cc333 Posted August 26, 2018 Posted August 26, 2018 Hi All, I've dabbled with Vista off and on over the years since it's release, and I never really found it to be too bad, although I preferred XP and stuck with it until 2014, when I began using 7 more regularly. That being said, I have a Sandy Bridge PC I built here, and I got a copy of Vista Ultimate specifically for it that I'm planning to install. However, I'm concerned to read that the Spectre/Meltdown patches wreck its performance? Is it possible to avoid installing those updates while still getting all the others? Thanks, c 1
mike_shupp Posted August 26, 2018 Posted August 26, 2018 CC333 asked "Is it possible to avoid installing those updates while still getting all the others?" Sure, and why not. So far Spectre and Meltdown and other Looming Terrors are primarily of interest to computer science students and working chip designers, rather than the rest of us. Vast hordes of Evial Miscreants out to ruin the PCs and lives of the rest of us haven't materialized yet, and I suspect that if/when they do appear, striking at the vulnerable central core of Vista users is not going to be the primary thing on their mind. So yes, you can skip those particular updates and things will probably go alright. Now maybe, just maybe, you want to dual boot between Vista and Win 10, or between Vista and Linux or something like that -- then you might want to have your system's firmware brought up to modern snuff. That said ... Y'know, at peak performance with a Sandy Bridge, you've got a 7-core processor running at 3.4 GHz. In the WORST WORST WORST circumstances, accepting all the Intel and Microsoft updates intended to cope with Spectre/Meltdown/etc. will cut 30% off your system performance. Which is in some ways dismaying, but in others ... you've got a ten year old chip, you know in advance it's not going to let you conquer the world, And yet by the standards of a few years before that -- 2006 say, when Vista was released to the world --- a 3 or 5 or 7 core computer running at 2.5 GHz would have been absolutely stunning. So. You want to play with Vista? Join the club! Welcome to the club! And don't worry too much about the clubhouse slipping its moorings and falling into all the nearby ravines. 2
cc333 Posted August 26, 2018 Posted August 26, 2018 Hahaha! Thank you! I am honored to be a member of this club!! :lol: :) So I guess I'll try skipping those updates... if I knew which ones they were, it'd be easier... My system has a modest i5-2500k, so it's not the fastest to begin with, and a 30% performance cut might be too much. People lived for 25 years with this vulnerability, to no effect. Now that we know it exists, it probably won't change anything because it's a fairly hard thing to exploit (there are many other ways a hacker could steal info that are *much* easier), plus, with older OSes, we have some obscurity to protect us. c 1
Jody Thornton Posted August 26, 2018 Author Posted August 26, 2018 (edited) @cc333, look in @greenhillmaniac's repository. They are listed. KB4089229 (Meltdown) KB4090450 (Spectre) Edited August 26, 2018 by Jody Thornton 1
cc333 Posted August 27, 2018 Posted August 27, 2018 @Jody ThorntonNoted. Thanks! To clarify my earlier post, I don't intend to have a cavalier attitude regarding security, it's just that the reality of the situation is that *every* device that has a CPU in it is affected in some way, and probably 80-90% of it will never be updated to protect against this vulnerability (which is mostly FUD, I've come to realize), so there's really not much we can do about it until new hardware comes out that has the flaws corrected, and that isn't projected to happen for at least a couple more years. In the meantime, we can patch our computers (to a point; older ones that can't run a patched OS will never be patched unless something extraordinary happens), but what about our cars? And our network routers? Some of the more sophisticated cars and routers use CPUs not unlike what we'd see in a smartphone, so they're all just as vulnerable, and none will likely receive any kind of patch for it. Does that mean they'll be hacked? Not likely, because the success rate of a Spectre/Meltdown attack is somewhat variable (particularly on older hardware), and one needs to have physical access to the system in question (to my knowledge; I could be mistaken). So does this mean we should forget about security? NO! We absolutely should continue patching things as usual, because there are innumerable other exploits that are potentially much, much more virulent, and must therefore be mitigated ASAP to prevent any data breaches or other such things from occurring. I just think that it may be a waste of time to worry about this particular exploit too much, because it is mostly academic and of limited value to most hackers (in my opinion). c 1
Jody Thornton Posted August 27, 2018 Author Posted August 27, 2018 (edited) The only real issue I see is something that @NoelCbrought up in his analysis of installing Windows 8.1 updates. He is not so sure that skipping updates and installing later ones will produce a stable system environment. The Windows 8.1 and Server 2012 update for Spectre and Meltdown came in March of last year. My intention would have been to keep my system patched, and just skip the March update. I did pretty much the same thing with Vista. I installed the Server 2008 updates all the way through to August of this year, but I skipped the two updates I quoted above. Slight throughput degradation was becoming evident, and higher CPU usage and CPU fans were running while I was browsing. Also whenever I ran uTorrent v2.2.1, I could never close it. Even using Task Manager, you could never kill the task. I'd have to restart Vista completely. So, I uninstalled all of the updates back to March 2018, and I removed MSE (since I heard that it's larger definitions might be responsible for the high CPU usage). Well performance has improved SIGNIFICANTLY. Now for me, it might matter little because I'm almost ready to dump Vista and my old workstation, for a replacement machine with Windows 8. But even then, I only plan to update to a December 2017 date line (just to see if performance stays high). One one hand, I want to be able to patch my system (I don't want to stay at December 2017 forever), but I'm becoming unsure if skipping a month, then installing later patches will not lead to the instability I had recently with Vista. A lot to consider. Edited August 27, 2018 by Jody Thornton 1
cc333 Posted August 27, 2018 Posted August 27, 2018 (edited) Indeed. Well, I'll try it out, and see what happens. I have a fully up to date and stable-as-a-rock Windows 7 install to fall back on if need be. c Edited August 27, 2018 by cc333 1
Ruan Posted August 28, 2018 Posted August 28, 2018 (edited) On 8/23/2018 at 2:41 PM, greenhillmaniac said: Time to make things right and update the repository for July and August's updates. JULY 2018 SECURITY - ("7 - July 2018" Folder)KB4291391 - Description of the security update for the Windows DNSAPI denial of service vulnerabilityhttp://support.microsoft.com/help/4291391http://catalog.update.microsoft.com/v7/site/search.aspx?q=4291391 KB4293756 - Description of the security update for the Windows FTP Server denial of service vulnerabilityhttp://support.microsoft.com/help/4293756http://catalog.update.microsoft.com/v7/site/search.aspx?q=4293756 KB4295656 - Description of the security update for the Windows kernel elevation of privilege vulnerabilityhttp://support.microsoft.com/help/4295656http://catalog.update.microsoft.com/v7/site/search.aspx?q=4295656 KB4339503 - Description of the security update for the Windows elevation of privilege vulnerabilityhttp://support.microsoft.com/help/4339503http://catalog.update.microsoft.com/v7/site/search.aspx?q=4339503 KB4340583 - Description of the security update for the Windows denial of service vulnerability (Spectre for Intel and AMD fix!)http://support.microsoft.com/help/4340583http://catalog.update.microsoft.com/v7/site/search.aspx?q=4340583 AUGUST 2018 SECURITY - ("8 - August 2018" Folder)KB4338380 - Description of the security update for the Windows kernel information disclosure vulnerabilityhttp://support.microsoft.com/help/4338380http://catalog.update.microsoft.com/v7/site/search.aspx?q=4338380 KB4340937 - Description of the security update for the remote code execution vulnerabilityhttp://support.microsoft.com/help/4340937http://catalog.update.microsoft.com/v7/site/search.aspx?q=4340937 KB4340939 - Description of the security update for the remote code execution vulnerabilityhttp://support.microsoft.com/help/4340939http://catalog.update.microsoft.com/v7/site/search.aspx?q=4340939 KB4341832 - Description of the security update for the L1TF variant vulnerabilities (Meltdown and Spectre fix!)http://support.microsoft.com/help/4341832http://catalog.update.microsoft.com/v7/site/search.aspx?q=4341832 KB4343674 - Description of the security update for the GDI vulnerabilitieshttp://support.microsoft.com/help/4343674http://catalog.update.microsoft.com/v7/site/search.aspx?q=4343674 KB4344104 - Description of the security update for the font library vulnerabilityhttp://support.microsoft.com/help/4344104http://catalog.update.microsoft.com/v7/site/search.aspx?q=4344104 NON-SECURITY - ("Extras" Folder)KB4339284 - Time zone and DST changes in Windows for North Koreahttps://support.microsoft.com/help/4339284http://www.catalog.update.microsoft.com/search.aspx?q=4339284 .NET FRAMEWORK SECURITY AND QUALITY ROLLUPhttps://support.microsoft.com/help/4345593http://www.catalog.update.microsoft.com/Search.aspx?q=4345593 KB4344151 - .NET Framework 2.0 SP2 (".NET 2.0 SP2\Security and Quality Rollup")https://support.microsoft.com/help/4344151 KB4344149 - .NET Framework 4.5.2 (".NET 4.5.2\Security and Quality Rollup")https://support.microsoft.com/help/4344149 KB4344146 - .NET Framework 4.6/4.6.1 (".NET 4.6-4.6.1\Security and Quality Rollup")https://support.microsoft.com/help/4344146 .NET SECURITY ONLYhttps://support.microsoft.com/help/4345682http://www.catalog.update.microsoft.com/Search.aspx?q=4345682 KB4344176 - .NET Framework 2.0 SP2 (".NET 2.0 SP2\Security Only")https://support.microsoft.com/help/4344176 KB4344173 - .NET Framework 4.5.2 (".NET 4.5.2\Security Only")https://support.microsoft.com/help/4344173 KB4344167 - .NET Framework 4.6/4.6.1 (".NET 4.6-4.6.1\Security Only")https://support.microsoft.com/help/4344167 INTERNET EXPLORER - (Root folder of x86 or x64)https://support.microsoft.com/en-us/help/4343205http://catalog.update.microsoft.com/v7/site/search.aspx?q=KB4343205 I wonder who needs that timezone update for North Korea The Spectre and Meltdown related updates are marked as such in the repository so you can avoid them if you want. Good patching!https://mega.nz/#F!txxRyLzC!1vBMGzMHiL864f3bl1Rj1w @greenhillmaniac Are you missing KB4339291 & KB4339854 in July's updates? https://support.microsoft.com/en-us/help/4339291/security-update-for-security-feature-bypass-vulnerability-in-windows https://www.catalog.update.microsoft.com/Search.aspx?q=KB4339291 https://support.microsoft.com/en-us/help/4339854/win32k-elevation-of-privilege-vulnerability-in-windows https://www.catalog.update.microsoft.com/Search.aspx?q=KB4339854 Edit: I forgot KB4340007 (.NET) Security Only update for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 https://support.microsoft.com/en-us/help/4340007/security-only-update-for-net-framework-2-0-sp2-3-0-sp2-4-5-2-and-4-6-f https://www.catalog.update.microsoft.com/Search.aspx?q=KB4340007 ------------- Thanks again for keeping your repository updated :) . Edited August 28, 2018 by Ruan 3
greenhillmaniac Posted August 28, 2018 Posted August 28, 2018 1 hour ago, Ruan said: @greenhillmaniac Are you missing KB4339291 & KB4339854 in July's updates? Indeed, I am I've edited my post and added those updates to the repository. BTW, I wasn't sure if I should add the July 2017 Security Only .NET updates because of all the issues they caused, but I guess the August updates fixed all of the issues, so I'll add the updates aswell 2
mike_shupp Posted August 28, 2018 Posted August 28, 2018 @greenhillmaniac I've got a few more .NET security updates. KB4346407 .NET 4.6.1 from 8/10/2018 KB4346410 .NET 4.5.2 from 8/10/2018 KB4346743 .NET 2.0 from 7/31/2018 KB4340559 from 8/16/2018 (contains KB4339422 for .NET 2.0, KB4338417 for .NET 4.5.2, and KB4338420 for .NET 4.6.1) And I'll add my thanks to Ruan's. It's really really good to have something like your repository, which clearly separates Vista/Server 2008 gold from the chaff if other MS updates -- and I speak with the experience of installing two fresh Vista Ultimate systems in the last several months. 2
greenhillmaniac Posted August 29, 2018 Posted August 29, 2018 16 hours ago, mike_shupp said: I've got a few more .NET security updates. KB4346407 .NET 4.6.1 from 8/10/2018 KB4346410 .NET 4.5.2 from 8/10/2018 KB4346743 .NET 2.0 from 7/31/2018 These are actually just regular updates to fix bugs in the .NET July Updates. I did not come across them from my regular sources, so good catching! I'll be adding them to the repository. 16 hours ago, mike_shupp said: KB4340559 from 8/16/2018 (contains KB4339422 for .NET 2.0, KB4338417 for .NET 4.5.2, and KB4338420 for .NET 4.6.1) These are just the Security and Quality Rollups of July 2018, and those are always superseeded by the newest ones available (in this case, the August ones, which I already have in the repository). 16 hours ago, mike_shupp said: And I'll add my thanks to Ruan's. It's really really good to have something like your repository, which clearly separates Vista/Server 2008 gold from the chaff if other MS updates -- and I speak with the experience of installing two fresh Vista Ultimate systems in the last several months. Thank you so much. Just having people using the repo is enough motivation to keep it updated from month to month. If this makes it easier for people to stay on anything that is not W10, it's a victory 3
Chronius Posted September 1, 2018 Posted September 1, 2018 (edited) banana Edited September 15, 2018 by Chronius 1
Jody Thornton Posted September 1, 2018 Author Posted September 1, 2018 I wonder if it's server code, rather than for the base OS. 1
cc333 Posted September 1, 2018 Posted September 1, 2018 OK, so I briefly tested Vista with every post-EOL Server 2008 update (except the Specre and Meltdown ones), and it ran pretty much fine. It felt a bit clunky, but I attribute that to a hardware failure, as shortly after I installed the updates, my PC's motherboard died :( So I now have to find some sort of Sandy/Ivy Bridge thing to replace it, at a price that isn't obscene (I remember when decent used motherboards could be had for ~$50 or less; what happened?!) so I can reuse my CPU. I do have a backup computer I cobbled together running an i7-900-something (soon to be upgraded to a Xeon X5680) and 18 GB RAM, so it's not like I'm stuck without a working desktop :) It's roughly equivalent architecturally to my 2009 Mac Pro (why not use that, you may ask? Well, it's wildfire season here in No. CA, and I want to keep my best computers packed safely in the car so they're ready to go if anything happens, again (I've already been evacuated twice :( ); It's a 40# hunk of aluminum that I *really* don't feel like lugging out of the house in an emergency (been there, done that)). c 1
mike_shupp Posted September 1, 2018 Posted September 1, 2018 11 hours ago, Chronius said: Has anyone have any success with installing KB4338380? (I guess so since it seems I'll be the only one to have problems with it) I just tried installing it and it says it's not applicable to my system? I found this page: https://support.microsoft.com/en-us/help/3057448/the-update-is-not-applicable-to-your-computer-error-when-you-install-w But I'm pretty sure none of the reasons, why it would not install, listed there does not apply to my case. It's on my machine, though just for a few days, and I've no indication of difficulty installing it. Generally, I find that about one update in six fails as "not applicable" to my system. Which I always find disconcerting, to be honest, though I ought to expect such rejections -- I've got an AMD chip as CPU so anything aimed an Intel-based system is going to pass me by. That said, the most common cause for a failing update is that the update has already been installed without being noticed. It's easy to lose track of what's what if you're dealing with numbers of up;dates, especially if you've recently installed an OS and had a couple hundred updates suddenly appear. 1
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now