Reinstall Win7 what updates to avoid for telemetry & winX preparation?

Speaking of telemetry, firefox browser has also a telemetry that can modify it. For other browsers, I don't know.

Marie SWE said:

And if, right then in that moment it happens they can get access to my computers virtual memory. And IF i in that specific moment have any useful information in my virtual memory and if my firewalls accept the outgoing traffic to the hackers, then they could use the information.

It's a lot of If's, as i have understand it. Or am I wrong?

I'm not familiar with virtual memory, but if it is refer to hardware or chips, there's no any information in there, only data or a string of bits (101010111) reside in it temporarily. I don't think is possible a source of information remotely

By the way, If appropriate, I have a question to ask here about these vulnerability of spectre and meltdown and telemetry, what would be the effect if the OS is in a virtual environment? Is the host become vulnerable too? Or is okay to update all updates?

Thanks,

Thanks, Marie, for the extensive list in post #30. I appreciate the brief description you added beside each KB update.

My preferred method of updating a clean install is via WSUS Offline Update, which downloads all currently active updates for offline installation on any system, not just the system on which the downloading is being done. It only concerns itself with critical/security updates, not the optional updates.

I've compared Marie's list with what WSUS Offline Update says are currently active updates, and only 11 of those on Marie's list appear to still be active:

KB971033
KB2670838
KB2830477
KB2834140
KB2882822
KB2923545
KB2976897
KB3042058
KB3086255
KB3159398
KB3161608

I think that implies the rest have been superceded and wouldn't be offered by WU anymore. It's also possible some on Marie's list might be categorized as optional (e.g., perhaps the time zone updates?), which could still be active but WSUS Offline isn't checking those.

Nevertheless, it's always preferable to have more information than too little, so Marie's legwork to pull together that list is appreciated. If nothing else, it can be useful for checking what updates might already be on your system and candidates for uninstallation.

If anyone is interested, I cut-and-pasted Marie's list (from KB894199 through KB3161647) and ran it through a quick perl script to convert it to a .cmd file that can be used to bulk uninstall the updates on Marie's list. (I didn't include Marie's monthly rollup list, because I think she only meant to list them, not necessarily uninstall them.)

To use the attached .cmd file, extract it and place it on your desktop. Right-click and choose to "Run as administrator". It will look for any updates on Marie's list and, if found, uninstall them. Finish with a system reboot.

Of course, it would be wise to make a backup image of your OS partition before doing this, just in case uninstalling one of those updates destabilizes your system. I tried the .cmd script on a Win7 VM, with no adverse effects, but better to be safe than sorry.

WOW Marie SWE, what a briiliant job, it is really appreciated .
I will spend some tme today hopefully looking through the list in more detail.

Hi dg1261,

dg1261 said:

I've compared Marie's list with what WSUS Offline Update says are currently active updates, and only 11 of those on Marie's list appear to still be active:

KB971033
KB2670838
KB2830477
KB2834140
KB2882822
KB2923545
KB2976897
KB3042058
KB3086255
KB3159398
KB3161608

I think that implies the rest have been superceded and wouldn't be offered by WU anymore. It's also possible some on Marie's list might be categorized as optional (e.g., perhaps the time zone updates?), which could still be active but WSUS Offline isn't checking those.

That is an excellent bit of detective work.
Just as a side mention dg1261, I have a thread open about Batch .CMD script if you could have a quick look at it for me please.

dg1261 said:

Thanks, Marie, for the extensive list in post #30. I appreciate the brief description you added beside each KB update.

My preferred method of updating a clean install is via WSUS Offline Update, which downloads all currently active updates for offline installation on any system, not just the system on which the downloading is being done. It only concerns itself with critical/security updates, not the optional updates.

I've compared Marie's list with what WSUS Offline Update says are currently active updates, and only 11 of those on Marie's list appear to still be active:

KB971033
KB2670838
KB2830477
KB2834140
KB2882822
KB2923545
KB2976897
KB3042058
KB3086255
KB3159398
KB3161608

I think that implies the rest have been superceded and wouldn't be offered by WU anymore. It's also possible some on Marie's list might be categorized as optional (e.g., perhaps the time zone updates?), which could still be active but WSUS Offline isn't checking those.

Nevertheless, it's always preferable to have more information than too little, so Marie's legwork to pull together that list is appreciated. If nothing else, it can be useful for checking what updates might already be on your system and candidates for uninstallation.

If anyone is interested, I cut-and-pasted Marie's list (from KB894199 through KB3161647) and ran it through a quick perl script to convert it to a .cmd file that can be used to bulk uninstall the updates on Marie's list. (I didn't include Marie's monthly rollup list, because I think she only meant to list them, not necessarily uninstall them.)

To use the attached .cmd file, extract it and place it on your desktop. Right-click and choose to "Run as administrator". It will look for any updates on Marie's list and, if found, uninstall them. Finish with a system reboot.

Of course, it would be wise to make a backup image of your OS partition before doing this, just in case uninstalling one of those updates destabilizes your system. I tried the .cmd script on a Win7 VM, with no adverse effects, but better to be safe than sorry.

You're welcome, and thank you for the link to WSUS. :)
Yes, I felt that a brief description was necessary, as I get so frustrated to see a text that KBxxxxx is bad to install. But then it's noting about why? perhaps it is something that is good for me but bad to the other person.

You're right, it's mixed critical and optional updates I did so as some optional updates can be good in some situations. so then it might be good to know what's what.
And this is a Be aware of list.. not all bad bad updates :)
spot on:) you are right, there are not many who are active. But if you have a computer with a 2-5 year old installation and do not want or are too lazy to reinstall it. Then the old ones can also be good to know about.
I'm so lazy and I'm refuse to reinstall my computers if I'm not forced,forced,forced to do it.. as I am now with two of my win7 computers. *hahaha*
One of my computers have a 14 year old installation and it works but can be a "little" slow sometimes, but I'm really too lazy to reinstall it .. it still works even though it takes about 4 minutes to boot it *Hahaha*

Thank you very much for your job to make a .cmd file.
Oh yes.. backup,backup,backup, always make a backup. I learned that lesson the hard way with my AMD computer and January's security update

Paul Black said:

WOW Marie SWE, what a briiliant job, it is really appreciated .
I will spend some tme today hopefully looking through the list in more detail.

That is an excellent bit of detective work.

Thank you very much and you are welcome.
Yes, it took three almost four days to make the list, but it's worth all the time now afterwards.

dg1261 said:

If anyone is interested, I cut-and-pasted Marie's list (from KB894199 through KB3161647) and ran it through a quick perl script to convert it to a .cmd file that can be used to bulk uninstall the updates on Marie's list. (I didn't include Marie's monthly rollup list, because I think she only meant to list them, not necessarily uninstall them.)

To use the attached .cmd file, extract it and place it on your desktop. Right-click and choose to "Run as administrator". It will look for any updates on Marie's list and, if found, uninstall them. Finish with a system reboot.

Of course, it would be wise to make a backup image of your OS partition before doing this, just in case uninstalling one of those updates destabilizes your system. I tried the .cmd script on a Win7 VM, with no adverse effects, but better to be safe than sorry.

Thank you for this. I downloaded the updates for the first time in VM. When it finish, I'm going to use the cmd file to check the candidates and uninstall them. I just made up my mind I have to reverse my OS just to harden my host files. The Windows will take charge the browser and email that connects the internet. Then subscribing the free trial of anti-malware programs, and see if I can extend it.

Hi there Marie, Thanks for your feedback of my comments. I really appreciate it. Maybe you are right just like what happened in our "automate" last election here. There was a controversy that some machine sent information to the server unknowingly during election. In fact the senate want to investigate this allegation.

For me, I just wondering asking question based on my understanding for what I read of some articles about cyber thief, most of the details is because of a middle man. And all I know when it comes to hardware memory is basically needs an expensive apparatus to translate the code like in digital forensic device. Anyway, I'll try to search other browser you say :)

dg1261 said:

To use the attached .cmd file, extract it and place it on your desktop. Right-click and choose to "Run as administrator". It will look for any updates on Marie's list and, if found, uninstall them. Finish with a system reboot.

The internet explorer 10 was gone, I have to reinstall it again since we have a program used for taxes need IE9 or IE10.

Botard said:

Hi there Marie, Thanks for your feedback of my comments. I really appreciate it. Maybe you are right just like what happened in our "automate" last election here. There was a controversy that some machine sent information to the server unknowingly during election. In fact the senate want to investigate this allegation.

For me, I just wondering asking question based on my understanding for what I read of some articles about cyber thief, most of the details is because of a middle man. And all I know when it comes to hardware memory is basically needs an expensive apparatus to translate the code like in digital forensic device. Anyway, I'll try to search other browser you say :)

It's good to be curious, the more questions asked, the more you learn. Sometimes some may be annoyed by asking, but it's worth as long as you, I and everybody accept if people not want to answer sometimes
I'm extremely curious, so I've learned a lot over the years.