A Shortened List of Hotfixes

[mraeryceos]

Strategy: to use the oldest operating system that is still mainstream.

Why: the older operating system was meant to run on older hardware (less code, faster system).

At this time, I believe that is Windows XP SP2, released in Aug 2004. I want to add as few updates as possible, especially not ones like microsoft genuine advantage.

****** Security Update selection method:

Which viruses were successful? By what security vulnerability did notable viruses spread?

http://en.wikipedia.org/wiki/Timeline_of_computer_viruses_and_worms

Most spread by user naivety: trojan horses

KB912919 bifrost - graphics rendering vulnerability

KB958644 conficker - server service vulnerability

KBxxxxxx stuxnet - (which vulnerabilities are exposed without a user browsing the website or opening a download?)

****** Desired or improved functionality selection method:

KB932716 imapi dvd burning

KB896256 multi-core hotfix

KB917021 wifi update (security)

I have the feeling that if I learned about each update individually, that I would be selecting a lot more updates, but, I don't want to read about each and every hotfix.

I was wondering if others would be interested in posting hotfixes they would not do without (probably very few of you, since the majority believe in applying all the patches from microsoft). A description of why the update is important to you would be nice.

edit: I would like to add, that I have been without real-time protection on an unpatched system for over 10 years without having been infected by a virus (while not using IE, and using a sandbox for peer-to-peer-network downloads)

Edited December 16, 2010 by mraeryceos

[GrofLuigi]

I would very much like to have this on any Intel processor newer than Core Duo. I am not sure anymore, but I think it's for XP SP2.

What I would also hunt for: the latest hotfix for the SP that includes ntfs.sys, usb*.sys... well, I'd update everything I can. Not for security issues described in the bulletins (I think the dangers are overrated anyway), but because of bug fixes. I think there isn't a big difference of CPU/memory usage, performance etc. within one service pack.

Also, most of them are cumulative, i.e. you can find newer version of Ntoskrnl.exe etc. (listed in your second KB number) which still has the funcitonality desribed in KB896256, but also many other bug fixes.

GL

[Glenn9999]

Strategy: to use the oldest operating system that is still mainstream.

At this time, I believe that is Windows XP SP2, released in Aug 2004. I want to add as few updates as possible, especially not ones like microsoft genuine advantage.

Actually, that's XP SP3 since service pack 2 was discontinued for updates and most of the newer patches will not run on SP2 anymore. A great many things require WGA (892130) as well, which means you will be doing without an awful lot. This seems to suit you, so I won't say any more on this.

I have the feeling that if I learned about each update individually, that I would be selecting a lot more updates, but, I don't want to read about each and every hotfix.

The attitude that you have chosen to take pretty much necessitates that.

edit: I would like to add, that I have been without real-time protection on an unpatched system for over 10 years without having been infected by a virus (while not using IE, and using a sandbox for peer-to-peer-network downloads)

Which is only by luck and not anything you have done, assuming it hasn't already happened to you and you don't realize it. In this day and age, getting hit by a virus or malware is not a matter of if, but when, if you are connected to the Internet.

[mraeryceos]

Thanks GrofLuigi !

Note the cpu update is not compatible with older cpu's:

"The update that is described in this article is not supported on computers that use an older Intel Pentium together with a Family 5 CPU or earlier versions of the CPU."

Also I'm a bit astonished at the number of USB updates.

Strategy: to use the oldest operating system that is still mainstream.

At this time, I believe that is Windows XP SP2, released in Aug 2004. I want to add as few updates as possible, especially not ones like microsoft genuine advantage.

Actually, that's XP SP3 since service pack 2 was discontinued for updates and most of the newer patches will not run on SP2 anymore.

Technically, yes, but I think there is an easy workaround.

A great many things require WGA (892130) as well, which means you will be doing without an awful lot. This seems to suit you, so I won't say any more on this.

What requires WGA? If I think it's what you mean, I can download anything from MS. Run their dingy (sandboxed), put in the code, and download.

edit: I would like to add, that I have been without real-time protection on an unpatched system for over 10 years without having been infected by a virus (while not using IE, and using a sandbox for peer-to-peer-network downloads)

Which is only by luck and not anything you have done, assuming it hasn't already happened to you and you don't realize it. In this day and age, getting hit by a virus or malware is not a matter of if, but when, if you are connected to the Internet.

Yes, my testbed, fully patched, which I ran Internet Explorer on, got viruses more than once. For fun, I would browse to the same sites with Firefox and my unpatched system (the one you have attitude about).

Edited December 17, 2010 by mraeryceos

[Yzöwl]

@ mraeryceos, before this Topic starts to go the way I'm expecting it to already, please read below.

If you have good reason why you don't want specific updates, hotfixes, service releases etc. please make your case for that decision. Do not however, state your decision and then provide multi quote responses to whatever you're not in full agreement with, giving unquantified half-answers and pointless jibes at respondees.

[mraeryceos]

Just the facts, Ma'am

[Yzöwl]

Fair enough, Topic Closed!