't want to waste time reading about updates
because that will only drive you crazy and you won't understand a thing
about them. You are not particularly intelligent considering you
haven't updated your machine for a very long time. I have to take your
word at it's face value because we get many idiots asking stupid questions.



--

If you want to filter all of my posts then please read this article:
https://support.mozilla.org/en-US/kb/organize-your-messages-using-filters
In step 7 select "Delete"

With over 400 million devices now running Windows 10, customer
satisfaction is higher than any previous version of windows.

On 10/08/2016 05:35 PM, Doug Chadduck wrote:
I read here regularly and have learned a lot and hope maybe to learn a
bit more. I have Win 7 Home Premium version 64 bit. I barely speak
"computer" when it comes to software and O/S intricacies. Since all the
Win 10 brew ha ha in the last year or so, I just shut off all updates to
Win 7 last July. But, I probably really should install some of them. Is
there anywhere that lists all the Win 7 updates and describes what they
are for, in plain English. We're not heavy involved users and I know I'm
not updating Word and Excel and all those. What we've got works fine.
Beyond that, I want absolutely nothing to do with Win 10 so anything
that might slip in anything there I want to skip. My wife would go
ballistic if anything to do with Win 10 showed up. I hate being tracked
in any way, but realize some is going to be inevitable and I don't go
anywhere nefarious or to far out of bounds anyhow, so not a real big
deal. But I know what's left is probably a lot of genuine security fixes
that would be good to be installed. I'm just finding it difficult to
sort through all the chafe to find the few good kernels. Any help or
guidance would be greatly appreciated. Thanks much.

Free forced windows 10 updates are dead. MS won't give you win 10 anymore.

You could just read every update like others do and decide. Click the
more info and read the KB article. It will at least get you close.

You could just blanket install all 'Security Updates'. Then read the
remainder.

I'm not sure there is a quick and easy way though. You just have to
bite the bullet and do the leg work you probably should have from day one.

I personally just install everything. My system has not suffered from
it yet. I may have a bit more telemetry though.

On Sat, 8 Oct 2016 19:28:05 -0400, Big Al wrote:

On 10/08/2016 05:35 PM, Doug Chadduck wrote:
I read here regularly and have learned a lot and hope maybe to learn a
bit more. I have Win 7 Home Premium version 64 bit. I barely speak
"computer" when it comes to software and O/S intricacies. Since all the
Win 10 brew ha ha in the last year or so, I just shut off all updates to
Win 7 last July. But, I probably really should install some of them. Is
there anywhere that lists all the Win 7 updates and describes what they
are for, in plain English. We're not heavy involved users and I know I'm
not updating Word and Excel and all those. What we've got works fine.
Beyond that, I want absolutely nothing to do with Win 10 so anything
that might slip in anything there I want to skip. My wife would go
ballistic if anything to do with Win 10 showed up. I hate being tracked
in any way, but realize some is going to be inevitable and I don't go
anywhere nefarious or to far out of bounds anyhow, so not a real big
deal. But I know what's left is probably a lot of genuine security fixes
that would be good to be installed. I'm just finding it difficult to
sort through all the chafe to find the few good kernels. Any help or
guidance would be greatly appreciated. Thanks much.

Free forced windows 10 updates are dead. MS won't give you win 10 anymore.

You could just read every update like others do and decide. Click the
more info and read the KB article. It will at least get you close.

You could just blanket install all 'Security Updates'. Then read the
remainder.

I'm not sure there is a quick and easy way though. You just have to
bite the bullet and do the leg work you probably should have from day one.

I personally just install everything. My system has not suffered from
it yet. I may have a bit more telemetry though.

I am incapable of reading the KB stuff to select updates. Sooo, I've
given up and installed everything since "get window 10 free" stopped.
No bad effects so far. Win7pro is working fine.

"Doug Chadduck" wrote

| I just shut off all updates to
| Win 7 last July. But, I probably really should install some of them.

Here's one example of problems with Win7. With so many
people rejecting Win10, MS has been hoping to turn 7 into
10, to some extent:

http://arstechnica.com/information-t...o-windows-7-8/

I would not allow any Windows updates to be installed,
except for the service packs. If you care about privacy
and stability you can't afford to allow MS onto your
computer. And the majority of security issues are not
with Windows itself, but rather IE, MS Office, Flash,
Acrobat Reader, Java, etc. But it's really a personal decision.
If you don't mind the sleaze then install updates. If you
do mind the sleaze it would be unrealistic to attempt
avoiding it while still installing security patches, without
a great deal of research.

Doug Chadduck wrote:
I read here regularly and have learned a lot and
hope maybe to learn a bit more.

I have Win 7 Home Premium version 64 bit.

I barely speak "computer" when it comes to software and O/S intricacies.
Since all the Win 10 brew ha ha in the last year or so,
I just shut off all updates to Win 7 last July.

But, I probably really should install some of them.

Is there anywhere that lists all the Win 7 updates and describes what they
are for, in plain English. We're not heavy involved users and I know I'm
not updating Word and Excel and all those.

What we've got works fine.

Beyond that, I want absolutely nothing to do with Win 10 so anything
that might slip in anything there I want to skip. My wife would go
ballistic if anything to do with Win 10 showed up.

I hate being tracked in any way, but realize some is going
to be inevitable and I don't go anywhere nefarious or to far
out of bounds anyhow, so not a real big deal.

But I know what's left is probably a lot of genuine security fixes
that would be good to be installed. I'm just finding it difficult to
sort through all the chafe to find the few good kernels. Any help or
guidance would be greatly appreciated. Thanks much.

It takes about four hours of steady work, to review the web links
before installing a years worth of missing stuff.

Security patches would consist of an accompanying
KnowledgeBase article. And the KB points you to a security bulletin
with some (but not much) detail on what they think they're patching.

Windows Update

Entry --- KB12345678 --- MS-112 bulletin

The KB may have a list of files, and I glance at the
files first, to see if any "objectionable" DLLs are in
there.

Windows Update has '583 removed at the moment, so GWX
(Get Windows Ten) is not in there. However, the '664 AppRaiser
patch is still there, and for some reason, it was re-issued in
advance of October 2016 Patch Tuesday (now, only a couple days away).
I don't see a particular reason to want to install '664 at this point,
unless you plan on leaving Windows Update enabled and accept
whatever back-ported materials will be flowing in from Win10.

Microsoft plans to have an announcement later in October (after
Patch Tuesday plants the plumbing), to announce what will be
delivered in future.

*******

It doesn't sound like you've tried Windows Update at this
point, because chances are, there will be a long long delay
before the update list appears on the screen. If Windows Update
is shut off, then you click the button in the interface
and do a manual scan. And get a presentation of Important
and Optional updates.

Due to a bug in Windows Update (a bug that exists in WinXP,
Vista,Win7,Win8,Win8.1), the list could appear in 5 minutes
(the current benchmark), or it could appear in 12 hours.

Using Internet Explorer (a browser with ActiveX plugin capability),
you can visit the Catalog server and get updates manually. You can
install these two, without using Windows Update at all. '605 may
say "Not Applicable" if you installed it first. As long as the
Servicing Stack is in place, then '605 should install.

April 2015 Servicing Stack

http://catalog.update.microsoft.com/...aspx?q=3020369

July 2016 Cumulative (note, these can be *removed* at any time.

http://catalog.update.microsoft.com/...aspx?q=3172605

Then, after a reboot, you may find clicking the Windows Update
button takes 5 minutes before the list appears.

Note that this is not a real patch as such. It probably truncates
some of the supersedes from the manifest, and hurries up the
process a bit. One thing I noted, is there is no win32k.sys in
the patch, and the patch manages to speed up Windows Update,
without changing the win32k.sys that people claim is one
source of the bug.

It's also possible to manually patch without '605, knowing that
some updates are recurring ones (like the MRT scanner that
is delivered each month). Or installing the latest
Cumulative Update for Internet Explorer for your version/copy
of IE. I've got a 5 minute response from Windows Update, simply
by selecting the updates carefully I want to install by hand.

To do that, you can do a scan for missing Security Updates
with MBSA 2.3 . So if Windows Update was considered to be
"broken", then you can use this to do a scan for missing updates.
Only one tick box on the screen, need be ticked to run a scan.
You don't need to leave all five tick boxes ticked. That's
not necessary.

https://www.microsoft.com/en-ca/down...s.aspx?id=7558

The MBSA always seems to develop a list of updates within
five minutes. And there's a reason for that. It doesn't
actually compute the superseded updates properly, all
by itself. I have downloaded around 50-70 items using the
list from MBSA, and a couple of them, when I go to install,
say they are "not applicable". Each Update file can work
that out for itself (it has a section of the manifest on
board the update). And indeed, if and when I get to run
Windows Update after that point, the items that will not
install, also are missing from Windows Update. So for some
of them, when they say Not Applicable, it's because they
actually aren't necessary.

In any case, if you were not getting a timely response from
Windows Update, you can work through outstanding Important
Updates with MBSA. It won't show the Optional ones. You
can review the Optional ones, whenever Windows Update
decides to start working again.

Windows Update has a history tab. Even if you don't
run a scan, you can check the history to see if
you've already installed a particular item.

And the rest is just "reading and hard work", if you
want to review them and not accept the questionable
ones.

Using "Infoworld" or "AskWoody" and a KBxxxxxxx number,
you can also find writeups on some of the updates, if
you need a translation of the intent of an update.
The "level of evil" can be judged that way.

Paul

On Sat, 8 Oct 2016 14:35:53 -0700, Doug Chadduck
wrote in

I read here regularly and have learned a lot and hope maybe to learn a
bit more. I have Win 7 Home Premium version 64 bit. I barely speak
"computer" when it comes to software and O/S intricacies. Since all the
Win 10 brew ha ha in the last year or so, I just shut off all updates to
Win 7 last July. But, I probably really should install some of them. Is
there anywhere that lists all the Win 7 updates and describes what they
are for, in plain English. We're not heavy involved users and I know I'm
not updating Word and Excel and all those. What we've got works fine.
Beyond that, I want absolutely nothing to do with Win 10 so anything
that might slip in anything there I want to skip. My wife would go
ballistic if anything to do with Win 10 showed up. I hate being tracked
in any way, but realize some is going to be inevitable and I don't go
anywhere nefarious or to far out of bounds anyhow, so not a real big
deal. But I know what's left is probably a lot of genuine security fixes
that would be good to be installed. I'm just finding it difficult to
sort through all the chafe to find the few good kernels. Any help or
guidance would be greatly appreciated. Thanks much.

I got a new desktop with Win7pro32 last year. The first thing I did
was shut off updates. They are still shut and no problems.
--
Web based forums are like subscribing to 10 different newspapers
and having to visit 10 different news stands to pickup each one.
Email list-server groups and USENET are like having all of those
newspapers delivered to your door every morning.

On Sat, 8 Oct 2016 23:09:51 -0400, "Mayayana"
wrote in

"Doug Chadduck" wrote

| I just shut off all updates to
| Win 7 last July. But, I probably really should install some of them.

Here's one example of problems with Win7. With so many
people rejecting Win10, MS has been hoping to turn 7 into
10, to some extent:

http://arstechnica.com/information-t...o-windows-7-8/

I would not allow any Windows updates to be installed,
except for the service packs. If you care about privacy
and stability you can't afford to allow MS onto your
computer. And the majority of security issues are not
with Windows itself, but rather IE, MS Office, Flash,
Acrobat Reader, Java, etc. But it's really a personal decision.
If you don't mind the sleaze then install updates. If you
do mind the sleaze it would be unrealistic to attempt
avoiding it while still installing security patches, without
a great deal of research.


Well said.
--
Web based forums are like subscribing to 10 different newspapers
and having to visit 10 different news stands to pickup each one.
Email list-server groups and USENET are like having all of those
newspapers delivered to your door every morning.

"Paul" wrote

| It takes about four hours of steady work, to review the web links
| before installing a years worth of missing stuff.
|
| Security patches would consist of an accompanying
| KnowledgeBase article. And the KB points you to a security bulletin
| with some (but not much) detail on what they think they're patching.
|
| Windows Update
|
| Entry --- KB12345678 --- MS-112 bulletin
|
| The KB may have a list of files, and I glance at the
| files first, to see if any "objectionable" DLLs are in
| there.
|

But he's asking for "plain English" info for people
who are not techy. I expect your advice will be
confusing at best, or at worst will waste his time.
He wants a brief blurb that says, "This fixes Excel
bug XYZ" or "This adds spyware". Assessing
"objectionable DLLs" would require a somewhat
intimate knowledge of system files.

The kind of clarity that Doug is asking for has never
been available. These days it's even worse. MS have
officially announced that they don't intend to explain
patches anymore. Their position seems to be
that even IT people are on a need-to-know basis,
and that even IT people only need to know to apply
patches. MS don't want them making their own
determinations. If they even explain that a patch "fixes
Excel bug XYZ" they're not likely to fully explain the
import of that. I find myself reading the "mitigation"
info as a way to glean the details.

And all of that assumes the patches are actually
relevant to oneself and useful in the first place. In
many cases one or both of those factors may not
hold. I remember a famous case in about 2000 where
MS "fixed" a security problem in Outlook by adding an
extra nag message. That news only came out because
someone at one of the computer magazines looked
into it.
In many cases with important security patches they
may not be relevant if one is not using risky cross-
computer functionality like DCOM, remote desktop,
etc. In other words, many of the patches are
primarily for corporate intranet machines.

Given Doug's self-description there is simply no
way for him to assess all patches, much less do it
easily.

Mayayana wrote:
"Paul" wrote

| It takes about four hours of steady work, to review the web links
| before installing a years worth of missing stuff.
|
| Security patches would consist of an accompanying
| KnowledgeBase article. And the KB points you to a security bulletin
| with some (but not much) detail on what they think they're patching.
|
| Windows Update
|
| Entry --- KB12345678 --- MS-112 bulletin
|
| The KB may have a list of files, and I glance at the
| files first, to see if any "objectionable" DLLs are in
| there.
|

But he's asking for "plain English" info for people
who are not techy. I expect your advice will be
confusing at best, or at worst will waste his time.
He wants a brief blurb that says, "This fixes Excel
bug XYZ" or "This adds spyware". Assessing
"objectionable DLLs" would require a somewhat
intimate knowledge of system files.

The kind of clarity that Doug is asking for has never
been available. These days it's even worse. MS have
officially announced that they don't intend to explain
patches anymore. Their position seems to be
that even IT people are on a need-to-know basis,
and that even IT people only need to know to apply
patches. MS don't want them making their own
determinations. If they even explain that a patch "fixes
Excel bug XYZ" they're not likely to fully explain the
import of that. I find myself reading the "mitigation"
info as a way to glean the details.

And all of that assumes the patches are actually
relevant to oneself and useful in the first place. In
many cases one or both of those factors may not
hold. I remember a famous case in about 2000 where
MS "fixed" a security problem in Outlook by adding an
extra nag message. That news only came out because
someone at one of the computer magazines looked
into it.
In many cases with important security patches they
may not be relevant if one is not using risky cross-
computer functionality like DCOM, remote desktop,
etc. In other words, many of the patches are
primarily for corporate intranet machines.

Given Doug's self-description there is simply no
way for him to assess all patches, much less do it
easily.

The three options a

1) Accept all the patches. "Microsoft knows best".
2) Accept none of the patches. "The Paranoia option".
3) Review the patches and toss the ones that
you've read about or heard about. CEIP or GWX.

Now, Doug has indicated he had Windows Update turned
off. That means he is already aware of (2) and avoided
(1) on purpose. Therefore, I described (3), to give
a feeling for how much work it is. (3) is a kind
of "selective paranoia", a way of not giving Microsoft
everything they want.

Some stuff will be a coin toss. Maybe you need the British
Pound symbol or the Ruble added to all your fonts. I chose
to reject the font meddling ones, because initially there
was some collateral damage from those.

Some patches, have an "Issues" section at the top. THat's
worth reading. Sometimes just the sheer level of detail
in the Issues section, says "don't touch".

And sure, if you want to spend the time, a fair number
of the security patches involve a perp sitting at your
keyboard, working an exploit. I personally don't have
time to decode the gobblydee-gook that passes for
a classification at the Windows Update screen level.
But I do have time to glance at the file list and
see some of my favorites in there. Several of the patches,
they seem to have dumped a reference to every file
in the System folder into the article. My eyes glaze over
when they do that.

Based on the fact Doug turned off Windows Update, he's
already better than 99% of "average users". He'll figure
it out.

Paul

On Sun, 09 Oct 2016 16:26:43 +0200, FredW wrote:

On Sun, 09 Oct 2016 07:31:50 -0500, CRNG
wrote:
On Sat, 8 Oct 2016 14:35:53 -0700, Doug Chadduck
wrote in
I got a new desktop with Win7pro32 last year. The first thing I did
was shut off updates. They are still shut and no problems.

This is like saying,

I got a new car, but as the garage makes mistakes, I never bring in my
car for regular maintenance and I have never any problem.

It is not wise to do so.

Actually, it's more like:

This garage has installed stuff on my car that I didn't ask for, and
about half the time after I've had my car in for service it doesn't
work right, so I have to go back for additional service calls. I'm
not letting them have unsupervised access to my car any more.

The problem is, we're between a rock and a hard place. We should
really install security updates, but Microsoft has been documented to
put GWX crap into at least one security update (that we know of), as
well as "important" updates, so we can't really trust the "security"
label. With regard to updates, we're damned if we do and damned if we
don't.

--
Stan Brown, Oak Road Systems, Tompkins County, New York, USA
http://BrownMath.com/
http://OakRoadSystems.com/
Shikata ga nai...

Doug Chadduck used his keyboard to write :
I read here regularly and have learned a lot and hope maybe to learn a bit
more. I have Win 7 Home Premium version 64 bit. I barely speak "computer"
when it comes to software and O/S intricacies. Since all the Win 10 brew ha
ha in the last year or so, I just shut off all updates to Win 7 last July.
But, I probably really should install some of them. Is there anywhere that
lists all the Win 7 updates and describes what they are for, in plain
English. We're not heavy involved users and I know I'm not updating Word and
Excel and all those. What we've got works fine. Beyond that, I want
absolutely nothing to do with Win 10 so anything that might slip in anything
there I want to skip. My wife would go ballistic if anything to do with Win
10 showed up. I hate being tracked in any way, but realize some is going to
be inevitable and I don't go anywhere nefarious or to far out of bounds
anyhow, so not a real big deal. But I know what's left is probably a lot of
genuine security fixes that would be good to be installed. I'm just finding
it difficult to sort through all the chafe to find the few good kernels. Any
help or guidance would be greatly appreciated. Thanks much.

Go to below link, download and install a copy of Belarc Advisor. It
will show and lead you to any "critical" and "important" updates that
your system is missing. I've been using it for years and trust it's
results more so than that of MS.

http://www.belarc.com/free_download.html

--
Zo

I don't have any taglines to give you.

"FredW" wrote

| I got a new desktop with Win7pro32 last year. The first thing I did
| was shut off updates. They are still shut and no problems.
|
| This is like saying,
|
| I got a new car, but as the garage makes mistakes, I never bring in my
| car for regular maintenance and I have never any problem.
|
| It is not wise to do so.

Maybe not. If you know nothing about cars
and don't care to, then you might do well to
pay through the nose to have the dealer take
care of maintenance. you'll waste a lot of money
but at least your brakes won't give out... probably.

But Windows security has very little
in common with car repair. I have 2 Win7 boxes
and 2 XP boxes here. None have any more than
service packs. None have had malware. None
is running AV, though all are running firewalls.
None has Java. Only one has Flash. None has
Adobe Acrobat Reader. Only one has MS Office.

If you are running any of those things I can
only say, "it is not wise to do so." Security is
not about patches. It's mostly about how you
use your computer and what software you use.
If you shop/bank online, enable script/Flash in
the browser and don't carefully disable unnecessary
networking functionality then you're a sitting
duck. There's no way around that. If you use
MS Office you've multiplied your risks. In such a
scenario Windows update is only a finger in the dike,
patching a few problems, but only those problems
that are already known, and only some of them.
Some malware exploits known bugs that are not
patched, but a lot of it exploits "0-days". Nearly
all of it requires javascript in the browser to carry
out the exploit. A few, like rigged attachments,
corrupt MS Office files, or infected USB sticks,
require more care. But mostly it's all about
javascript in the browser. Yet most of the people
who talk so loudly about Windows updates can't
be bothered to disable javascript in even a limited
way. They're buying better window locks while they
leave their front door open.

In message , Zo
writes:
[]
Go to below link, download and install a copy of Belarc Advisor. It
will show and lead you to any "critical" and "important" updates that
your system is missing. I've been using it for years and trust it's
results more so than that of MS.

http://www.belarc.com/free_download.html

Although I'm inclined to agree with you, others will be asking "why".

(I guess what I'm asking is, how independent is Belarc?)
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Today, I dare say more people know who starred as /The Vicar of Dibley/ than
know the name of the vicar of their local parish. - Clive Anderson, Radio
Times 15-21 January 2011.

In message , Mayayana
writes:
[]
I would not allow any Windows updates to be installed,

Sounds a possible approach ...

except for the service packs. If you care about privacy
[]
.... but how do you identify which ones are the service packs?

Or do you really just mean (in the case of W7) the single one that
upgrades 7 to 7.1?
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Today, I dare say more people know who starred as /The Vicar of Dibley/ than
know the name of the vicar of their local parish. - Clive Anderson, Radio
Times 15-21 January 2011.