January 3, 2018 - KB4056897 (Security-only update) Windows 7

Seffrid · 09 Jan 2018

All the troublesome Meltdown patches have today been pulled by Microsoft in respect of what they describe as (but do not define) all devices with impacted AMD processors. Needless to say, they're blaming AMD for the mess despite having themselves tried to patch AMD machines when the Meltdown threat only significantly affects Intel machines.

Nitesco · 09 Jan 2018

LevelBest said:

I still have not installed this update.

I've seen on the news this morning that intel processors are at risk from the Meltdown issue but patches/updates (?) are being issued for intel processors that are up to five years old. My trusty laptop is 6 years plus old.

Then there's the issue of whether McAfee have released the update for the registry part.

I don't know whether to install this update or not, even if I do, will it protect my laptop and now given this latest intel issue, whether it could potentially wreck my laptop.

Can anyone help?

LevelBest

I'm holding off on updating for the same reasons. I have an older Intel CPU, but for the amount of issues that I've seen happen with other CPUs, I'm waiting for more details and possibly another updated patch before I go any further. More so after spotting this news with some Windows 7 users getting BSODs as a result of the 2018-01 Monthly Rollup: Buggy Win7 Meltdown patch KB 4056894 throwing blue screens | Computerworld

In any case, I'm definitely keeping a close eye on any news with this issue.

LevelBest · 09 Jan 2018

Thanks, at least I'm not the only one. That link is really concerning with the number of people affected. I think the main problem is that there are several different issues/fixes needed; Microsoft, anti-virus software and processors with Microsoft putting out an update without knowing whether the anti-virus is ready for the update.

How does the processor get fixed (for those that have processors that are five years old or less)? Does than come via a windows update or a software update in the background or do users have to update themselves? Also, what of the peeps who have processors that are more than five years old. I've seen no references as to what they're supposed to do.

I'm going to hang fire until I see how this pans out.

LevelBest

Brds7t7 · 09 Jan 2018

LevelBest said:

Thanks, at least I'm not the only one. That link is really concerning with the number of people affected. I think the main problem is that there are several different issues/fixes needed; Microsoft, anti-virus software and processors with Microsoft putting out an update without knowing whether the anti-virus is ready for the update.

How does the processor get fixed (for those that have processors that are five years old or less)? Does than come via a windows update or a software update in the background or do users have to update themselves? Also, what of the peeps who have processors that are more than five years old. I've seen no references as to what they're supposed to do.

I'm going to hang fire until I see how this pans out.

LevelBest

If it's one of the processors that Intel has promised to fix then I think it'll most likely be a firmware/BIOS update needed, along with Windows update. Keep an eye out on both Intel and the manufacturer of your PC/Board.

If it's an older CPU - then you'll have to just rely on the software updates to patch it.

The ideal solution would be both BIOS and software updates, but if that isn't an option the software update should be enough.

Riley7 · 09 Jan 2018

I think I read something here that stated the January security only update does not include patches for the meltdown issue. Only the monthly rollup has them.
Do I understand this correctly?

This Intel security issue has me confused. I run a core2 duo from 2009 and doubt there will be an update from Intel for it.

Any comments appreciated.

Brds7t7 · 09 Jan 2018

The Security fixes in the rollups should be the same as the Security-only update - that's how it's been for every previous month's updates. They've always included the same security fixes, just the rollups have other fixes or added "features" included in the patches.

lehnerus2000 · 09 Jan 2018

Seffrid said:

All the troublesome Meltdown patches have today been pulled by Microsoft in respect of what they describe as (but do not define) all devices with impacted AMD processors. Needless to say, they're blaming AMD for the mess despite having themselves tried to patch AMD machines when the Meltdown threat only significantly affects Intel machines.

Someone has to protect poor defenceless Intel.

A generic question about pulled patches.
If MS pulls a patch, should users uninstall the patch, even if is not causing issues?

Anak · 09 Jan 2018

I wouldn't.

Searching your question (google): If MS pulls a patch, should users uninstall the patch, even if is not causing issues? comes with different answers. Usually MS will announce either publicly or at the beginning of the patch process whether or not you should uninstall before applying a corrected version of the same update/patch.

The ones I'd have some concern about are the ones that D/L'd the standalone patch through the update catalog but if MS is up to speed

that scenario should also be covered by an installer that checks your logs and if it finds an older version of itself it should/would be removed before the updating.
The same goes for doing the patch through Win Updates, but in this day and age of computing it seems that all bets are off and the best defense is to remain vigilant.

ethel · 10 Jan 2018

Hi Everyone, Today I have been offered the Windows Malicious Software Removal Tool x 64 January 2018
(KB890830) and it is the only update Microsoft has offered, it downloaded and installed, but when I open
it, it does not run. I am using Panda Free Antivirus, I have a key under Quality Compat, but it only looks
like part of the key. I normally install the Quality Monthly Rollups but it does not look like it is being offered
this month.

Anak · 10 Jan 2018

Hi ethel,

When you installed the MSRT (Malicious Software Removal Tool) did you notice that it took awhile to finish and close out windows updates? If it did that indicates that it ran; The MSRT will automatically run after installation without any intervention from the user, and it's designed to purge itself after running.
I'm close to doing my updates and I'll post back on how it went.

January 3, 2018 - KB4056897 (Security-only update) Windows 7-011018.png

According to this site Panda was supposed to have the key ready on the 9th scroll down a bit to see panda on the left and it looks like they did by your screen shot. In all the posts I've seen that key never describes what AV set it, it is enough to know that it is there. You can also check the link to panda on the far right for more.

To check the name go back to the key and do you see the faint vertical line?

January 3, 2018 - KB4056897 (Security-only update) Windows 7-quacom.png

Place your cursor over it until it changes to this

January 3, 2018 - KB4056897 (Security-only update) Windows 7-qualcom1.png

then double click to expand the column, that should enable you to view the whole name. That column line can also be expanded by click/and hold then drag to the right to expand.

I haven't seen any mention of the QMR (Quality Monthly Rollups). MS has been so busy getting the out of band update on the 3rd ready they may forgo the QMR. Because of the Intel situation I wouldn't doubt IMHO that updates will be in a state of turmoil for at least another couple of months.