mike_shupp

CC333 asked "Is it possible to avoid installing those updates while still getting all the others?" Sure, and why not. So far Spectre and Meltdown and other Looming Terrors are primarily of interest to computer science students and working chip designers, rather than the rest of us. Vast hordes of Evial Miscreants out to ruin the PCs and lives of the rest of us haven't materialized yet, and I suspect that if/when they do appear, striking at the vulnerable central core of Vista users is not going to be the primary thing on their mind. So yes, you can skip those particular updates and things will probably go alright. Now maybe, just maybe, you want to dual boot between Vista and Win 10, or between Vista and Linux or something like that -- then you might want to have your system's firmware brought up to modern snuff. That said ... Y'know, at peak performance with a Sandy Bridge, you've got a 7-core processor running at 3.4 GHz. In the WORST WORST WORST circumstances, accepting all the Intel and Microsoft updates intended to cope with Spectre/Meltdown/etc. will cut 30% off your system performance. Which is in some ways dismaying, but in others ... you've got a ten year old chip, you know in advance it's not going to let you conquer the world, And yet by the standards of a few years before that -- 2006 say, when Vista was released to the world --- a 3 or 5 or 7 core computer running at 2.5 GHz would have been absolutely stunning. So. You want to play with Vista? Join the club! Welcome to the club! And don't worry too much about the clubhouse slipping its moorings and falling into all the nearby ravines.

Hmmm. You've got just a month or two of running Vista left, right? Before leaving us old-timers for the greater ... uh, prospects ... of Win 8.1. And for all the hullabaloo at Intel and AMD and Microsoft, the horrors of Spectre and Meltdown and such have so far been more theoretical than actual. Odds are you could run unscatched for that short period without any special efforts -- set the clock back to December 2017, so to speak, and maybe run the occasional manual scan. This wouldn't be a wonderful strategy if you intend to come back to Vista, just to look around say, in another five or six years using your present pc .... but I suppose in five or six years we'll all be reduced to running Vista in virtual machines or sandboxes or containers or whatever-the-hell-the-nerdish-buzzword-is-then. On my system, right now, the best protection seems to be frequent backups. I keep operating systems on smallish partitions (150 GB) on different disks, back them maybe once a month or when I'm about to install something major or change the hardware. And at the first sign of alien intrusion or machine hiccoughs, I shut down Win 7 or whatever, go to another OS, do a full format on the misbehaving partition and reinstall the previous month's version of Win 7, or maybe several months previous. This seems to work; I'll admit I didn't really conceive of it as "an antivirus strategy." It was more of a "How do I get rid of those damned advertising popups and silly bloatware that came along when I installed that stupid trial version of a database" strategy -- and it works for that too.

I've been running a free version of BitDefender, sort of by fluke. They aren't looking for Vista users as customers it seems, but early in 2017, while it was still sinking in that MS wasn't going to keep updating MS SE for Vista, I downloaded half a dozen freebie AV programs to look at, and BD seemed to be the leader of the pack. Simple to set up and operate, with a good record for catching viruses, and nobody screaming much about false positives. So that's good, and it updates itself which is nice. What's bad is that the version of BD I'm using doesn't seem available any more. So yeah there are still updates, and I'd guess the format of updates doesn't change that much that quickly, but ... I can't really predict this antivirus is going to be working in January 2020. And BD has one annoying quirk -- it's suspicious of software tool sets like KarenWare and NirSoft, which are perfectly legitimate and useful but haven't become famous, so it's forever scouting them out on my hard disks and throwing them in Quarantine, for possible automatic deletion, even if I've never installed them yet, So I have backups or can find replacements at Major Geeks, but still ... this strikes me as maybe "over zealous." As a partner to BitDefender, I run both free Malwarebytes Anti Malware and MS Windows Defender to look for spyware and the like. This doesn't give continuous coverage, but you get them both running on different schedules without too much effort. So that's good and the cost is rigjht,

The interesting thing about Dec 2017, of course, is that the updates that month were the last ones unaffected by Spectre, Meltdown, and the other cpu problems that Microsoft continues to deal with. Another interesting thing is that I'd have guessed before this that Vista and Server 2008 wouldn't be much affected -- I'd have thought they were of a vintage that relied on much simpler hardware. I've been lucky it seems; I put an AMD FX-8370 chip in my main machine, and it seems to be old enough and different enough from Intel's chips that I've escaped most of the carnage, while humming along at 4.1 GHz on 8 threads. The flip side of things, it's probably going to be another 2 or 3 years before the major chip firms come up with designs that to solve those woes, which means I've got to wait patiently as my PC's status slides from "almost modern" to "obsolescent" to "landfill," I've been watching my Vista (and my Win 7 and Win 10) system get increasingly overheated over the last year or so, but I hadn't thought about MS antivirus as a possible factor. Though, oddly enough, I had noticed the problem seemed to be worse with Win 7 (running MS Security Essential for AV) than on Vista, where I've been using BitDefender. I've been thinking it was internet-related, since opening up more than window seems to make the heating worse and since some websites seem to be especially prone to troublemaking. Sample of what I mean, I go the RealClearPolitics website with my CPU at 50 degrees C; I open up a couple of tabs to read some stories, and within 10 minutes my system is up to the mid 60s, and I'm not paying attention a few minutes later the cpu is at 72 degrees. And then the system shuts down. If I catch the problem before then, I can switch to a single window at say OutsideTheBeltway.Com and ten minutes probably brings the heating from 70 degrees down to 60. Lots of ads at RCP of course, and hundreds of links ... OTB has just a couple dozen links and only a smidgin of ads. It's a problem, and it's been getting worse. I used to have a Cooler Master in my previous system, but I was always a little antsy about something that involved changing the motherboard, so I didn't want to do that with this system. Fortunately AMD has finally started to sell their Wraith coolers as standalone components, and I bought one just recently to see how it fared compared with the cooler that came as stock on my cpu. And my Lord, it's a wonder! Right now, my cpu is running 36 degrees, and I've had this machine on for the last 12 hours, so that's near enough of a miracle to restore long forgotten faith. Anyhow, it's not just you. PC performance has been deteriorating rapidly enough lately that you can practically see the changes "by eyeball" rather than with expensive test equipment, And this is Not A Good Thing.

Maybe I spoke too soon ... Two weeks later almost I find a couple more .NET Framework upgrades with the July 30 date: For .NET 4.5 : ndp45-kb4346410 For .NET 4.6: ndp46-kb4346407 Again, available only at the Microsoft Update Catalog site.

Truly the give that goes on gifting ... It turns out Microsoft was unwilling to let the month expire without one more round of patches, so for us Vista/Server 2008 SP2 folks as of July 30 there is one additional update: KB4346743, an upgrade for .NET Framework 2.0, in the usual x64, x86, Itanium versions, available only at the Microsoft Update Catalog site. I haven't tried it yet, and I'll probably stall for a couple of weeks, and get to after my next backup. And I think that finally is it for this month.

JohnRichardTLH: I installed the July 11th updates on my Vista x64 system. I got a Does Not Apply message from the KB4339854 update, but everything else seems to run without causing any difficulties. Microsoft has reissued many or all of these patches, but looking at the later versions, at last for X64, I see the same files with the same hash codes, so I suspect they haven't changed at all, but have simply been given new issue dates to agree with the patches for Win 7 thru 10 which were altered. Of course, you should double check since you've got an x86 system, but I'd be surprised if any difference shows up there either. So, you're safe, methinks. On to August!

Well you're braver than I am. I've installed the .NET and IE9 updates and the first two security updates, but it'll be another day or so before I get to another couple of updates -- it's a pain in the patootie figuring out which update to blame when things aren't working well and you've just installed a dozen software "upgrades", so I limit myself to two or three updates at a time and give them a couple days to see if they choke the system in interesting ways. Usually they don't of course. Two months out of three, if that's your definition of "usual".

Oops, so do I. Getting sloppy in my old age, As for the registry patches with the the .NET updates ... I never get them to run --- they want some additional parameter I haven't figured out, so I'm just mentioning them to be complete.

Let's see. I find an update for IE 9: KB4330559 7 Security updates: KB4291391 KB4293756 KB4295656 KB4339291 KB4339503 KB4339854 KB4340583 and two .NET updates, each with six files NET 4.5/4.6 KB4330559 (consisting of NDP45-KB4338417, NDP46-KB4338420, KB3078601, KB4019478, KB4338422, and a registry patch) NET 4.5/4.6 KB4340007 (consisting of NDP45-KB4338602, NDP46-KB4338606, KB3078601, KB4019478, KB4338611, and a registry patch) Look anything like your pile?

I've been hitting the Ask Woody website (https://www.askwoody.com/) for guidance on installing updates recently. Not that it's much good for Vista users these days or folks actually running Server 2008 SP2, but I do have Win 7 and Win 10 setups to maintain. Anyhow, Woody points regularly to Martin Brinkman's ghack.net for descriptions of updates and what they do, f'rinstace (https://www.ghacks.net/2018/06/12/microsoft-windows-security-updates-june-2018-release-overview/) Brinkman covers quite a bit of ground; security updates are just part of it. More focused update attention comes from Dustin Childs at the Zero Day Initiative site (https://www.zerodayinitiative.com/blog/2018/6/12/the-june-2018-security-update-review). This is another recommendation from the people at Ask Woody.

I'm not finding KB4095513 (the .NET Framework update) at the Microsoft Update Catalog, though it is at the MS Support page. I do find the following updates however, KB4099640 (Security Update for .NET Framework ... on Windows Server 2008 R2) and KB4099636 (Security and Quality Rollup for .NET ...), which to judge from the numbers is a later update. Holding off installing things seems to have been a wise idea. Otherwise, we seem to have found the same things, and I haven't actually installed them yet either!