Discussion on:

It's Microsoft Patch Tuesday: April 2010

Are the patches described by Justin giving you trouble this month? Share your experience with your peers, maybe we can help?

I rolled out the new patches via WSUS last night to my test group. So far no complaints or issues.

I patched all of my VM'ed servers last night and pushed them out to my desktops, no complaints so far.

J.Ja

The patches came in when I was working on something, and changing that document was put on hold for at least a half hour if not more. That's a lot of patches.

My organization has many users on various OSes and after last month's update issues, I'm more careful now in approving updates in WSUS.

What I do now is approve the updates for spare laptops/desktops that I have with various OSes and monitor the situation for a few days to a week and if nothing serious crops up, I then roll out the updates, even then, I do it at dept level and not company wide.

A bit long winded I guess but saves me the trouble of a company-wide chaos.

KB979683 keeps trying to install but is unable to do so, yet I get no error messages.

After the Windows XP loader/splash screen does its thing, I just get a black screen. It won't go to the login. I tried running in safe mode, and it just freezes before anything comes up. Did the update just force me to format?

Breaks BlackBerry Administration Service. The service keeps terminating unexpectedly. I had to remove it & reboot. The service ran successfully thereafter! Ofcourse not the best solution considering this is a security update but what to do? Unless someone else has a better solution. Microsoft? Blackberry?

Why would anyone respond by posting mindless banter about Bill Gates, MAC vs PC, or Windows 7 vs Vista? The question is are you having any issues related to installing the April patches. I support at least 1500 computers, and roll-out through WSUS only after I come here and check a few other resources on the web. I would never just blindly let patches go out without first having a test period. My point is, please don't respond unless you are actually having a problem with a specific patch.

Well, since I received the TechRepublic e-mail containing this item on Wednesday, April 14th, it's a little late.

If you want to get the notification faster, subscribe to the RSS feed, or check this area on Patch Tuesday in the afternoon. We almost always have this piece posted before the end of the work day (Eastern Time) on Patch Tuesday.

J.Ja

I've had two cases of systems booting to a blank screen after apply the April 2010 updates. Got a windows splash screen then blank. Tried multiple reboots but no joy. 1 XP 1 win7 was able to boot in safe and use system restore to repair.

Since I was a noble Vista user and applied all the patches they gave me to apply...

My IE has become so bogged down that it's not even funny, and Vista 32-bit Home Premium works at a crawl.

I'm about ready to just backup my data, wipe the drive, and install XP Pro x64 on the thing.

Never had this much trouble with an OS in my life, and the issues all coming over time from MS's own updates.

First of all most issues with Vista crawling is lack of adequate hardware, second of all, if a x86 version of OS is going slow, why make the jump to x64!? XP in 64bit mode, prob uses more resources then Vista in 32.

XP Pro uses less resources out of the box for sure than Vista. Since the box is a 64-bit CPU and memory architecture, I doubt it would use any more resources. Probably less, since it wouldn't have to track big/little endian.

I'm not paying for a Win 7 x64 upgrade. Dell forced me to take Vista with the laptop when I bought it, then 2 months later offered XP again and would not give me a free conversion.

Hence, I now buy other brand laptops.

BTW, I have 4GB RAM, 250GB HD, dual-core AMD Turion processor, etc.

It's not a lack of hardware in it. It's poor patching to Vista.

I think every computer running vista would be slow. Mine purrs along like a finely tuned sports car. I think you are having other issues with your computer.

I applied them to my XP pc at the office and have had no problems. All applications are working just fine. I applied to my home XP laptop last night and had no issues there either. I plan on applying on my home Win 7 this afternoon.

I had about 8 security downloads pop-up, installed and on restart I got a black screen with ntoskrnl.exe is corrupt, reinstall this file. I have boot files in a separate dir off the root so not a problem, but I would consider the error significant. Unfortunately I do not know which download caused it, so I am not installing any of these again until I know which one is at fault.

if operating systems were more like Mac,there would be no need for all of these upadtes and don't get me wrong I use windows 7,works great, but all of these patches and updates I'm not sure, think I AM GOING TO RETHINK Mac.

I know the perception is that MAC / Unix / Linux don't require the number of patches that Windows systems do, but it is only perception. The actual reality is that MACs and other systems do need regular updates and patches. When I worked for a larger company, our Unix team patches their servers just about every week.

From MAC web site: Apple frequently releases software updates that you can download. The Software Update feature in Mac OS X makes it very easy to determine and get exactly what you need.

Microsoft makes is easier, IMHO.

6 systems, all 6 hung during the reboot process. Not good - everything from XP pro to 7 pro and 1 2k3 server. Non-Reboot Wednesday morning sucks.

Sandboxie stopped working after installing the Microsoft patch but a fix is available on the Sandboxie website

Kb980469 Wont install? Win XP ??

KB981432 " " " XP ??
It has tried 30-40 times just says Update failed, no Explanation It was also trying to update a program I removed a month ago??

Whats the problem here.. Is everything that microsoft produces a piece of junk.. What are they worth.. a few billion, maybe into the trilions.. and they cant hire a crack squad of hackers to debunk their stuff before it releases.. patch after patch.. after security release.. enough.. really its pathetic that the microsoft team wont get on board with protecting his product better. Is it really that hard to do so? Linux does it every day.. heck even apple.. why is their such continuous problems with microsoft.. it gets old.. and they can do something about it.. realy Justin, you need to start leaning on why microsoft leaves their product so open to abuse.. perhaps if a global group come together to say HEY, then maybe we can get some performance out of microsoft.. For real.. this is rediculous.. week after week.. the same ole slide of hand routine.. Its like getting up in the morning and taking a shower.. Oh.. my computer needs an update to security vulnerbility, 234556.. cause their multibillion opertion cant do their job right..

It doesnt make sense why higher accountability is not held to microsoft, why we the consumer should have to interpret reasoning for the application of a patch or fix.

If you read justins remarks.. each patch or fix is based on a vulnerability to take over a machine. Can somebody please show me each of those vulnerabilities? It seems like each one is always about taking over your computer.. has anyone actually reality checked this? Confirmed that in fact.. your operating system, prior to this patch, is in fact, what the patch claims to do, then apply the patch, to show that it is fixed. I think allot more time needs to be spent auditing microsoft for accuracy to their statements or is it fear tactics. The boogieman will get into your computer if you dont apply this patch???

Bill Gates is not really involved anymore. You might also remember that the other operating systems you mentioned get security patches on a regular basis.

Modern operating systems are complicated, they have security holes and bugs that need to be fixed. This not just a Microsoft or Windows thing - it is just a reality of the age in which we live.

So your take away from my comments was the word bill gates.. ohh boy.. Granted BG isnt involved as much, who cares.. that isnt and wasnt my point by any means.. you have to look at the principal of my comments.

How many files again are being updated based on the same explaination. Your computer can be taken over.. is that virtually or physically and can you prove it or should we take what you say at face value?

I fully disagree with you regarding your comments on other OS's.. and know upfront, I'm a windows guy across the board. BUT..

We have a mac shop in house here, they rarely need anything, rarely give us any troubles, they just run and operate far better then windows products. Yes they do update every so often, but 9 times out of 10.. its something minor. And if its something important, its called Critical.. which really doesnt happen that often.

Compare that to week after week on windows of "update with this patch or your computer will get taken over, appears to me to say, CRITICAL" every week..

Fact is our mac's are 6+ year old G5's and they run faster and better then our 2-3 year old Commercial IBM Intellistations, think bricks and similar machines... hands down. sad but true..

Our commercial servers and NAS boxes on linux are the same scenerio, rarely give a problem, most updates are minor. I dont remember the last time something Critical was updated.

Our windows machines.. a whole different animal.. their soo buggy, unreliable, constantly have problems from every angle imaginable. If its not a virus, its malware, if not malware, then logs filed up and performance is shot, slow boots, exchange connections are lost and restored, printing hassels, you have to live off task manager, click a bunch of OK's to bring it up and start shutting down processes just to get some extra apps open so you dont trigger a virtual memory is low warning.

Active directory.. i have a phrase for that.. "Security security, we're insecure". and if we are secure, who can actually guarentee it, with microsoft pushing umpteen security patches every week and giving very little support on it.. how do you test it and for that matter, whats the cost assocaited with reauditing your entire network on a bunch of security patches that state the same issues????

Really.. just to apply the patches of the april version.. think about it.. give us full factual ability to test this in our own networks first.. for example, a patch TEST and reproduction TOOL..

To simply say, "This patch will elimante a security threat that could enable someone to remotely take over your computer" isnt acceptible.

Then if you click more details.. it says the same thing.. or refer to KB article 12345..which essentially says the same thing. A vulnerbility was reported that could enable a attacker to..

Show me proof of each patch's claim. Show me straight forward how to test what you say, to recreate such exploitation, show me the documented effect of how it was done, how it was discovered, document why they didnt know this would happen when the code was originally written by them. Provide testing procedures and tools for each set of patches to see how it will affect an array of networks from a AD security level, server level, network level, to a workstation and remote operational level. Show me the performance change such will likely cause. How to measure and benchmark it, provide any other better solutions then updating the code, like, close a port, harden a server, tweek the registry..

I personally can not think of a single reliable tride and true, out of the box product from microsoft that has ever just done what it says it will do.

Your comment of, this is the age we live in.. Are you for real.. thats a cop-out and weak at best.. The age we live in expects and demands more. Accountability is mandatory in today's age we live in at minimal. People expect their best interests to be accomondated, when that doesnt happen.. the public looses trust. Something quite influential out there is called public opinion, and just about everything that happens in the country occurs by public opinion. From who should be prosecuted, or what war to start, to the stability of financial market is channeled by public opinion.

My public opinion on this Patch Tuesday quarrel is microsoft is being non-affirmative, not being forthcoming to present facts and well rounded solutions across the board.

I guess for lack of a better example, like that mac commercial, where it shows the history of windows and BG saying, "this windows wont have problems".. seems to confirm what im saying.

Heck if the latest vulnerabilities are going to cause an attacker to take over my computer.. GREAT.. maybe they'll be nice enough and do my work for me also since their soo interested in what im doing.. Have at it, i'll leave a To Do list on my desktop..

Hello people, a dozen patches all about the same thing... dont you think thats a CRITICAL problem.

You are very passionate about this I can see, but here is what I said:

Bill Gates is not really involved anymore. You might also remember that the other operating systems you mentioned get security patches on a regular basis.

Modern operating systems are complicated, they have security holes and bugs that need to be fixed. This not just a Microsoft or Windows thing - it is just a reality of the age in which we live.

To sum it up, I said all operating systems receive patches and life is complicated. You can disagree with that statement, but I think most would agree that is just the way it is.

As to your trouble with Microsoft products, I can only say that I have not experienced as much trouble as you have. And that, as much as I would like to, I am not really in a position to do much to help you except offer a brief explanation of the patches each month.

Many of the problems with these vulnernerabilities come about because the code is written in C and C++, where a simple typo can result in a security hole, and it is very hard to find. On top of that, these are million line applications... if you can write a million line novel, or do some task in your job a million times, without a single mistake, you are a better person that I am!

J.Ja

Beware on 64 bit OS'. (I only had problems on 64 bit systems)
On Win7 Ultimate and XP Pro 64bit OS' I had to restore the system. Trying to find the problem was only partially successful; the problem disappeared when I installed the office10 updates individually, while trying to isolate the problem.

the only problem I have is that most updates fail on all my systems unless I install them individually
meaning select custom install,
empty the check boxes of all but one update and then install it
when I did that this time around the first few installed and then over half of the rest vanished from the list and won't come back even if I go delete them from the "\Software Distribution\Download" folder and stop the update service and restart it they never come back? huh?

if I do allow all to install at once I can check with the MS Updates site and it will tell me if any failed and usually there's at least one that shows as failed,
but usually they all report installation success with the little round green check when I do the updates as individual installs.