Get Windows Update locked down in preparation for this month’s problems
Credit to Author: Woody Leonhard| Date: Mon, 12 Feb 2018 06:44:00 -0800
January 2018 will go down in history as one of the worst patching months in Microsoft’s very checkered history. That isn’t an isolated muck-up. It’s a harbinger. We had a couple of really bad months in 2017 — February and November come immediately to mind — but an unconscionable number of patches left bricked machines and busted programs in their wake.
With the onslaught of February security patches due tomorrow, you should take a few minutes to make sure Microsoft’s problems won’t immediately turn into your problems.
Security luminary Brian Krebs has already reported that we’re in for a potful of patches for February’s Patch Tuesday. His list of ten critical patches due out tomorrow should give you pause.
(By the by — in case you didn’t know — Microsoft sends out a list of its upcoming patches every month, late in the week preceding Patch Tuesday. That list only goes to large installations that pay for the privilege. Theoretically, the list is under NDA, but in actuality everybody passes it around. The list used to be widely and freely available. Now it’s under a pricey fig leaf. Another entry in the “security by obscurity” tradition, with a pecuniary twist.)
As is always the case, folks who aren’t willing or able to keep their machines updated should turn on Automatic Update and pray that the Update Gods don’t swallow their machines whole. Contrariwise, Windows users who understand what’s happening should take the necessary steps right now to make sure their machines are braced.
Get out of the unpaid beta testing pool. Set yourself a reminder, if you need one, to check back in a few days and see if the screams of pain have reached, oh, let’s say, January levels.
If you’re using Windows 7 or 8.1, the Automatic Update block is easy: Click Start > Control Panel > System and Security. Under Windows Update, click the “Turn automatic updating on or off” link. Click the “Change Settings” link on the left. Verify that you have Important Updates set to “Never check for updates (not recommended)” and click OK.
If you’re on Windows 10 Pro Creators Update, version 1703, or Pro 1709, you can use Windows’ built-in tools to hold off on the looming patches — just follow Steps 7 and 8 in 8 steps to install Windows 10 patches like a pro. Other Windows 10 users, including all Win10 Home owners, aren’t quite so lucky, but the general approach is detailed in Woody’s Win10Tip: Block forced Windows updates.
A few minutes now could save you hours of headache. Get Automatic Update turned off, then watch here, or on your favorite bug reporting site, to monitor for widespread pandemonium.
If you find a security “expert” who tells you to turn on Automatic Updates after all the hassles we had last month, send ‘em to the AskWoody Lounge and we’ll knock ’em upside the head. Those who don’t know history are destined to repeat it.
Join the MS-DEFCON 2 brigade on the AskWoody Lounge.
http://www.computerworld.com/category/security/index.rss