pcalvert

Woody Leonhard recently pointed out that there are two new suspicious updates: Source: MS-DEFCON 3: Get patches installed, except for a couple I downloaded both of them. Here are the file names (and other info): 1150451 bytes Mar 2 19:02 windows8.1-kb3103709-v2-x86_b99cdf57e8814c1a882ece313690c5431068847d.cab 11592414 bytes Mar 2 19:16 windows8.1-kb3115224-v2-x86_55b4b6444674bcddcb9922b0dea12b0e7dd15ef9.cab Obviously, those are for the 32-bit version of Windows 8.1 Notice that both updates have "v2" in their file names. I checked my collection of updates to see if I have earlier versions of these updates. I do not. Phil

This program might save you a lot of aggravation: Portable Update. It's what I use. I never use Windows Update or automatic updates. Here's another program that might be useful: ABC-Update. I haven't used that one yet, but I have at least one idea on how I might use it. Since it's a command-line utility, I was thinking of creating a batch file that uses ABC-Update to uninstall all of the suspect updates that are listed on the first page of this thread. Phil

I believe that Woody may have the answer: Phil

Or use both. I like the extra control (and capabilities) that running Windows in a virtual machine gives me. For example, I can easily (and conveniently) deny Windows internet access and enable it only when I need it. There are also other options. Like this one: ReactOS 0.4 brings open source Windows closer to reality Thanks to the direction that Microsoft has been moving in, I believe that project is likely to see an increase in donations in the coming years. Phil

That may be so, but they are not free. Crystal Anti-Exploit is free, and it seems to be very strong protection (perhaps too strong in some cases). I tested Crystal Anti-Exploit using SurfRight's Exploit Test Tool, and it failed to block only two of the tests. Phil

Instead of EMET I use Crystal Anti-Exploit. It seems to offer far better protection on Windows XP than EMET. Unfortunately, some web browsers malfunction or act rather sluggish when protected by Crystal Anti-Exploit. You can read a tutorial and some discussion about it here. Phil

I just found this article while doing research on the Windows 10 issue: Banishing 'Get Windows 10' nagware isn't as easy as you think There's some very interesting (and useful) information in that article. Phil

A friend sent this to me today: Microsoft Reveals Real Cost Of 'Free' Windows 10 Phil

Do we need to do both of those things, or is running Cert_Updater.exe enough? Phil

Yup. And here's another option which looks very cool: Qubes OS.

Hi Dave, Thanks for the advice. I installed all but the most recent ones -- the six updates that were released within the last three months. So far, so good. Now I guess I'll make an image backup of the OS and then go ahead and install the remaing six updates. Phil

If you were to run Windows XP in a virtual machine then it wouldn't matter. And there are enough other advantages to this approach to make it an attractive solution. Phil

I just applied the POSReady 2009 registry tweak and now there are 43 updates ready to be downloaded and installed. Would it be safe to go ahead and install all of them? Phil

The first step in the recovery process is to clone those partitions, saving the data as raw image files. Then make copies of those image files and perform the data recovery on the copies. That way, if you mess up you won't cause further damage, and you can try different data recovery techniques (if desired) by starting over with a fresh copy of the file system. Phil

Supposedly, you have a 30-day period in which you can uninstall the upgrade and "roll back" to your previous OS. After that, going back is more involved (i.e., reinstall from scratch, restore from disk image backup). Phil

I believe that this solution may work for you: http://www.msfn.org/board/topic/173752-how-to-avoid-being-upgraded-to-win-10-against-your-will/page-5#entry1104263 Phil

This program might help: http://www.portableupdate.com/ You can use it to search for updates. If it finds any, you can then download them and install them manually. Phil

This is what I use: http://www.portableupdate.com/ Phil

When used on newer versions of Windows, such as Windows 7 and Windows 8, does Batch Patcher use DISM to install the updates? Phil

Yes, there is a capicom.dll in the system32 folder. But another thing that's strange is that it appears to already be at version 2.1.0.2. Out of curiosity, I went ahead and installed the update. The DLL in the update appears to be identical to the one in the system32 directory (identical SHA1 values). Phil

Yesterday I ran MBSA 2.3 on a recently-installed Windows 8.1 Enterprise system (32-bit). Two of the suggested updates seem a little peculiar: capicom-kb931906-v2102 and msxml6-kb925673-enu-x86. The reason they seem peculiar to me is their age -- the dates on those files are 05/01/2007 and 10/09/2006 (MM-DD-YYYY), respectively. Here is some more info: Ref: http://www.microsoft.com/en-us/download/details.aspx?id=3207 Ref: http://www.microsoft.com/en-us/download/details.aspx?id=9528 Any thoughts? Phil

Hi bphlpt, Thank you for your suggestions. I had been thinking I'd slipstream updates and (maybe) hotfixes using HFSLIP and then use nLite to remove unwanted software and add some tweaks, but then I began wondering if that approach is really such a good idea. If there is at least one good reason to use both, then I'll consider it; otherwise, I am inclined to use only one tool (nLite). I figure I'm less likely to run into problems that way. Phil

Thanks for the suggestions. It's unfortunate that we are forced to extract the updates to see what is in them. However, 7-Zip does seem to work on at least some updates for older versions of Windows (pre-Win2K?). Example: 7z t WindowsNT4Workstation-KB841872-x86-ENU.exe7-Zip 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18p7zip Version 9.20 (locale=en_US.utf8,Utf16=on,HugeFiles=on,2 CPUs)Processing archive: WindowsNT4Workstation-KB841872-x86-ENU.exeTesting hotfix.exeTesting psxss.exeTesting hotfix.infEverything is OkFiles: 3Size: 198518Compressed: 119104That will come in handy if I ever get around to experimenting with Windows NT 4.0. Phil

Is there a way to test updates or list their contents without expanding them? I was planning to use 7-Zip for this purpose, but it doesn't work. Example: 7z t windowsxp-kb2115168-x86-enu_675e6a32a90807671042e4de6b1f10a2fd82b157.exe7-Zip 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18p7zip Version 9.20 (locale=en_US.utf8,Utf16=on,HugeFiles=on,2 CPUs)Processing archive: windowsxp-kb2115168-x86-enu_675e6a32a90807671042e4de6b1f10a2fd82b157.exeTesting _sfx_manifest_Testing update/update.verTesting _sfx_.dllTesting _sfx_0008._pTesting _sfx_0009._pTesting _sfx_0010._pTesting _sfx_0001._pTesting _sfx_0003._pTesting _sfx_0006._pTesting _sfx_0007._pTesting _sfx_0012._pTesting _sfx_0000._pTesting _sfx_0011._pTesting _sfx_0005._pTesting _sfx_0004._pTesting _sfx_0002._pEverything is OkFiles: 16Size: 521380Compressed: 552832 Being able to test an update would be ideal, but is not a requirement. I mainly want to be able to list the contents. Phil

Thanks for the explanation. Phil