Are Updates dangerous!

  • Thread starter Thread starter joe
  • Start date Start date
J

joe

Guest
I have win xp pro sp3



I lived in a remote area without internet access so never did any updates

other than the service packs, no internet no threats :-)

I now have broadband and am fully up to date with all Microsoft updates.



However this latest problem with KB977165 has really scared me. I am not too

happy about using the recovery tool and how would I have found out the

solution anyway without a pc to access the Internet? ( I am still in a

remote area with no other pc's around )



So I have a couple of questions for the experts here.



Firstly, why did my update install perfectly when so many others had this

huge problem? Was I just lucky?



Has this kind of thing happened before with bad updates?



Can I feel safe in downloading these updates automatically.



I would feel much better if you guys could give me the benefit of your

experience.



TIA
 
joe wrote:

> I have win xp pro sp3

>

> I lived in a remote area without internet access so never did any

> updates other than the service packs, no internet no threats :-)

> I now have broadband and am fully up to date with all Microsoft

> updates.

> However this latest problem with KB977165 has really scared me. I

> am not too happy about using the recovery tool and how would I have

> found out the solution anyway without a pc to access the Internet?

> ( I am still in a remote area with no other pc's around )

>

> So I have a couple of questions for the experts here.

>

> Firstly, why did my update install perfectly when so many others

> had this huge problem? Was I just lucky?

>

> Has this kind of thing happened before with bad updates?

>

> Can I feel safe in downloading these updates automatically.

>

> I would feel much better if you guys could give me the benefit of

> your experience.



First - because your computer did not have whatever problem the other people

have. The source of the problem (at this time) has not been identified with

any certainty. Yes, the patch may expose the issue on some systems - but if

the problem was the patch PURELY - you'd think it'd affected all systems,

wouldn't you?



Definitely - bad things happen. Most of the time the problem has been

something on the computer having a reaction to the update, not necessarily a

bad update. Recall this is a Windows Update - fixing something in Windows.

It cannot know what has been done to your machine in every possible way or

know how every possible program you could have would react when whatever it

is fixing is changed. This has happened with things like ZoneAlarm and some

antivirus applications in the last few years.



Can you? Yes - millions of people do. Should you? Depends on what your

other maintenance tasks are. Do you perform consistent and full backups of

your important data on external media? Do you have all the installation

media and product keys for everything you have installed stored in a safe

place away from the computer itself?



My experience is this:



Lightning can and will strike. It may/may not affect your computer, but if

you are prepared, it won't matter as much.



You're on high-speed now - likely on all the time - what protection do you

have in place keeping someone from hopping on your computer and doing

whatever they want?



How's your door locks? Someone/something always watching the computer?



Outlets well grounded and computer connected to an AVR capable Universal

Power Supply with battery backup?



All that media and product key stuff I spoke of earlier - is it in a

fire-resistant/water-resistant safe of some sort?



There are plenty of things to worry about out there - whether or not a patch

might mess up a computer that you should be backing up and protecting the

important stuff on anyway seems... minor. ;-)



--

Shenan Stanley

MS-MVP

--

How To Ask Questions The Smart Way

http://www.catb.org/~esr/faqs/smart-questions.html
 
On Feb 12, 8:52 am, "joe" wrote:

> I have win xp pro sp3

>

> I lived in a remote area without internet access so never did any updates

> other than the service packs, no internet no threats :-)

> I now have broadband and am fully up to date with all Microsoft updates.

>

> However this latest problem with KB977165 has really scared me. I am not too

> happy about using the recovery tool and how would I have found out the

> solution anyway without a pc to access the Internet? ( I am still in a

> remote area with no other pc's around )

>

> So I have a couple of questions for the experts here.

>

> Firstly, why did my update install perfectly when so many others had this

> huge problem? Was I just lucky?

>

> Has this kind of thing happened before with bad updates?

>

> Can I feel safe in downloading these updates automatically.

>

> I would feel much better if you guys could give me the benefit of your

> experience.

>

> TIA







Yes, there are problems with updates from time to time. For testing

purposes, some organizations will update non-critical machines to see

if there are any ill effects before flooding all the company's

computers with the update. I usually wait a week or three before

installing updates, waiting to see if my favorite newsletter mentions

any horror stories. It's free and dependable.



http://www.windowssecrets.com/
 
joe wrote:

> I have win xp pro sp3

>

> I lived in a remote area without internet access so never did any

> updates other than the service packs, no internet no threats :-)

> I now have broadband and am fully up to date with all Microsoft

> updates.

> However this latest problem with KB977165 has really scared me.







Once more, Microsoft's filtering is acting up. :-(



My response to you, Joe, may be found here:



http://groups.google.com/group/microsoft.public.windowsxp.general/msg/d7a7bbf38fdf9694?hl=en
 
joe wrote:

> Thank you Daave,SK and Shenan for a very detailed and informative answer. I

> intend to follow all the advice given here, especially waiting a couple of

> days before installing the updates. A very good idea :-)



No, it's a very bad idea. They don't call it Exploit Wednesday for nothing.



--

C
 
On Feb 12, 11:49 am, "joe" wrote:

> Thank you Daave,SK and Shenan for a very detailed and informative answer.I

> intend to follow all the advice given here, especially waiting a couple of

> days before installing the updates. A very good idea :-)

>

> "Daave" wrote in message

>

> news:Oaoqso$qKHA.4220@TK2MSFTNGP05.phx.gbl...

>

> > One more time...

>

> >http://groups.google.com/group/microsoft.public.windowsxp.general/msg...





And definitely don't install updates in the middle of a busy work day

when the computer absolutely MUST keep running. Sometimes what

Microsoft thinks is funny turns out to not be very funny at all.
 
Don't see what you're getting at.





"C" wrote in message

news:hl41mi$ps3$1@speranza.aioe.org...

> joe wrote:

>> Thank you Daave,SK and Shenan for a very detailed and informative answer.

>> I intend to follow all the advice given here, especially waiting a couple

>> of days before installing the updates. A very good idea :-)

>

> No, it's a very bad idea. They don't call it Exploit Wednesday for

> nothing.

>

> --

> C
 
joe wrote:

> Don't see what you're getting at.

>

>

> "C" wrote in message

> news:hl41mi$ps3$1@speranza.aioe.org...

>> joe wrote:

>>> Thank you Daave,SK and Shenan for a very detailed and informative answer.

>>> I intend to follow all the advice given here, especially waiting a couple

>>> of days before installing the updates. A very good idea :-)

>> No, it's a very bad idea. They don't call it Exploit Wednesday for

>> nothing.

>>

>> --

>> C

>

>



After patches are released on the second Tuesday of the month, the

hackers get to work the next day on the computers of n00bs who haven't

updated yet. Ergo, Exploit Wednesday immediately follows Update Tuesday.

Do you understand now?



--

C
 
C wrote:

> joe wrote:

>> Don't see what you're getting at.

>>

>>

>> "C" wrote in message

>> news:hl41mi$ps3$1@speranza.aioe.org...

>>> joe wrote:

>>>> Thank you Daave,SK and Shenan for a very detailed and informative

>>>> answer. I intend to follow all the advice given here, especially

>>>> waiting a couple of days before installing the updates. A very

>>>> good idea :-)

>>> No, it's a very bad idea. They don't call it Exploit Wednesday for

>>> nothing.

>>>

>>> --

>>> C

>>

>>

>

> After patches are released on the second Tuesday of the month, the

> hackers get to work the next day on the computers of n00bs who haven't

> updated yet. Ergo, Exploit Wednesday immediately follows Update

> Tuesday. Do you understand now?



I would imagine the hackers don't even wait.



To OP:



In order to be as safe as possible, you need to do the following:



1. Regularly image your hard drive so you have something to fall back on

if the need arises.



2. Install the Microsoft critical security updates as soon as they come

out. Chances are you won't run into any problems. And if you do, all you

need to do is restore the most recent image you have.



If you decide to manually update (and wait a few days), arguably you

will be slightly less safe. Then again, if you have your firewall

running and you avoid dodgy Web sites and don't click on spurious e-mail

attachments and if your AV defintions are up-to-date, you should be fine

for all intents and purposes. And again, if you run into any problems,

you can still restore the most recent image of your hard drive. :-)
 
S K wrote:

> On Feb 12, 11:49 am, "joe" wrote:

>> Thank you Daave,SK and Shenan for a very detailed and informative answer. I

>> intend to follow all the advice given here, especially waiting a couple of

>> days before installing the updates. A very good idea :-)

>>

>> "Daave" wrote in message

>>

>> news:Oaoqso$qKHA.4220@TK2MSFTNGP05.phx.gbl...

>>

>>> One more time...

>>

>>> http://groups.google.com/group/microsoft.public.windowsxp.general/msg...

>

>

> And definitely don't install updates in the middle of a busy work day

> when the computer absolutely MUST keep running. Sometimes what

> Microsoft thinks is funny turns out to not be very funny at all.





Speaking of "funny", get a load of this -



Windows Activation Technologies Update for Windows 7

http://windowsteamblog.com/blogs/ge...ologies-update-for-windows-7.aspx?PageIndex=2



" In the coming days, we’ll be deploying a new update for Windows

Activation Technologies, the set of built-in activation and validation

components built into Windows 7. Called Windows Activation Technologies

Update for Windows 7, this update will detect more than 70 known and

potentially dangerous activation exploits. Activation exploits are

sometimes called “hacksâ€, and attempt to bypass or compromise Windows’

activation technologies. This new update is further evidence of

Microsoft’s commitment to keeping customers and partners secure. "



But wait ... it's get's even *funnier* -



" Media Surveillance, an anti-piracy solutions company based in Germany,

recently downloaded more than five hundred pirated copies of Windows 7

(and Windows activation exploits) and found that 32% contained malicious

code. "



Yeah, the 'malicious code' is DRM and WGA. Doesn't this sound like an

Abbott and Costello routine ?



" DRM's on first, WGA's on second, but who's on third "

" WAT's on third "

" Who ? "

" No, WAT's on third, Who's at my door ? "



But wait, there's more ! -



" The Update is designed to run on all editions of Windows 7, although

we will distribute first to the Home Premium, Professional, Ultimate and

Enterprise editions. It will be available online at

www.microsoft.com/genuine beginning February 16 and on the Microsoft

Download Center beginning February 17. Later this month, the update will

also be offered through Windows Update as an ‘Important’ update.



I’d like to stress that the Update is voluntary, which means that you

can choose not to install it when you see it appear on Windows Update.



How does it work? Once installed, the Update protects customers by

identifying known activation exploits that may affect their PC

experience. If any activation exploits are found, Windows will alert the

customer and offer options for resolving the issue – in many cases, with

just a few clicks."





Yeah, right, " just a few clicks ". That's hystericaly NOT funny for

anyone who's had to go through the False Positive Activation/Validation

Dance and had to call in to get their OS Activated or Validated.



And now for the final guffaw -



" The Update will run periodic validations (initially every 90 days).

During validation, Windows will download the latest ‘signatures’ that

are used to identify new activation exploits – much like an anti-virus

service.. "



No thanks. My Windows 7 system has been Activated/Validated/Genuined and

I *highly* doubt that this update will protect it " by making sure that

the integrity of key licensing components remains intact. "



No fish, try again.





MowGreen

================

*- 343 -* FDNY

Never Forgotten

================



banthecheck.com

"Security updates should *never* have *non-security content* prechecked



































MowGreen

================

* -343-* FDNY

Never Forgotten

================



banthecheck.com

"Security updates should *never* have *non-security content* prechecked
 
Per S K:

>Yes, there are problems with updates from time to time. For testing

>purposes, some organizations will update non-critical machines to see

>if there are any ill effects before flooding all the company's

>computers with the update. I usually wait a week or three



Flipping it around: would anybody care to comment on the

hazard(s) of never applying updates? Let's say "SP2" and call

it a day?

--

PeteCresswell
 
(PeteCresswell) wrote:

> Flipping it around: would anybody care to comment on the

> hazard(s) of never applying updates? Let's say "SP2" and call

> it a day?



What's the situation? Where is this computer, what is it used for?



--

Shenan Stanley

MS-MVP

--

How To Ask Questions The Smart Way

http://www.catb.org/~esr/faqs/smart-questions.html
 
Hey, you might have something there. lol



An unpatched rtm Windows XP will be infected within minutes if connected

directly to the Internet:



http://www.securityfocus.com/columnists/262







"(PeteCresswell)" wrote in message

news:ikjbn5t985qth3s7krp421dca06ug6p800@4ax.com...

> Per S K:

>>Yes, there are problems with updates from time to time. For testing

>>purposes, some organizations will update non-critical machines to see

>>if there are any ill effects before flooding all the company's

>>computers with the update. I usually wait a week or three

>

> Flipping it around: would anybody care to comment on the

> hazard(s) of never applying updates? Let's say "SP2" and call

> it a day?

> --

> PeteCresswell
 
How long have you been so paranoid?



joe wrote:

> I have win xp pro sp3

>

> I lived in a remote area without internet access so never did any updates

> other than the service packs, no internet no threats :-)

> I now have broadband and am fully up to date with all Microsoft updates.

>

> However this latest problem with KB977165 has really scared me. I am not

> too

> happy about using the recovery tool and how would I have found out the

> solution anyway without a pc to access the Internet? ( I am still in a

> remote area with no other pc's around )

>

> So I have a couple of questions for the experts here.

>

> Firstly, why did my update install perfectly when so many others had this

> huge problem? Was I just lucky?

>

> Has this kind of thing happened before with bad updates?

>

> Can I feel safe in downloading these updates automatically.

>

> I would feel much better if you guys could give me the benefit of your

> experience.

>

> TIA
 
What kind of response is that?



"PA Bear [MS MVP]" wrote in message

news:OLyRxLFrKHA.3908@TK2MSFTNGP05.phx.gbl...

> How long have you been so paranoid?

>

> joe wrote:

>> I have win xp pro sp3

>>

>> I lived in a remote area without internet access so never did any updates

>> other than the service packs, no internet no threats :-)

>> I now have broadband and am fully up to date with all Microsoft updates.

>>

>> However this latest problem with KB977165 has really scared me. I am not

>> too

>> happy about using the recovery tool and how would I have found out the

>> solution anyway without a pc to access the Internet? ( I am still in a

>> remote area with no other pc's around )

>>

>> So I have a couple of questions for the experts here.

>>

>> Firstly, why did my update install perfectly when so many others had this

>> huge problem? Was I just lucky?

>>

>> Has this kind of thing happened before with bad updates?

>>

>> Can I feel safe in downloading these updates automatically.

>>

>> I would feel much better if you guys could give me the benefit of your

>> experience.

>>

>> TIA

>
 
Logical!

"joe" wrote in message

news:etMCa$GrKHA.3536@TK2MSFTNGP06.phx.gbl...

> What kind of response is that?

>

> "PA Bear [MS MVP]" wrote in message

> news:OLyRxLFrKHA.3908@TK2MSFTNGP05.phx.gbl...

>> How long have you been so paranoid?

>>

>> joe wrote:

>>> I have win xp pro sp3

>>>

>>> I lived in a remote area without internet access so never did any

>>> updates

>>> other than the service packs, no internet no threats :-)

>>> I now have broadband and am fully up to date with all Microsoft updates.

>>>

>>> However this latest problem with KB977165 has really scared me. I am not

>>> too

>>> happy about using the recovery tool and how would I have found out the

>>> solution anyway without a pc to access the Internet? ( I am still in a

>>> remote area with no other pc's around )

>>>

>>> So I have a couple of questions for the experts here.

>>>

>>> Firstly, why did my update install perfectly when so many others had

>>> this

>>> huge problem? Was I just lucky?

>>>

>>> Has this kind of thing happened before with bad updates?

>>>

>>> Can I feel safe in downloading these updates automatically.

>>>

>>> I would feel much better if you guys could give me the benefit of your

>>> experience.

>>>

>>> TIA

>>

>

>
 
Sorry, it's been a long week in the trenches dealing with those

BSOD/KB977165 issues here.



>>> Firstly, why did my update install perfectly when so many others had

>>> this

>>> huge problem? Was I just lucky?



Luck had nothing to do with it. Practicing 'Safe Hex' did: It's beginning

to look like the vast majority of these BSODs were caused by hijackware

infections, primarily W32/Alureon-variants.



>>> Has this kind of thing happened before with bad updates?



If your computer's security was compromised, yes.



>>> Can I feel safe in downloading these updates automatically.



Very generally speaking, yes. Should you ever need assistance...



For home users, no-charge support is available by calling 1-866-PCSAFETY

(and/or 1-866-234-6020 and/or 1-800-936-5700) in the United States and in

Canada or by contacting your local Microsoft subsidiary. There is no-charge

for support calls that are associated with security updates. When you call,

clearly state that your problem is related to a Security Update and cite the

update's KB number (e.g., KB999999).



Or you can...



Start a free Windows Update support incident request:

https://support.microsoft.com/oas/default.aspx?gprid=6527



Consumer Security Support home page & Microsoft Update Solution Center also

offer support options

https://consumersecuritysupport.microsoft.com/

http://support.microsoft.com/ph/6527#tab3



For more information about how to contact your local Microsoft subsidiary

for security update support issues, visit the International Support Web

site: http://support.microsoft.com/common/international.aspx

--

~PA Bear



joe wrote:

> What kind of response is that?

>

>> How long have you been so paranoid?

>>

>> joe wrote:

>>> I have win xp pro sp3

>>>

>>> I lived in a remote area without internet access so never did any

>>> updates

>>> other than the service packs, no internet no threats :-)

>>> I now have broadband and am fully up to date with all Microsoft updates.

>>>

>>> However this latest problem with KB977165 has really scared me. I am not

>>> too

>>> happy about using the recovery tool and how would I have found out the

>>> solution anyway without a pc to access the Internet? ( I am still in a

>>> remote area with no other pc's around )

>>>

>>> So I have a couple of questions for the experts here.

>>>

>>> Firstly, why did my update install perfectly when so many others had

>>> this

>>> huge problem? Was I just lucky?

>>>

>>> Has this kind of thing happened before with bad updates?

>>>

>>> Can I feel safe in downloading these updates automatically.

>>>

>>> I would feel much better if you guys could give me the benefit of your

>>> experience.

>>>

>>> TIA
 
Up your arse.

"Unknown" wrote in message

news:Od$p4fMrKHA.6064@TK2MSFTNGP02.phx.gbl...

> Logical!

> "joe" wrote in message

> news:etMCa$GrKHA.3536@TK2MSFTNGP06.phx.gbl...

>> What kind of response is that?

>>

>> "PA Bear [MS MVP]" wrote in message

>> news:OLyRxLFrKHA.3908@TK2MSFTNGP05.phx.gbl...

>>> How long have you been so paranoid?

>>>

>>> joe wrote:

>>>> I have win xp pro sp3

>>>>

>>>> I lived in a remote area without internet access so never did any

>>>> updates

>>>> other than the service packs, no internet no threats :-)

>>>> I now have broadband and am fully up to date with all Microsoft

>>>> updates.

>>>>

>>>> However this latest problem with KB977165 has really scared me. I am

>>>> not too

>>>> happy about using the recovery tool and how would I have found out the

>>>> solution anyway without a pc to access the Internet? ( I am still in a

>>>> remote area with no other pc's around )

>>>>

>>>> So I have a couple of questions for the experts here.

>>>>

>>>> Firstly, why did my update install perfectly when so many others had

>>>> this

>>>> huge problem? Was I just lucky?

>>>>

>>>> Has this kind of thing happened before with bad updates?

>>>>

>>>> Can I feel safe in downloading these updates automatically.

>>>>

>>>> I would feel much better if you guys could give me the benefit of your

>>>> experience.

>>>>

>>>> TIA

>>>

>>

>>

>

>
 
You must log in or register to reply here.
Back
Top