Latest Nov. 10 updates - KB3081320, KB3101246, KB3101746 - Necessary?

I recently retired a home network of XP machines that were routinely patched with an installed antivirus product. In 7 years, I never experienced a BSOD nor a malware infection on any of them. Nevertheless, I felt I was living on borrowed time, consequently I heeded the call to upgrade to a more secure OS, and took the plunge to Win 7.

I did a clean install of Win 7 SP1 on new hardware starting Nov. 1, seeking to have the machines fully patched before Microsoft's 2nd Tuesday of the month updates. I met my objective, but during the patching process I discovered that some of the updates were related to making my machines ready for Win 10, which I had not yet decided to install. This discovery led me to sevenforums.com which has become in a short period of time a valuable resource. Thanks, guys!

The Nov. 10 updates came through as expected, but unfortunately, they were installed before I had a chance to examine why they were needed. Although my WU settings were set to download but do not install, the updates installed without user intervention. I have since changed the WU settings to do not download. I will see if that works any better.

As to the issue of the thread. Three of the downloads are related, KB3081320, KB3101246, KB3101746. They appear to deal with a vulnerability - man-in-the-middle (MiTM) attack - using the TLS protocol. The
bulletin for KB3081320 indicates that a manual registry modification is necessary.

My question is: What is really the risk of not installing any of these three updates?

Hi slipkid & welcome to sevenforums. Risk of not installing is you leave your machine open to attack. I install all security patches. I pick & choose the optional. I attached a batch file with questionable updates. 3 are telemetry tracking. If you wish to look at the code & the KB's involved, right-click choose>edit.

Additional research on these updates revealed that they were targeted to both Win 7 and Win 8.x installs. I decided to install all three on 11/10/15, and as of today, no ill effects to my machines have been noticed.

I appreciate the bat file you provided for removal of certain questionable and telemetry updates. I have been monitoring the windows update thread and have already removed quite a few updates that senior members of the forum suggested should be uninstalled. I will cross-reference your list with my WU installed list to see if I have missed anything.

Thanks for your help.

You can always edit the batch file & add or remove the KB's as you wish. If the KB isn't isn't installed it will just continue no error message. Just remember to include the ":" KB:xxxxxx

Willco.

Awesome

Please mark your thread RESOLVED.

Happy Computing!