Together with the arrival of “Fourth Week” patches across the last day of the week of August, all night had a 7-day period to vet them, it looks as if we’re prepared to release the cracklin’ Kraken.
The steaming pile of Windows Intel microcode patches
Microsoft consistently on the unleash microcode patches for Meltdown and Spectre (versions 1, 2, 3, 3a, 4, n for n >=4). You won’t get stung by of them, should you specifically shop around for trouble.
Considering there still haven’t been any garden-variety Meltdown or Spectre attacks, I strongly suggest you ignore Microsoft’s Intel microcode patches, unless you’re manage a server that multitasks users with sensitive data. Wait till Microsoft (and Intel) comes with the kinks worked out.
If you decide to really feel like beta-testing for Microsoft, follow RetiredGeek’s strategies for Meltdown/Spectre mitigations on 1803. Make special note of which he flashed his Dell XPS 8920 firmware when pursuing the Herculean labors.
Microsoft includes a bug rolling around in its Windows 7 Monthly Rollup that’s been, uh, bugging us since March. If you decide to installed any Windows 7/Server 2008R2 patches after March and your network connections didn’t go kablooey, you’re almost undoubtedly OK to proceed this particular month’s patches.
Additionally, if you’ve been waiting in order to patches on your own Windows 7 or Server 2008R2 machine, you have to be aware of an insect that Microsoft has acknowledged.
Symptom: Fascinating issue with Windows and third-party software that would be related to weaponry testing file (oem<number>.inf). Just for this issue, if you apply this update, the network interface controller stop working.
Workaround: You can locate the network device, launch devmgmt.msc; it will probably appear under Other Devices.
1. To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes of this Action menu.
2. Alternatively, install the drivers for your network device by right-clicking smartphone and selecting Update. Then select Search automatically for updated driver software or Browse my computer for driver software.
That’s a bizarre, convoluted quantity of steps. Microsoft still hasn’t confirmed which third-party software is at fault, but reports comprehend it that it’s largely a VMware problem. Five months later, the bug’s there, still acknowledged, still unfixed.
If you’re worried that installing this month’s updates will clobber your Network Interface Card, take a full backup before installing the updates. You may take @GoneToPlaid’s advice and edit certain registry entries upfront.
Internet Explorer gets a Single Sign in fix – during a Preview
Microsoft broke Single Sign in (SSO) in IE 11 contained in the first range August patches. Per the KB article:
In Industry 11, an empty page could seem for some redirects. Additionally, any time you open your site that uses Active Directory Federation Services (AD FS) or Single sign-on (SSO), the location may be unresponsive.
Microsoft says you’ll fix that issue by installing the Monthly Preview (KB 4343894 for Windows 7; KB 4343891 for Windows 8.1). Confusingly, there’s moreover a KB 4459022 – a “Cumulative Update for Industry: August 30, 2018” – but that KB article says that you need to install among the many Monthly Previews to help repair the problem.
Monthly Previews, needless to say, are supposed to contain advance copies of non-security patches expected in your following month. They’re generated for folks who will have to test these month’s patches, to vet them before they hit the mainstream.
Increasingly, Microsoft isn’t fixing bugs the idea introduces with proper patches. Instead, it’s throwing them throughout the Monthly Preview stew and hoping those affected establish they need to jump ahead to solve what was just broken.
Susan Bradley’s Master Patchlists for July and August demonstrate that the past two months’ patches look clean, finally, other than the Meltdown/Spectre inanities. The state Fixes or workarounds articles for Office include many specific problems and a few possible solutions.
All set to take a chance on damaging your NIC? Here’s the direction to go. The patching pattern need to be familiar numerous cases of you.
Step 1. Place a full-system image backup when you install the August patches.
There’s a non-zero chance how the patches – even latest, greatest patches of patches of patches – will hose your machine. Wise to have a backup that you’ll reinstall just because your machine will not boot. This, independent of the usual great need of System Restore points.
There are many full-image backup products, including approximately two good free ones: Macrium Reflect Free and EaseUS Todo Backup. For Win 7 users, Any time you aren’t making backups regularly, look into this thread started by Cybertooth for details. You got good options, both free and not-so-free.
Step 2. For Windows 7 and Windows 8.1
Microsoft is blocking updates to Windows 7 and Windows 8.1 on recent computers. For everybody who is running Windows 7 or Windows 8.1 within the PC that’s a year old or less, follow the instructions in AKB 2000006 or @MrBrian’s evaluation @radosuaf’s method to make every effort to can use Windows Update to find updates applied.
If you’ve already installed any Monthly Rollups after March, your Network Interface Card has to be immune to modern slings and arrows. However, when you haven’t been staying in touch on patches, watch the discussion within Network Cards section above to cover yourself.
If you’re very interested in preserving Microsoft’s snooping done to you and want to install just security patches, comprehend that the privacy path’s acquiring more difficult. The earlier “Group B” – security patches only – isn’t dead, but it’s specifically within the grasp of typical Windows customers. When you insist on manually installing security patches only, follow the instructions in @PKCano’s AKB 2000003 and turn aware of @MrBrian’s strategies for hiding any unwanted patches.
For some Windows 7 and Windows 8.1 users, Chance to find the following AKB 2000004: The right way to apply the Windows 7 and Windows 8.1 Monthly Rollups. Know that some or many of the expected patches for July and August might not exactly show up or, assuming they do appear, may not be checked. DON’T CHECK any unchecked patches. Unless you’re certain of yourself, DON’T Search for additional patches. Accumulate, if you install the August Monthly Rollups or Cumulative Updates, you won’t need (and doubtless won’t see) the concomitant patches for July. Don’t play around with Mother Microsoft. Take what’s offered, and checked, and you should not grab something unchecked because it sounds good.
If you would like minimize Microsoft’s snooping quickly . install the majority of the offered patches, whenever the Customer Experience Improvement Program (Step 1 of AKB 2000007: Switching off the worst Windows 7 and Windows 8.1 snooping) as you install any patches. (Thx, @MrBrian.) If you see KB 2952664 (for Windows 7) or its WinWindows 8.1 cohort, KB 2976978 – the patches that so helpfully help you to upgrade to Windows 10 – uncheck them and drive a wooden stake through your motherboard. Steer clear of driver updates – you’re more desirable off getting them to from a manufacturer’s website.
After you’ve installed the most up-to-date Monthly Rollup, if you’re set on minimizing Microsoft’s snooping, put into practice the levels in AKB 2000007: Turning off the worst Windows 7 and Windows 8.1 snooping. Discover that we don’t evaluate which information Microsoft collects on Window 7 and Windows 8.1 machines. But I’m commencing believe that information pushed to Microsoft’s servers for Windows 7 owners is nearing equality compared to that pushed in Windows 10.
Step 3. For Windows 10
If you’re running Windows 10 Creators Update, version 1703 (my current preference), or version 1709, and also want to stick to 1703 or 1709 and never get sucked inside the 1803 vortex, follow the instructions here to ward off the upgrade. However, all bets are off if Microsoft, uh, forgets to honor some settings.
Remember: If you like to avoid 1803, don’t click “Check for Updates” until you’ve read and studied all the precautions submitted to this article, including running wushowhide. Any time you forget, you might be tossed within the seeker heap and shuffled away and off to 1803 land.
Anxious about 1809? Yeah, me too. Individuals running Windows 10 1703 really should upgrade to 1709, 1803 or 1809 at some point in October. (It isn’t clear if Microsoft will release Fourth Tuesday or C/D Week patches for 1703 in October.) I’m still located a fence, and suggest you join me in MSmugwump land until we’ve got a clearer view of the horizon.
In case you have trouble incurring latest cumulative update installed, assure you’ve checked your antivirus settings and, if get up, run the newly refurbished Windows Update Troubleshooter before inventing new epithets.
To be Windows 10 patched, examine the steps in “8 steps prepare Windows 10 patches similar to a pro.”