[duffy98]

Since making the switch to XP earlier in the year, I have been in the habit of installing the new XP monthly updates in a day or two after they are released by MS. This month ... for no real reason ... I have decided to wait a few weeks and then download and install them. So I am wondering what others here do ... jump right in and download them or wait awhile, maybe a week or two, just to be sure the updates are OK and not causing problems. My thought is that MS has probably tested the updates enough that they should be OK for the monthly release. I am aware that sometimes an update will be a problem but will be fixed or corrected in a future release.

Still, would just like to hear from other XP users as to just how fast they apply the updates on their computer.

thanks ...

[-X-]

As soon as they are released. There has never been an XP update that in and by itself caused problems. There was that one time were a rootkit was the culprit.

This post has been edited by -X-: 17 December 2012 - 02:29 PM

[jaclaz]

Hmmm.
http://www.mrexcel.c...ting-havoc.html

I guess SP3 is not considered an "update":
http://tech.slashdot...-creating-havoc

jaclaz

[allen2]

If you don't usually update your computer and just installed some critical updates, you might be facing problems. Also some applications might not work after some updates.
The best practices are to backup your system properly at least before applying updates and then apply updates as soon as they are released.

[submix8c]

1 - Turn OFF Auto-Update (permanently - it's for noobs)
2 - Set a Restore Point
3 - download FULL packages to (somewhere)
4 - Install 1-by-1 in date-order
5 - Test stuff
6 - If anything fails and you Uninstall one, be aware of the WARNING you get for anything installed afterwards
7 - Pray and/or curse as the situation warrants

[allen2]

I totally disagree on the 2): restore point aren't safe backup (if your system doesn't anymore, you won't be able to restore anything easily).
For the other points, if you install every updates every time, you usually don't need to test as MS already test those updates in this configuration (and yes you can't have a total confidence in Microsoft but if you don't have at least some confidence in their updates testing then perhaps you shouldn't install any update or install an MS OS).

[duffy98]

Thanks everyone for the input ... I guess I should have added a couple of things in my earlier post. First, I don't let the XP updates download automatically, I have that turned off till I go online for the latest updates, since then it has to be turned back on in order to get the updates. I have been doing a Ghost backup after the updates are installed, so if one month turns out to be a problem, I could easily go back a month to fix the situation ... but over the last five months or so, I always think maybe I should wait a week or two to see if any "news" comes out about a problem. To the best of my knowledge, since starting with XP in May, I have not had any problems with any updates, everything seems to be working OK. I also mostly keep System Restore off but turn it on sometimes when trying some new software ... also use ERUNT to back up the registry.

As I said earlier, just curious what others, who have been with XP longer, do in reference to the monthly updates.

[Joseph_sw]

its prudent to wait a few weeks before installing the 'update' especialy if such updates was to address 'problem' that has no real-life case.

The October 2012 'security' updates for example,. there no such "security-problem" case ever reported,
but the updates are known to degrade the NTVDM subsystem.

This post has been edited by Joseph_sw: 17 December 2012 - 09:48 PM

[CharlotteTheHarlot]

Purely out of chance, the machine I am on has evolved into the front-facing sacrificial lamb to the evil gods of internet malfeasance.

Windows Update is disabled. I haven't even manually ran the update scan in over two years. It is of course behind a router. The Windows Firewall is running ( the XP inbound-only firewall ) but I'd bet I could even kill that without consequence. I am using Opera 99% of the time (version 11.something ), and Firefox for the odd pages and things that cause hiccups. MSIE is very rarely used. And here is the kicker ... It is an Administrator account. ~shudder~

There is no anti-virus ( except for on-demand scan of folders and drives now and then, not because I am infected, but for the odd client devices I am working with ). This computer visits the darkest, deepest and most dangerous corners of the web too. No bull. No drive-by scripts have ever compromised it. No local files have caused problems and believe me I test a whole lot of crap.

Try as I may, I cannot think of something that a critical Windows Update would need to fix as far as security that would affect anything positively. I would expect things might get broken by allowing Microsoft to just keep patching system files over and over again though. I always wondered how an ever-changing codebase can be considered "stable" but that's just me I guess. Anyway. I have always maintained that a properly configured Router + Opera is the first line of protection. It definitely works for me.

However, I have a never-ending stream of infected computers being brought in for repair and it is always one or both of those ( Router + Opera ) that are missing. They always have Windows Updates on automatic so they are up-to-date, and they have a variety of realtime antivirus programs ( murdering the performance naturally ). Yet still they show up in various states of disarray. Go figure.

If you have a spare computer ( or even a HDD with space for a clone of your OS ) just try it.

EDIT: wanted to mention: 'We are screwed!' Fonts eat a bullet in Microsoft security patch ( UK Register 2012-12-17 )

This post has been edited by CharlotteTheHarlot: 18 December 2012 - 05:03 AM

[duffy98]

CharlotteTheHarlot ... very interesting post, after reading the link you posted ( We are screwed!' Fonts eat a bullet in Microsoft security patch ) I guess I'm glad that I decided to wait a few weeks before installing the December XP updates. I don't know if the Fonts thing would affect me directly, maybe - maybe not. I have not installed any Dec updates as yet ... I may just pass on that one update (KB2753842).

You mention the Opera browser ... I had it on my computer back in August but removed it and decided to go with Firefox Portable and SeaMonkey Portable along with K-Meleon (various versions) ... what is it about Opera as you mention "I am using Opera 99% of the time" that makes it safer to use over other browsers?

Thanks again for the interesting post about your setup and how it runs.
...

This post has been edited by duffy98: 18 December 2012 - 10:31 AM

[allen2]

Joseph_sw, on 17 December 2012 - 09:42 PM, said:

its prudent to wait a few weeks before installing the 'update' especialy if such updates was to address 'problem' that has no real-life case.

The October 2012 'security' updates for example,. there no such "security-problem" case ever reported,
but the updates are known to degrade the NTVDM subsystem.

This october update even crashed 2003 server at my work (with boot on san and /PAE). The server was updated in november so we waited and that only delayed the crash. To repair, i added a boot option without /pae in boot.ini and then removed the update and rebooted with /pae but i had a hard time finding the root cause.

This post has been edited by allen2: 18 December 2012 - 02:02 PM

[CharlotteTheHarlot]

duffy98, on 18 December 2012 - 09:44 AM, said:

... very interesting post, after reading the link you posted ( We are screwed!' Fonts eat a bullet in Microsoft security patch ) I guess I'm glad that I decided to wait a few weeks before installing the December XP updates. I don't know if the Fonts thing would affect me directly, maybe - maybe not. I have not installed any Dec updates as yet ... I may just pass on that one update (KB2753842).

You mention the Opera browser ... I had it on my computer back in August but removed it and decided to go with Firefox Portable and SeaMonkey Portable along with K-Meleon (various versions) ... what is it about Opera as you mention "I am using Opera 99% of the time" that makes it safer to use over other browsers?

Thanks again for the interesting post about your setup and how it runs.

Back to Windows Updates for a second because it is at the root of more than a few problems these days. Sometimes they fail to complete, or need a reboot, or spend an hour completing after a reboot. Sometimes they break things. Obviously updates may or may not cause problems, but I just cannot wrap my mind around how an ever-changing code base ( including system files ) is a sign of stability. And I consider it a coin toss as to whether it is a sign of security. I do in fact download the Windows XP updates through the various sites that list the post-SP3 files, and archive them on another computer for safekeeping ( we all should be doing this since they may become unavailable later ). This computer though really has none of them applied for several years. I do update certain files when I need them, stuff like Msvc*.dll. I have only noticed one thing that has become broken, .NET 4.0 which I installed years ago and perhaps some required update since then is now needed because some apps stopped working. It is just not important enough for me to dig into at the moment on an expendable computer. But the "critical" security updates are definitely not applied, ever. Not since 2009 or 2010. Many of them are associated with MSIE and Active-X and the Windows MSHTML DLL so they are inconsequential to Opera in the first place.

BTW, to followup details on my last post, this one is Opera v11.64. Java is enabled ( v6 u30 ) and so is Javascript and all the plugins. Those weird Opera Turbo and Link ( or Sync or whatever ) I disabled when they first were released. Flash is working but is a little out of date since I have been dismissing the update nag for a few months since I heard of some problem in one of Adobe's updates. I'll probably get to it next year. I am using one of the common *ad* blocking lists in the Blocked Content thingie. Actually I have needed to remove a few of the entries since they blocked pages with "ad" in the URL, so my blacklist filter is actually less effective than what most people on Opera actually use ( this is because of that PITA blocked content dialog which still does not have an "Allow This Page" button for when a URL has "ad" in the page name, so you need to either cancel viewing the page or immediately edit the filter. There are actually many little quirks like that in Opera that bug me, but I have used it since version 2 so I am familiar with them. Finally, I made Opera the default browser on this computer so all saved webpages open in Opera. Note, since this occurs, any program that invokes a webpage for F1 help ( far too many IMHO ) get intercepted by Opera ( though a few hardcode MSIE and still open that instead ). This is probably a level of increased security in total.

I definitely don't, and won't use real-time AV again under any circumstances, even if they were proven 100% effective. The trade-off of performance for security I would never accept even at 100% guaranteed. Andt since they are nowhere near 100%, and every single one in existence still comes to me and other techs thoroughly infected, there is no way I can justify ever using them myself at all. Don't get me wrong though. I set up computers for average users and always enable it so I don't get blamed when they click on something stupid. They will do this, they always will no matter what you explain to them or teach them, so it is my insurance policy.

Is Opera the most secure? I really cannot say. Opera has some killer native popup blocking for many years so they really do know what they are doing there. They did it first, and it is practically perfect. When I open the odd page in Firefox I do see a popup now and then ( I have added nothing to FF that I can recall ). This popup blocker in Opera is probably one of the first lines of defense in its arsenal I believe. Popups are where the n00bs always get nailed ( "Important Security Notification, click here!" ).

Opera uses discrete files for its settings and all stored data, not the registry like MSIE. This likely has enhanced their protection as well. I have never even heard of a home page hijack on Opera, but it is always the first thing to go in MSIE since these things are plopped right in the registry. Most of those Opera files are INI style configs, some are XML. Since I have been using it for so long, I have edited many of its files along the way and always try to forward port them every time I use a newer version, even the main Opera*.ini files. Consequently, I may have inadvertently added to the security by keeping entries from way back in the day when we all edited these files by hand and there was no ABOUT:CONFIG or even an Opera forum. I would have to experiment with a fresh new default install to see if there really is a difference, but I have no time for that at the moment.

There is more to it than this of course, more than I know. Look at their forums and dev pages for hard details. But overall I would describe it as a form of security through obscurity because they do most things different than the MSIE method, so it almost qualifies as a quasi-sandbox or VM since the standard modes of attack are aiming at the wrong places. Obviously I cannot speak to whether Firefox is interchangeable with Opera ( i.e., using it 99% of the time ) and whether the same protection would result. For this I would need to reverse the two and spend ten more years experimenting. This is a job for someone else.

Should someone want to do this, I would suggest the first step is to get behind a NAT router and spend an hour going through all the settings and lock it down tight ( and Google a forum dedicated to the exact model and learn from the experiences of others ). Once it is secure, getting behind a browser other than MSIE should be sufficient for most expert level users to survive forever, even without a CPU-slaughtering realtime antivirus.

We are lucky to be in an era where disk prices are so low that no-one has any excuse not to have a set of spare HDDs stashed on the shelf. Grab one, clone your existing OS and use that spare HDD to experiment and you will have nothing to lose. You can always pop the original one right back in and pick up right from there later without missing a beat. To test whether this leaner solution can work for you, disable the AV, or better yet, remove it by the roots. Disable the Windows Updates and stop using MSIE ( and change the default browser to your choice ) and check that the router is configured properly. Now continue browsing and surfing as normal and see if things remain okay.

P.S. I usually suggest using a separate HDD ( while removing the original ) rather than a separate cloned partition on the same HDD because the meaning of a controlled experiment is lost on so many people these days. They are tempted to cross-pollinate across the "drives" anyway for whatever reason ( "well I got room there for this file..." ). Not to mention the fact that should the primary partition somehow get infected, you want 100% assurance that is cannot infect other partitions, this is impossible unless they are well-hidden. The only way to really be sure is to not power-up the other HDD in the first place. It cannot be infected when it is sitting on the shelf.

[jaclaz]

Before this thread becomes the usual Firefox vs. Opera, a couple words of warning to duffy98:
The world is made of two kinds of people:

• those who use Opera (and SRware Iron from time to time )
  
• all the others (using *any* other browser)

The second kind (by far the larger majority, more than 95% of the people using a browser) will endless try to convince the very few in the first group that their Opera browser is inferior (for whatever reasons).
The first kind will simply and silently keep on using Opera (and do things much faster and in a more secure way than the second group ).

jaclaz

[CharlotteTheHarlot]

jaclaz, on 19 December 2012 - 01:40 PM, said:

The first kind will simply and silently keep on using Opera (and do things much faster and in a more secure way than the second group ).

Every time I write about using Opera there is a part of me that says back to me: "Shhhh, stop mentioning it, it's a secret!" for fear that they might get as popular as Firefox or Chrome. At which point they would change to pleasing the masses and the security will suffer as the attacks increase.

I can't prove it but I would bet that successful malware attacks are proportional to overall usage statistics. So I am hoping that Opera stays in the niche zone of a few percent ( normal computers, they have made real gains in the mobile space ) total usage. And let's keep praying that Facebook does not gobble them up.

[duffy98]

Hi ... in reference to the Opera browser, I personally have nothing against Opera. Since switching to XP earlier, I have been trying various browsers ... some stay on the computer for maybe a few hours and then I get rid of them but Opera was on for several months, along with K-Meleon ... two versions at that time till the newer KM Twin came along, so now I have three versions of KM to use. Getting back to Opera, I just didn't like it so I removed it and also at the same time, someone at the K-Meleon forum mentioned that they were using a portable version of Firefox which I downloaded to have handy for times when K-Meleon just doesn't work right with some web sites. Then a short time later I found a portable version of SeaMonkey which I also downloaded as a browser backup ... I rarely use FF and SM, as I said earlier, only when a web page is just about unreadable using the older K-Meleon ... fortunately, it not happening too often yet.

My choice of browser for # 1 is K-Meleon but it's old ... they have lost all the people that could maybe make K-Meleon better for today's internet. Rodocop is trying to do what he can with his newer KM - Twin version ... He posted this just a few days ago in answer to a question about his KM - Twin version:

"To use new Gecko is the main dream of all K-meleonaires. But it's impossible till some skilled coder would get to work on the new KM version."

I started posting about his new version here at MSFN (Software forum) to inform more people about his work in progress and also in the hope that someone with coder knowledge might read about his project and go over and offer to help out. I'm hoping one of the older coders will come back or someone new will show up.

Anyway, I have nothing against Opera, just didn't seem to like it ... don't really like FF or SM either. I have been with KM for many years now and it's just the browser that I like and understand better.

... but back to Windows XP monthly updates ... I appreciate CharlotteTheHarlot taking the time to post all that information ... and others also, it has given me some interesting things to think about, a new way to look at these monthly updates ... for one, I also have not had an anti virus program "running" for over 6 + years ... as I posted about Stinger (Software forum), I keep the latest version handy in a folder to check out a download or something suspicious. I think it's good to hear about all these various setups that people are using on their machines. Personally, after all these years with computers, I am still in "learning mode" from everyone.

...

This post has been edited by duffy98: 20 December 2012 - 05:08 AM

[-X-]

CharlotteTheHarlot, on 18 December 2012 - 04:57 AM, said:

EDIT: wanted to mention: 'We are screwed!' Fonts eat a bullet in Microsoft security patch ( UK Register 2012-12-17 )

Fixed -> http://technet.micro...lletin/MS12-078

[dencorso]

-X-, on 20 December 2012 - 01:00 PM, said:

CharlotteTheHarlot, on 18 December 2012 - 04:57 AM, said:

EDIT: wanted to mention: 'We are screwed!' Fonts eat a bullet in Microsoft security patch ( UK Register 2012-12-17 )

Fixed -> http://technet.micro...lletin/MS12-078

Great news! Thanks!

[tomasz86]

jaclaz, on 19 December 2012 - 01:40 PM, said:

Before this thread becomes the usual Firefox vs. Opera, a couple words of warning to duffy98:
The world is made of two kinds of people:

• those who use Opera (and SRware Iron from time to time )
  
• all the others (using *any* other browser)

The second kind (by far the larger majority, more than 95% of the people using a browser) will endless try to convince the very few in the first group that their Opera browser is inferior (for whatever reasons).
The first kind will simply and silently keep on using Opera (and do things much faster and in a more secure way than the second group ).

jaclaz

Opera is good because it's very fast (same level as Chromium) while being also MUCH lighter at the same time, thus you can use it even on an older computer. I use mostly Firefox nowadays but Opera was my main browser for many years and I didn't really have any serious issues with it.

The real problem is that due to the fact that very few people use it there aren't many extensions available for it. Especially bigger players like Evernote don't even consider making their products available for Opera It's also being developed at much slower pace than Firefox / Chromium which means that some functionalities are added later than in case of the other browsers (ex. the HTML5 drag&drop support). Many popular websites also sometimes aren't completely compatible with Opera (I don't think they even test their code with the browser ).

This post has been edited by tomasz86: 21 December 2012 - 12:06 PM

[jaclaz]

Naah, the real problem are the added costs of deciding NOT to standardize on a single modern browser or to support or allow the use of nonstandard browsers in the enterprise.

http://www.msfn.org/...ost__p__1023199
and following few posts up to here:
http://www.msfn.org/...ost__p__1023280

jaclaz

[ihateusernames]

I used WSUSoffline to download all of the updates last year (about 1GB worth). After installing and verifying that everything seemed to work I backed up the entire HDD (also had a backup of the original OS install without updates), and haven`t checked for anymore updates since then.

Also an Opera user btw, but I have stuck with 9.25 for the past five years. I will not give it up until they un-break the image browsing capability http://my.opera.com/...w=&perscreen=50

edit: lol after posting I decided to do some more research and found out that this behavior can be fixed by editing image.css

This post has been edited by ihateusernames: 23 December 2012 - 03:35 PM