Home => Windows 7 users without 3rd party antivirus can get the Jan. 2018 Windows bug fixes
January 19, 2018
The January 2018 bug fixes for Windows have a new pre-requisite: a flag needs to be set in the registry. The Meltdown patch was a drastic change and the flag needs to be set by anti-virus software to indicate the software is compatible with the changes.
The discussion of this that I have seen so far, has left me out. That is, the press likes to focus on Windows 10, while I prefer Windows 7. And, the art history majors that write many of the stories are conditioned that Windows needs third party anti-virus - which I don't use. So, I wondered, am I ever going to get the January fixes for Windows, or am I going to have to manually update the registry?
I was installing patches on a Windows 7 machine that had not been updated since mid-November 2017 when I noticed something strange. At first, Windows Update offered to install the December 2017 patches, as you would expect without any anti-virus software installed. But, a later trip back into Windows Update offered to install the January 2018 patches. Who or what had set the registry flag?
Another Windows 7 machine that had also, last been updated in November 2017, offered me the chance to watch carefully.
Windows 7 users get three free anti-malware programs from Microsoft.
From Windows Update, we get a new version of the Malicious Software Removal Tool (MSRT) monthly.
It turns out this is not dependent on the registry flag, I was offered the January 9, 2018 version. After installing/running this, the registry flag was still off.
Included with Windows 7 is the poor man's version of Defender. Windows 10 has software with the same name but the two programs are apples and oranges.
The Windows 7 edition of Defender is also not impacted by the registry flag, so I updated it with the latest definitions (1.259.1638.0). Still no registry update.
Windows Update was still offering to install Windows bug fixes from Dec. 12, 2017. Interestingly, it was also offering a Windows activation fix (KB971033) from Sept. 2, 2014. I have no idea why. Microsoft feels no obligation to educate their customers/victims.
Next, I downloaded and installed the third freebie anti-malware program, Microsoft Security Essentials (MSE). It immediately updated itself with malware definitions from Jan. 18, 2018 and ran a scan that found nothing bad.
Another trip to Windows Update and there they were, the January 2018 bug fixes to Windows. MSE had set the registry flag.
Windows Update also wanted to install updates to .NET as you would expect. What I was not expecting, was a new bug fix out of the blue, one dated April 2012, for Microsoft Visual C++ 2010 (KB2467173). Again, these things are none of my business and further proof that Windows should only be used in a corporation with a dedicated support staff.
Update. Jan. 20, 2018: Important: Windows security updates released January 3, 2018, and antivirus software by Microsoft. Last updated Jan. 6, 2018. Says "In a default installation of Windows 7 SP1 ... customers will not have an antivirus application installed by default. In these situations, Microsoft recommends installing a compatible and supported antivirus application such as Microsoft Security Essentials or a third-party anti-virus application. The anti-virus software must set a registry key as described below in order to receive the January 2018 security updates." I suppose that if you know MSE sets the registry flag, this tells you what you know. But, if you don't know that, this is not clear at all.
|@defensivecomput||TOP||Home => Windows 7 users without 3rd party antivirus can get the Jan. 2018 Windows bug fixes|
|michael--at--michaelhorowitz.com||Last Updated: January 20, 2018 5 PM|